Author Topic: Win32:bprotect-d trj  (Read 14649 times)

0 Members and 1 Guest are viewing this topic.

Gullymar

  • Guest
Win32:bprotect-d trj
« on: January 19, 2014, 05:29:46 PM »
Hey guys,

I recently had a scan via Avast where Win32:bprotect-d trj was detected. I wasn't able to remove it nor to block or repair.

Attached I have the mbam, OTL and aswMBR-Logs. Can you help me? Do you need further information?

Best regards beforehand!

Offline TwinHeadedEagle

  • Malware Removal Expert
  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2987
    • Zemana
Re: Win32:bprotect-d trj
« Reply #1 on: January 19, 2014, 05:44:51 PM »
Please download Farbar Recovery Scan Tool () by Farbar and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.


  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
My help is free, however if you'd like to show your appreciation by leaving a donation, it will be much appreciated ------> DONATE

Gullymar

  • Guest
Re: Win32:bprotect-d trj
« Reply #2 on: January 19, 2014, 06:19:12 PM »
Hi thanks, see attached the FRST.txt.

Best regards

Offline TwinHeadedEagle

  • Malware Removal Expert
  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2987
    • Zemana
Re: Win32:bprotect-d trj
« Reply #3 on: January 19, 2014, 08:03:10 PM »
Download attached fixlist.txt to your Desktop.
NOTE: => It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.


Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.

The tool will make a log on the Desktop (Fixlog.txt). Please attach it to your reply.
Note: If the tool warned you about the outdated version please download and run the updated version.


====================================================================


Please download AdwCleaner by Xplode and save to your Desktop.

Double click on AdwCleaner.exe to run the tool.
  • Click on the Scan button.
  • After the scan has finished click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.

  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Post logfile will also be saved in the C:\AdwCleaner folder.
=============================================================


Download TDSSKiller  and save it to your desktop

  Execute TDSSKiller.exe by doubleclicking on it.
Confirm "End user Licence Agreement" and "KSN Statement" dialog box by clicking on Accept button.
  • Under Additional options check the boxes next to:
    - Verify Driver Digital Signature;
    - Detect TDLFS file system
    - Use KSN to scan objects
  •   Press Start Scan
  •   If Suspicious object is detected, the default action will be Skip, click on Continue.
  •   If Malicious objects are found, select Cure.
Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please post the contents of that log in your next reply.
My help is free, however if you'd like to show your appreciation by leaving a donation, it will be much appreciated ------> DONATE

Gullymar

  • Guest
Re: Win32:bprotect-d trj
« Reply #4 on: January 20, 2014, 10:02:40 PM »
Hey,

thanks for the quick reply. Have done it all, please see the attached logs.

Best regards

Offline TwinHeadedEagle

  • Malware Removal Expert
  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2987
    • Zemana
Re: Win32:bprotect-d trj
« Reply #5 on: January 20, 2014, 10:07:27 PM »
Run FRST and attach fresh report. Tell me how is the situation now?
My help is free, however if you'd like to show your appreciation by leaving a donation, it will be much appreciated ------> DONATE

Gullymar

  • Guest
Re: Win32:bprotect-d trj
« Reply #6 on: January 21, 2014, 08:52:05 PM »
Hey,

I made a scan with FRST, attached you find the log. Anything unusual?

Best regards

Offline TwinHeadedEagle

  • Malware Removal Expert
  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2987
    • Zemana
Re: Win32:bprotect-d trj
« Reply #7 on: January 21, 2014, 09:01:39 PM »
Report looks clean, do you still have a warning?
My help is free, however if you'd like to show your appreciation by leaving a donation, it will be much appreciated ------> DONATE

Gullymar

  • Guest
Re: Win32:bprotect-d trj
« Reply #8 on: January 21, 2014, 09:18:16 PM »
Hey,

thanks no don't have a warning anymore. If it looks clear I'll now wait and see and if the problem seems to continue I'll catch up with you. Thank you very much for the help.

Best regards

Offline TwinHeadedEagle

  • Malware Removal Expert
  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2987
    • Zemana
Re: Win32:bprotect-d trj
« Reply #9 on: January 22, 2014, 08:58:51 AM »
Please download DelFix by "Xplode" to your Desktop.

Run the tool and check the following boxes below;
  • Remove disinfection tools
  • Create registry backup
  • Purge System Restore

Now click on "Run" button. Wait for the programme completes his work.
All the tools we used should be gone.
Tool will create and open an log report (DelFix.txt)
Note: The report will also be stored on C:\DelFix.txt


> I don't need DelFix log report.
My help is free, however if you'd like to show your appreciation by leaving a donation, it will be much appreciated ------> DONATE

m3wh

  • Guest
Re: Win32:bprotect-d trj
« Reply #10 on: February 13, 2014, 06:36:41 PM »
I too have this virus and have been following your instructions, here are my log reports but the TDSSKiller didnt produce a log file for me to attach, it did say that no threats were found however.
« Last Edit: February 13, 2014, 06:39:44 PM by m3wh »

m3wh

  • Guest
Re: Win32:bprotect-d trj
« Reply #11 on: February 13, 2014, 06:47:24 PM »
Attached are the second reports after following the instructions

Offline TwinHeadedEagle

  • Malware Removal Expert
  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2987
    • Zemana
Re: Win32:bprotect-d trj
« Reply #12 on: February 13, 2014, 07:01:40 PM »
Hi,



Please download zoek.zip or zoek.rar by smeenk () from here or here and save it to your Desktop.
Unpack the archive...
  • Close any open browsers
  • Temporarily disable your AntiVirus program. (If necessary)
    If you are unsure how to do this please read this or this Instruction.

  • Double click on zoek.exe to run the tool .
    Please wait for the tool to start...

  • Copy the text present inside the code box below and paste it into the large window in the zoek tool:
Code: [Select]
StandardSearch;
  • Click on button.
    Please wait until a logreport will open (this can be after reboot)

  • Save notepad to your Desktop and attach here zoek-results.log
    Note: It will also create a log in the C:\ directory named "zoek-results.log"
My help is free, however if you'd like to show your appreciation by leaving a donation, it will be much appreciated ------> DONATE

m3wh

  • Guest
Re: Win32:bprotect-d trj
« Reply #13 on: February 13, 2014, 07:27:20 PM »
its saying web page not available, none of those links work
« Last Edit: February 13, 2014, 07:51:43 PM by m3wh »

Offline TwinHeadedEagle

  • Malware Removal Expert
  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2987
    • Zemana
Re: Win32:bprotect-d trj
« Reply #14 on: February 13, 2014, 08:07:55 PM »
My help is free, however if you'd like to show your appreciation by leaving a donation, it will be much appreciated ------> DONATE