Hello Chums...
I am just wondering if anyone else has got this thoroughly nasty piece of software nesting inside their computer....
"bProtect"...or "bProtector".

It can be spotted, using Ctrl+Alt+Delete to bring up the Task Manager.
It will probably contain two entries.
Quote:
bProtector is DEFINITELY a virus.  It is cleverly 'signed' (fraudulently) with a GoDaddy certificate and makes you think that it is a legitimate file by sitting hidden away in nested files.  If you delete it, it replicates itself within seconds.  If you plug in a usb memory stick or other offboard device, it replicates itself there also.  It is associated with the Babylon plugin.
Most virus software and malware checkers do NOT catch it due to it's clever setup.  I have gotten rid of it manually several times, but it seems to find it's way back somehow.  Still working on how to prevent it from reappearing.  What would make that simple is if the virus and malware programs would add it to their list and prevent it from getting access.
The person who posted that it 'obviously' was not a virus because it was on World of Warcraft most likely has a pirate copy of WoW as this worm travels freely within the pirated files domain...so beware!!
End Quote.

I don't know how I got it, (some time ago), but it is now giving me all sorts of grief.
It runs constantly in the background, slowing everything down, and also prevents a normal Shut Down process, (A Shut-down always has to be "Forced" when the process hangs, with the HDD cycling!).
It is impossible to delete, and just re-spawns if attempted to do so.
It does not appear anywhere as a; "File".

No Virus/Malware/Spyware checkers can spot it, and remove it!
A recent scan:
Starting master boot sector scan:
Master boot sector HD0
    [INFO]      No virus was found!
Master boot sector HD1
    [INFO]      No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
    [INFO]      No virus was found!
Boot sector 'F:\'
    [INFO]      No virus was found!

Starting search for hidden objects.
c:\progra~2\bprote~1\22463~1.83\protec~1.dll
c:\ProgramData\bProtectorForWindows\2.2.463.83\protector.dll
  [NOTE]      The registry entry is invisible.

Note the description; "Invisible"!

Have a peek in your Computer...Anyone else got it?

Paul... ...!

Steve M wrote on Sep 23^rd, 2012 at 8:57am:


I read that, amongst many other of methods of removing it, but the method described seemed more dangerous, (involving the Registry),  than the actual program itself!

It certainly is a very nasty little bugger, and everyone effected by it seems to find it impossible to get rid of, apart from a complete HDD re-Format!

A Google search for "bProtect" reveals the nightmare!

Paul...in the middle of a "Nightmare"... ...!

At the moment it is occasionally freezes my Firefox Browser for short periods...running in the background!

Bass wrote on Sep 23^rd, 2012 at 9:43am:


..... ....Goodness knows!

The annoying thing is, that none of the Anti-Virus, Mailware, Spyware, etc, programs detect it, and it is not listed in any of their search engines!
In every Computer location that I delete it, it re-appears somewhere else, instantly!

Paul...Its WAR I tell you.....ITS WAR!!... ...!

Well Fozzer, as you said, its war
Have you tried the hitmanpro from my link?