System Progressive Protection virus
by Culwch - 10/19/12 12:24 PM
I'm a long-time user of Avira free antivirus. Lately, I've been encountering the "System Progressive Protection" virus/trojan, posing as a legitimate antivirus program; it found its way into a family member's laptop twice now, and I trust them when they say they didn't visit any phony websites nor downloaded dubious software - they use their PC mainly for mail, browsing news sites and youtube. Their system is set up for automatic updates (Windows, Avira, Java, Adobe etc.), so I'm fairly certain it's mostly up to date. Why wasn't the intrusion detected and stopped by the antivirus application? I've tried googling some answers on how to remove it; in your professional opinion, are sites like "malwaretips.com" (and many others, found by googling the "progressive protection virus" and similar queries) trustworthy enough to follow their advice on removing it? They require a download of an .exe file (removal tool renamed to iexplore.exe), and while the science behind it seems sound to me (an advanced PC user with more than 15 years of experience), they are no Symantec for me to trust their advice without double-checking.
I was actually surprised to find that searching "progressive protection" (and similar terms) on Symantec and other respectable security websites returned no hits whatsoever.
So far, going into service mode and deleting the phony antivirus from the disk (it's kind enough to set up a shortcut on the desktop, leading to ProgramData/LongRandomStringDirectory/) seems to have worked for now, but it's the second time in 3 months that I've encountered it. As far as I remember the last time, in-depth antivirus scan done after implementing my solution did not find anything to report.
Thank you for your answers,