Results 1 to 5 of 5

Thread: Protection System

  1. #1
    tesarver Guest

    Default Protection System

    PC has been infected by a malware Called Protection System. It loads itself onto your hard drive, then startsup on bootup. It is a fake Firewall/Virus program & dispalys a window that looks like a Mircosoft Security Center that then informs you that it had detected a virus on your PC. If you click on the warning for more information, it takes you to a website that asks you to purchase the program. If that is not bad enough it then starts doing popup messages that says it is finding additional viruses on your PC.

    I have comb through the PC & removed what I thought was all of the files that are associated with the program & removed any parts of it from the registery, & done a scan on the PC using Zone Alarm & found nothing.

    THought that I cleared it all, but it has recreated itself again. So my threee questions are:

    1) Has anyone else encountered this malware?

    2) If yes, how did you remove it?

    3) How can you prevent that malware from reloading itself after you have cleaned it, keeping in mind that Zone Alarm missed it in the 1st place?

    Thanks

    Tom Sarver

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,290

    Default Re: Protection System

    Hi!
    follow ALL steps as described in the sticky post above.

    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    tesarver Guest

    Default Re: Protection System

    Thanks for the quick reply, I will be trying that. But I was wondering how it go loaded on the PC in the 1st place & what settings do I need to make in Zone Alarm so that this will not happen again?

    Thanks

    Tom Sarver

  4. #4
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,290

    Default Re: Protection System

    Hi!
    version of ZA? Number? Extreme version? Virtualization was ON? Frequency of updates? You are the only person using the system? Usually you need to voluntarily install an executable into the system.

    How it works: You receive a fake warning, you save and install the malware and your are f.... Unfortunately, there is no protection from voluntary action of the user.

    NEVER beleive messages other than ZA about viruses or malware, set a low frequency of updates (=often), never say always OK/allow to ZA messages. Read them, understand them and act consecuently.

    If someone else is using the PC, make him/her log with a limited privilegies account. VISTA is ideal for this.

    Hope this helps.

    Cheers,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  5. #5
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,290

    Default Re: Protection System

    Hi!
    version of ZA? Number? Extreme version? Virtualization was ON? Frequency of updates? You are the only person using the system? Usually you need to voluntarily install an executable into the system.

    How it works: You receive a fake warning, you save and install the malware and your are f.... Unfortunately, there is no protection from voluntary action of the user.

    NEVER beleive messages other than ZA about viruses or malware, set a low frequency of updates (=often), never say always OK/allow to ZA messages. Read them, understand them and act consecuently. Do not pile up security tools one over the other. Use only one and learn how to use it.

    If someone else is using the PC, make him/her log with a limited privilegies account. VISTA is ideal for this.

    Hope this helps.

    Cheers,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •