pcindanger.com SPYWARE REMOVAL AND PROTECTION | HOME
Spyware!

VirusProtect. Removal Help

What is VirusProtect?
It belongs to fake anti-spyware software category and usually infects the system by downloading corrupt video codec, which are necessary for video content review. Some suspicious websites play a trick on visitor and ask to download corrupt video codec, which is bundled with trojan infection, in this instance - Trojan.Zlob. VirusProtect is directly installed by Trojan.Zlob and shows assumed and exaggerated "computer has been infected" alerts in order to scare user and convert software download into purchase. After VirusProtect has been installed on PC it will immediately start computer scan for malware and in the end generates report asking for licensed program version in order to remove found threats. Mind that, even after the purchase it will not remove spyware as promised!
Also known as Virus Protect 3.8 (or 3.9 version). In fact it is renewal of a past threat VirusProtectPro

Related threats: VirusHeat, VirusRay, AntiVirGear, SpywareQuake
Screenshot:

VirusProtect
How to remove VirusProtect
Tip. Manual spyware removal is a complicated and unadvisable procedure for inexperienced user. Pcindanger is suggesting automated and secure VirusProtect removal:

1. Download "Spyware Doctor".

2. Install program on your computer (how to install Spyware Doctor?).

3. To perform computer scan press Start Scan button. Wait till scan is over and report is generated.

4. Proceed by pressing Fix Checked button to delete VirusProtect.

5. Need Spyware + Virus protection? Download Spyware Doctor with AntiVirus.
VirusProtect Entries
The following dll files are created: axdpfl.dll, chzbi.dll, cjuvwa.dll, e404d.dll, ezzhjmt.dll, fftktmk.dll, fsehfcu.dll, gnjsjc.dll, ivrllc.dll, moywh.dll, ncrjf.dll, ofcpi.dll, qhcvdw.dll, rldyt.dll, svxmhpz.dll, tvtpwp.dll, ucmbegr.dll, uglgs.dll, wowlze.dll, wygomd.dll, ymmzwd.dll, zcwlnic.dll.
The following exe files are created: VirusProtect 3.8.exe, VirusProtect 3.9.exe.
Hijackthis Entries:
O4 Entries:
O4 - HKLM\..\Run: [VirusProtect 3.8] "C:\Program Files\VirusProtect 3.8\VirusProtect 3.8.exe" /h
O4 - HKLM\..\Run: [VirusProtect 3.9] "C:\Program Files\VirusProtect 3.9\VirusProtect 3.9.exe" /h

O22 Entries:
O22 - SharedTaskScheduler: doglike - {3750da11-9b0c-4a75-9c8a-bbcbfcd1ccea} - C:\WINDOWS\System32\fftktmk.dll
O22 - SharedTaskScheduler: groutiest - {d653e105-3e53-480a-b129-54d957d174bb} - C:\WINDOWS\system32\ucmbegr.dll
O22 - SharedTaskScheduler: haeckel - {8373a2e0-bdd0-42bd-b4ec-ba5451eb6607} - C:\WINDOWS\system32\moywh.dll
O22 - SharedTaskScheduler: bayoneting - {e221f0dc-2696-4b2e-bd63-25b33dc19b6e} - C:\WINNT\System32\wygomd.dll
O22 - SharedTaskScheduler: bemocked - {b0883848-1466-4470-a418-3fe7d36694b9} - C:\WINDOWS\system32\rldyt.dll
O22 - SharedTaskScheduler: ineffulgent - {b585105c-0e84-4ef0-9c6a-fbe134a72945} - C:\WINDOWS\system32\ivrllc.dll
O21 - SSODL: E404Helper - {d9f0cf95-2ef5-4ab8-b6b6-d5125a581b43} - e404d.dll
O22 - SharedTaskScheduler: dimanganous - {3ae12a89-2063-409b-87f2-f809a6e76862} - C:\WINDOWS\system32\chzbi.dll
O22 - SharedTaskScheduler: arsenicism - {075a465d-0af2-4b79-8db3-2fda0fd8d74c} - C:\WINDOWS\system32\ymmzwd.dll
O22 - SharedTaskScheduler: edgers - {d66c22b6-2217-4d1a-9a90-1a54de1fc706} - C:\WINDOWS\system32\zcwlnic.dll
O22 - SharedTaskScheduler: graphologists - {76fbb79c-2ec6-4962-a324-fd4362588e1c} - C:\WINDOWS\system32\uglgs.dll
O22 - SharedTaskScheduler: caribi - {8b87dcc7-9b89-4205-aa82-076b2a1edfe0} - C:\WINDOWS\system32\ncrjf.dll
O22 - SharedTaskScheduler: eaton - {d8b937a4-cdad-497b-a872-8da7c4c3ef6f} - C:\WINDOWS\system32\tvtpwp.dll
O22 - SharedTaskScheduler: geosphere - {c0ca766d-060c-48e1-b536-205e321bd174} - C:\WINDOWS\system32\wowlze.dll
O22 - SharedTaskScheduler: disgorging - {0123eb75-964c-4cb3-b796-431cc9099570} - C:\WINDOWS\system32\cjuvwa.dll
O22 - SharedTaskScheduler: cariniana - {5c770fbc-cc2f-4acd-93e8-e6f0594307fd} - C:\WINDOWS\system32\gnjsjc.dll
O22 - SharedTaskScheduler: ficklety - {e31f5c72-8e0d-4921-8375-9573746c170c} - C:\WINDOWS\System32\ezzhjmt.dll
O22 - SharedTaskScheduler: end - {aaad3a22-1c07-45f5-bfb3-e9a8c3b382fe} - C:\WINDOWS\system32\fsehfcu.dll
O22 - SharedTaskScheduler: hemoglobinometries - {c7cd9e83-3bf6-47f8-b2e2-b114c96c1888} - C:\WINDOWS\system32\qhcvdw.dll
O22 - SharedTaskScheduler: ablator - {fce1c203-ff2b-4ec1-9983-e2900d29bbd8} - C:\WINDOWS\system32\axdpfl.dll
O22 - SharedTaskScheduler: esperantido - {67dc0736-075a-4647-95f5-d5421b838fed} - C:\WINDOWS\system32\svxmhpz.dll
O22 - SharedTaskScheduler: cured - {7265100a-17e1-41bf-bd08-63b95a25a9c3} - C:\WINDOWS\system32\ofcpi.dll
Bookmark this page


Tutorial by pcindanger.com. All data on pcindanger.com copyrighted. Contact us: webmaster@pcindanger.com
© 2007-2008