Tech Problem Aggregator

Spyware, Malware Scanner, Cleaner.

Q: Spyware, Malware Scanner, Cleaner.

Does anyone know of a good program, ( freeware ) for the above mentioned?
chuck

A: Spyware, Malware Scanner, Cleaner.

Hi chuck, there's a few choices to consider....

MalwareBytes https://www.malwarebytes.org/

SuperAntispyware: http://www.superantispyware.com/

2 more replies

I am trying to remove these programs from a mates pc. Im not an expert at this stuff but have a bit of experence. have used a program called smit fix which i ran in safe mode, it told me it had deleted the bloody thing but on rebooting its still there.... HELP SOMEONE!!!!!!

A:Error cleaner/ privacr protector/ drive cleaner and spyware and malware protertor

The spyware removal thread is HERE

1 more replies

Hi White Knights, Good Guys and Gals,

My PC was attacked, likely through Internet Explorer today, since I haven't downloaded anything. The following are is the list of Malware that XP Security Center has notified:

=email-worm.win32.netsky.q
=rootkit.win32.agent.pp
=backdoor.win32.kbot.al
=net-worm.win32.mytob.t
=net-worm.win32.dipnet.d
=virus.win32.hala.a
=virus.win32.gpcode.ak

and Trojan Remover has identified
c:\windows\system32\vacinit.dll

and Mcafee
NTROSKRN... (rootkit trojan)

The program "Protection Systems" continues to pop up prompting me to buy along with random IExplorer bombs despite having removed it from programs. The system regularly freezes when I employ anti-malware programs.

I have attempted to use in normal and safe operating mode (Mcafee from safe command prompt)
=Mcafee VirusScan Enterprise (halts early in operation, Identifies NTROSKRN and 11 cookies)
=Stopzilla (Halts early in operation)
=Malwarebytes(fails to open even with changed name)
=Rooter Malware Finder (Eric_71) (operates results indeterminant)
=Trojan Remover (Runs. results indeterminant)

I am not in a good position to format the PC (in the wilderness).

Any advice what is preventing these malware programs from operating?

Thanks, and happy to repay the favor particularly if you like homebrew since PC wars arent my specialty!

Lookingtree

DDS (Ver_09-06-26.01) - NTFSx86
Run by Iamcomputer at 20:41:08.59 on Wed 07/15/2009... Read more

A:Unknown Attack Disables Malware Scanner/Antivirus/Spyware Scanner

It is important you rename Combofix during the download, but not after.Please do not rename Combofix to other names, but only to the one indicated.Close any open browsers.Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
-----------------------------------------------------------Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
-----------------------------------------------------------Close any open browsers. WARNING: Combofix will disconnect your machine from the Internet as soon as it startsPlease d... Read more

2 more replies

I have read several posts regarding Ucleaner and spyware. I am having similar problems:

-- There are three new icons on my desktop: (1) Error Cleaner (2) Privacy Protector (3) Spyware&Malware Protection. When mousing over these icons, the popup window indicates that they lead to "http://viruswebprotect.com/shandler/php?..."

-- I periodically get pop up icons that say "someone is trying to attack my computer" and there was a message that stated "Win32.netsky worm has infected my computer"

I have completed the five steps listed in the "before you post" thread. The only deviation from that is that I already have Windows XP SP2 installed. Any help would be much appreciated. Thanks.

A:uCleaner Malware / Error Cleaner, Privacy Protector, Spyware&Malware Icons

Bump Bump Bump

1 more replies

Privacy Protector, Error Cleaner and Spyware&Malware protection, it pops up a message saying my computer is infected and keeps opening internet windows even when i change the homepage away from the site it wants to go to. it is really slowing my laptop down, and when u attemp to close the pop ups or delete the desktop icons, it frezzes the laptop and the only way to resolve it is to restart but it just comes back no matter what, norton will not pick it up either. it is causing my laptop start up and loading time to be epic and is making it unusable, this topic has been fixed before by RichieUK on: http://www.bleepingcomputer.com/forums/t/105116/privacy-protector-error-cleaner-spyware-malware-protection/ i have the exact same thing. should i just follow those steps or wait for specific advice for my system? Logfile of Trend Micro HijackThis v2.0.2Scan saved at 00:00:05, on 03/09/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exeC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\S... Read more

A:Malware, Privacy Protector, Error Cleaner And Spyware&malware Protection

27 more replies

This showed up when i started up my computer last night (I'm running XP). My desktop background changed to red with biohazard type logo, windows keep popping up trying to sell me protection, etc. when it first showed up some of my desktop icons dispeared and i couldn't get into my c drive, but that seems to have stopped for the moment.I've run my Kasperskys Antivirus, which says it can't delete it, disinfects it, but doesn't seem to change anything.I've also used System Mechanic 5, Spybot Search and Destroy, Smitfraudfix (i saw this suggested to someone else veiwing another forum- and it seems to work and everything looks good for 5 minutes, but then low and behold it comes right back) plus RegClean, RegistryFix, Tracks Eraser Pro, BugDoctor- to try and clean stuff out- some things seem to get rid of it, but then it returns. I've been looking it up on google to see what other people did, and trying these things, but obviously this strategy hasn't worked. its just given me a headache.I'm out of my depth. I really need help! Thankyou in advance for your wisdom.Here are my dss reports:Deckard's System Scanner v20071014.68Run by Aqua Dragon on 2008-06-08 11:54:45Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore --------------------------------------------------------------Successfully created a Deckard's System Scanner Restore Point.-- Last 5 Restore Point(s) --5: 2008-06-08 15:54:53 UTC - RP230 - Deck... Read more

A:I Have An Error Cleaner, Privacy Protector, Spyware And Malware Protection Problem (virus? Malware? Trojan?)

Hi,Please uninstall the following programs since they are known to cause more damage than anything else:RegistryFix v6.2Bug Doctor 3.0.3.8Reboot afterwards.After reboot, * Please visit this webpage for instructions for downloading and running ComboFix:http://www.bleepingcomputer.com/combofix/how-to-use-combofixThis includes installing the Windows XP Recovery Console in case you have not installed it yet.Post the log from ComboFix when you've accomplished that, along with a new HijackThis log.

2 more replies

The titles listed in the subject line recently appeared on my desktop along with a VERY hijacked machine.

This is a personal home computer.

I tried the five step process and met with the following results:

1) Can not access addd/remove tab - following error message:
Restrictions

2) Can not run Panda ActiveScan - get message "internet explorer cannot display the webpage" when scan window attempts to run, all pop-up blockers disabled

3) Successful instal of both Spyware Blaster and IE-Spyad

4) Could not use windows update - following error message:
Network policy prevents you from using this website to get updates for your computer

5) Deckard's maint.txt log:

Deckard's System Scanner v20071014.68
Run by Daddy on 2008-01-15 17:51:57
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 2 Restore Point(s) --

A:Bad Malware infection - Spy-rid, InfeStop, Easy Spyware Cleaner

SpyBot-SD Just caught a process identified as Virtumonde.crack. I told it to kill the process next time it is encountered.

19 more replies

Below is my log file after running the hijackthis exe.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:21:26 PM, on 3/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\ehome\RMSvc.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\Program Files\Common Files\SafeNe... Read more A:NEED HELP REMOVING Error Cleaner, Spyware & malware icons Hi Welcome to TSG!! Download SDFix and save it to your Desktop. Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix and remove some of its embedded files which may cause "unpredictable results". Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask. Remember to re-enable the protection again afterwards before connecting to the Internet. Double click SDFix.exe and choose Install to extract it to its own folder on the Desktop. Please then reboot your computer in Safe Mode by doing the following : Restart your computer After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually; Instead of Windows loading as normal, a menu with options should appear; Select the first option, to run Windows in Safe Mode, then press "Enter". Choose your usual account. Open the c:\SDFix folder and double click RunThis.cmd to start the script. Type Y to begin the script. It will remove the Trojan Services then make some repairs to the registry and prompt you to press any key to Reboot. Press any Key and it will restart the PC. Your system will take longer that normal to restart as the fixtool will be running and removing files. When the desktop loads the Fixtool ... Read more 3 more replies Answer Match 65.94% i cant get rid of these programs; Error Cleaner, Privacy Protector,and Spyware&Malware Protection. I also keep getting these messages. Can somebody please help me. this is my hjt log file. any help would be great Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:46:54, on 30/12/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe

A:Error Cleaner, Privacy Protector,and Spyware&Malware

Hi Welcome to TSG!!

Please close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix and make sure you are disconnected from the Internet after downloading the program and before scanning.
Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix and remove some of its embedded files which may cause "unpredictable results".
Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
Remember to re-enable the protection again afterwards before connecting to the Internet.

**Note: In the event you already have ComboFix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

Close any open browsers and make sure you are disconnected from the net. Unplug the cable if need be before running ComboFix.

WARNING: IF you have not already done so ComboFix will disconnect your machine from the Internet when it starts.
Please do not re-connect your machine back to the Internet until ComboFix has completely finished.
If there is no Internet connection when Combofix has completely finished then restart your computer to restore the connection.

3 more replies

Hi Guys,In advance i would like to say thanks for your time with this little problem. A friends PC as been infacted with Malware viruses, Keyloggers and olther nasty bugs. I have managed to remove most of the affending items, less the Privacy Protector & error cleaner plus i'm sure there are a few more lurking on the system. They seem to hijack the active desktop, redirect his webpages and download and install system_defender installer which auto runs. There is also a VIRUS ALERT label in the Task Bar area, which also displayes it's shelf on all system mesg boxes.Below are the Kaspersky Log & DSS log.RegardsPaulKASPERSKY ONLINE SCANNER REPORT Tuesday, June 03, 2008 11:45:45 PMOperating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)Kaspersky Online Scanner version: 5.0.98.0Kaspersky Anti-Virus database last update: 3/06/2008Kaspersky Anti-Virus database records: 826461 Scan Settings Scan using the following antivirus database extended Scan Archives true Scan Mail Bases true Scan Target My Computer A:\C:\D:\ Scan Statistics Total number of scanned objects 60330 Number of viruses found 8 Number of infected objects 35 Number of suspicious objects 0 Duration of the scan process 00:47:44 Infected Object Name Virus Name Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All User... Read more

A:Privacy Protector?, Error Cleaner, Spyware&malware,

In the Drivers section click on Non-Microsoft.Under Additional Scans click the checkboxes in front of the following items to select them:Reg - BotCheck
Reg - Software Policy Settings

8 more replies

Okay I did something stupid by downloading & trying to run a program where I didn't know where it was comming from. My fault but now my computer is completely useless & I really need help fixing it. I don't have a bunch of money to take it in to get it repaired so I am hoping I can get some help here.

I mean useless in the fact I can not access Task Manager, I can not RUN anything, they all have disappeared from the menu. If I try to even run Internet Explorer it won't let me. Any program I try to use is immediatly shut down. It runs for like a few seconds then goes away. I am not a computer savy person when it comes to things like this. I really am begging for some help. I have no idea where to begin. I can't download any programs to help me. I can't even access the internet. I have it unplugged from the internet now & am using another computer to write this. Is it even possible to fix my problem now? I'm not sure but there is nothing I have tried that worked. I even had ComboFix on my computer & it wouldn't let me access it. I changed the name of the program & tried it again but then it disappeared from my desktop. I need help please!

More replies

Deckard's System Scanner v20071014.68Run by Alex on 2007-10-22 22:12:30Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore --------------------------------------------------------------Successfully created a Deckard's System Scanner Restore Point.-- Last 2 Restore Point(s) --2: 2007-10-23 02:15:13 UTC - RP2 - Deckard's System Scanner Restore Point1: 2007-10-22 23:55:44 UTC - RP1 - System CheckpointBacked up registry hives.Performed disk cleanup.Total Physical Memory: 510 MiB (512 MiB recommended).-- HijackThis (run as Alex.exe) ------------------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:18:09 PM, on 10/22/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Symantec AntiVirus\DefWatch.exeC:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeC:\... Read more

A:Error Cleaner, Privacy Protector, Spyware And Malware Protection

1 more replies

ok, my cousin has gotten some type of virus/spyware that i can't remove. it has added error cleaner, privacy protector, spyware&malware proctection icons to the desktop that point to a website. here is the hjt log. please let know i need to add anything else. i have already ran avg, stinger, ad-aware, and spyboy s&d to clean up as much i could. i couldn't access the internet to run the online scans.thanks in advance.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 3:29:36 PM, on 3/31/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16608)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\System32\wltrysvc.exeC:\WINDOWS\System32\bcmwltry.exeC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Symantec AntiVirus\DefWatch.exeC:\Program Files\Executive Software\Diskeeper\DkService.exeC:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exeC:\WINDO... Read more

A:Hjt Log For Error Cleaner, Privacy Protector, Spyware&malware Proctection

swebb32_99 Sorry for the delayRe Run HijackthisAt the Main window select "Open the misc tool section"Then select "Open uninstall manager"Then "save list" and save it to your desktopCopy and paste that list as a reply to this thread

27 more replies

This program embedded itself into my system. It changes my desktop and keeps poping up with warnings and websites. It is called Privacy Protector, Error Cleaner and Spyware&Malware protection. I have tried to fix this but have had no luck. I have ran norton, stinger,AVG, spybot, etc. but nothing has worked. Please get this virus out of my computer. Any help you can give would be appreciated!! Below is my hiJack this log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 8:22:16 PM, on 8/21/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exeC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeC:\Program Files\Common Files&... Read more

A:Privacy Protector, Error Cleaner, Spyware&malware Protection

13 more replies

I have picked up some sort of virus that keep bringing up pop-ups pretending to be windows that direct me to websites to buy anti-virus software. It has also changed 3 icons on my desktop to Error Cleaner, Privacy Protector and Spyware & Malware. It has changed my background to a big red picture with a hazard symbol that says "Your privacy is under threat" or something along those lines. I can no longer bring up task manager because it has changed my administrative authority. God knows what else it has changed. I have seen other people have also had this virus. I have followed the steps and got the 3 logs from Panda and DSS. I can post these when you need them. Please help! Thanks in advance. Adam

A:Virus (Error Cleaner, Privacy Protector, Spyware & Malware)

DSS log

Deckard's System Scanner v20071014.68
Run by Adam on 2008-04-15 12:53:06
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --
88: 2008-04-15 11:53:12 UTC - RP191 - Deckard's System Scanner Restore Point
87: 2008-04-14 22:34:55 UTC - RP190 - Installed iTunes
86: 2008-04-14 19:42:46 UTC - RP189 - System Checkpoint
85: 2008-04-13 18:10:06 UTC - RP188 - System Checkpoint
84: 2008-04-12 16:28:17 UTC - RP187 - System Checkpoint

-- First Restore Point --
1: 2008-01-15 20:19:15 UTC - RP104 - Installed Sid Meier's Civilization 4

Backed up registry hives.
Performed disk cleanup.

-- HijackThis Clone ------------------------------------------------------------

Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-04-15 12:54:46
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE

2 more replies

Hi,

Some malware is embedded in my computer. It has messed with my ability to access my drives and has put phony shortcuts on my desktop called "Privacy Protector", "Error Cleaner", and "Spyware&Malware Protection". I also keep getting false windows security alerts saying "Windows has detected an internet attack attempt... Somebody's trying to infect your PC with spyware or harmful viruses. Run full system scan now . . ." and "Spyware Alert - Security Warning! Worm.Win32.NetBooster detected on your machine. This virus is distributed via the Internet through e-mail and Active-X objects. The worm has its own SMTP engine which means it gathers e-mails . . .". It has also taken over my Internet Explorer and keeps trying to open the site virus-webscanner.com/2008/2/freescan.php. I tried to perform the 5 Step Process recommended by your forum but Panda ActiveScan keeps giving me an error and saying try back later. I also cannot update Windows, as my Internet Explorer keeps giving false messages and errors when I try to download Windows updates.

A:Privacy Protector, Error Cleaner, and Spyware&Malware Protection

2 more replies

Hello, i hope someone can help me. About a week ago i recieved these three icons on my desktop: error cleaner, privacy protector, spyware and malware protection. I also had links for each in my favorite places folder in internet explorer. My desktop background was hijacked by a red clickable screen with a warning saying "your privacy is in danger" and would sometimes turn to a completely white background. I recieved numerous pop-ups of fake virus/spyware programs at the same time of infection.

My main virus protection software is Norton, which found nothing. I googled the three viruses and saw numerous forum topics on this matter. I followed the directions most of the tech personnel instructed the poster however obviosly was not allowed to post my logs for review. I installed hijackthis and other programs as many of the users who experienced the problem where instructed to do. Since then error cleaner, privacy protector, spyware and malware protection have been fixed allong with the desktop background and desktop popups. I didn't touch the registry for anything. The problem that persists is now my computer (laptop HP dv2000) runs extremely slow, hotter than usual????, and internet explorer opens on it's own taking me to random websites.

I hope this information helps, could i still be infected? I would REALLY appreciate it if someone could help me, give me some instructions and look at my logs to see if they can find anything.

A:Had Error Cleaner, Privacy Protector, And Spyware/malware Proteciton

1 more replies

I keep having the same problem as the person with this post http://www.bleepingcomputer.com/forums/t/105116/privacy-protector-error-cleaner-spyware-malware-protection/ I have run avast! Spybot Search and DEstroy PC Tools Antivirus, and adaware, but everytime I think I have it all gone, the icons for Privacy Protector, Error Cleaner, Spyware&malware Protection reappear on my desktop, and they are just links to dl some crappy wannabe stuff.. Right now in I have found Win32:Zlob-AJP in C:\System Volume Information\_restore{129201FH-B0AC-49B2-DEB8B913727B\RP1 in A0000033.dll Win32:Adpatrol in C:\System Volume Information\_restore{129201FH-B0AC-49B2-DEB8B913727B\RP2 in A0000294.dll and Win32:Agent-LTS in C:\System Volume Information\_restore{129201FH-B0AC-49B2-DEB8B913727B\RP2 in A0002469.dll and I found those in an avast! bootscan, I don't know what those .dll files are for, so I just put them in the avast! "Virus Chest" but every time something with a virus gets deleted, another one pops back up later and that's when those icons come and popups with virus warnings and and website. PLEASE PLEASE help me get rid of this...

removedtype='text/javascript'>
ipb.global.registerReputation( 'rep_post_767125', { domLikeStripId: 'lik... Read more

A:Privacy Protector, Error Cleaner, Spyware&malware Protection.. Help Get It Off Please

How is you computer running now? Any more reports/signs of infection?

11 more replies

I HAVE WINDOWS XP PRO
GETTING SEVERAL WARNINGS SAYING MY PC IS INFECTED
I CANNOT ACCESS ANY OF MY HARD DRIVES AND AVG IS NOT DETECTING IT!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:40: VIRUS ALERT!, on 9/26/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\PDF Complete\pdfsty.exe
C:\Program Files\PDF Complete\pdfsvc.exe
C:\WINDOWS\SMINST\Scheduler.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www... Read more

Hi Welcome to TSG!!
Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix and remove some of its embedded files which may cause "unpredictable results".
Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
Remember to re-enable the protection again afterwards before connecting to the Internet.

Double click SDFix.exe and choose Install to extract it to its own folder on the Desktop. Please then reboot your computer in Safe Mode by doing the following :
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Select the first option, to run Windows in Safe Mode, then press "Enter".

Open the c:\SDFix folder and double click RunThis.cmd to start the script.
Type Y to begin the script.
It will remove the Trojan Services then make some repairs to the registry and prompt you to press any key to Reboot.
Press any Key and it will restart the PC.
Your system will take longer that normal to restart as the fixtool will be running and removing files.

1 more replies

hi, this is my first time here:)looks like i have caught a virus..my computer constantly freezes and throws up pop-ups. My desktop background has changed by itself, with the words writing, OUR PRIVACY IS IN DANGER! DOWNLOAD PRIVACY PROTECTION SOFTWARE NOW. icons of programs Error Cleaner, Privacy Protector and Spyware & Malware Protection have also appeared on the desktop.Im also geeting a red circle flashing in the right bottom corner. i tried various adwares and spyware but non of them seemed to work. PLEASSEEEE HELP ME DELETE THIS MESS OF MY COMPUTER.here is my Hijackthis LogLogfile of HijackThis v1.99.1Scan saved at 16:32:25, on 28/08/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16512)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\AOL\1179502606\ee\AOLSoftware.exeC:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exeC:\WINDOWS\system32\rundll32.exeC:\WINDOWS\vsnpstd3.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\QuickTime\qttask.exeC:\Program... Read more

A:Helpp!error Cleaner, Privacy Protector And Spyware & Malware Protection.

2 more replies

Got zapped with the above mess the evening of 4/16 and became unbearble on 4/17. Had to do a System Restore back to 4/15 to get a usable system. Things appear to be okay, but want to make sure I get rid of any potential lingering threats. Icons for all 3 are still on the Desktop but appear to be disabled. Not sure if there are any threats that might be ready to blast me unexpectedly.

Ran through all 5 pre-post steps.

Main.txt
Deckard's System Scanner v20071014.68
Run by Larry Guy on 2008-04-18 23:54:42
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --
64: 2008-04-19 04:54:55 UTC - RP738 - Deckard's System Scanner Restore Point
63: 2008-04-19 04:38:32 UTC - RP737 - Software Distribution Service 3.0
62: 2008-04-18 10:27:51 UTC - RP736 - Restore Operation
61: 2008-04-17 06:52:43 UTC - RP735 - System Checkpoint
60: 2008-04-16 02:28:34 UTC - RP734 - System Checkpoint

-- First Restore Point --
1: 2008-01-21 22:37:10 UTC - RP675 - System Checkpoint

Backed up registry hives.
Performed disk cleanup.

System Drive C: has 7.24 GiB (less than 15%) free.

-- HijackThis Clone ------------------------------------------------------------

Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-04-18... Read more

A:Cleanup of Error Cleaner, Privacy Protector, and Spyware&Malware Protection

Hello and welcome to TSF.

Sorry for the delayed response. If you have not received help elsewhere and still need help, please post a fresh HijackThis log, as it has been a while since you posted.

1 more replies

i have tried mcafee virus scan, smit fraud fix, avg spyware scanner, adware spyware scanner with no luck. I get error message that some one is trying to infect my pc with spyware and viruses. internet explorer is not working and has become unresponsive. I took all the steps advised here and now posting hjt log and combofix log here.

hjt log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:32:48 PM, on 3/18/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

A:can not remove error cleaner, privacy protector, spyware and malware protection

Please copy this page to *Notepad* and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.

It's IMPORTANT to carry out the instructions in the sequence listed below.
1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Open *notepad* and copy/paste the text in the quotebox below into it:

Quote:

Killall::

File::
C:\WINDOWS\drnpfdxrqv.dll
C:\WINDOWS\altvxvm.dll
C:\WINDOWS\bokpkov.dll
C:\WINDOWS\drnpfdxrqv.dll
C:\WINDOWS\system32\tmp.reg
C:\WINDOWS\fmsxwqs.exe

Save this as CFScript.txt, in the same location as ComboFix.exe which is on the Desktop.

Refering to the picture above, drag CFScript.txt into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt

*Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall*

3 more replies

hi

have got the following symptoms:

- desktop items appeared
-error cleaner
-spyware & malware protection
-privacy protector
-pop-up windows
-red circle with white cross in system tray
-internet explorer pops up on site www.system-defender.com
-moves between windows as type (makes doing this a real pain!!)

here is the results from deckard system scanner, could not find an extra.txt file

Deckard's System Scanner v20071014.68
Run by Nathen on 2008-04-19 12:42:37
Computer is in Normal Mode.
--------------------------------------------------------------------------------

System Drive C: has 5.97 GiB (less than 15%) free.

-- HijackThis (run as Nathen.exe) ----------------------------------------------

-- HijackThis Clone ------------------------------------------------------------

Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-04-19 12:43:42
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ati2evxx.exe

A:pop-ups+ error cleaner, privacy protector and spyware & malware protection on desktop

Double Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply along with the following log.

This program is for XP and Windows 2000 onlyDouble-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
Click Exit on ... Read more

7 more replies

hi, i have Error Cleaner, Privacy Protector, Spyware And Malware Protection icons on my desktop, and in my favorites under documents and settings. i get spammed with a bunch of fake anti-virus popups now, and i don't know how to get rid of them. system restore doesn't work, and my anti-virus/anti-spyware can't get rid of them. please help

A:Error Cleaner, Privacy Protector, Spyware And Malware Protection. Need Help Removing Please!

See info in link below for using Smitfraudfix unless you have Vista.http://www.bleepingcomputer.com/forums/t/98801/how-to-remove-privacy-protector-or-privacyprotector-removal-instructions/Install Super Antispyware free. Run it in safe mode. Allow it to quarantine whatever it finds. http://www.superantispyware.com/Run the online scan for Bit Defender in normal mode. Allow it to quarantine whatever it finds.http://www.bitdefender.com/scan8/ie.htmlHow to Start Windows in Safe Mode:http://www.bleepingcomputer.com/tutorials/how-to-start-windows-in-safe-mode/ Post back for further instructions after doing the above.

2 more replies

OK for starters i am working on my moms computer that had become severly infected with many virus and spyware. Anti-virus scanners found many of them and got rid of them but the one that put Error Cleaner and Privacy Protector and so on on the computer just will not go away. I am not computer stupid I can get around one ok and i have tried to get rid of this in many ways including searching for and quarantineing suspicious files created on the date the virus and spyware were first detected. Files i have deleted have come back as soon as i restart the machine. I also ran the virus scanners in safe mode to get rid of a few of the infected files that windows locks in normal mode. I do not have any more ideas Please help me

I have used ActiveScan and will include that log

I installed Spyware Blaster, ie-spyad, and Zoned Out to help prevent any further infection.

I have also updated windows

Please let me know of anything else i need to do to help you assist me i figuring out this issue.

Main log from Deckard's System Scanner will follow
and extra log is attached

Panda ActiveScan Log
Incident Status Location ... Read more

A:[SOLVED] Error Cleaner, Privacy Protector, and Spyware& Malware Protection Won't Go

Hello and Welcome to TSF.

I am currently reviewing your log. Please note that this is under the supervision of an expert analyst, and I will be back with a fix for your problem as soon as possible.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please be patient with me during this time.

15 more replies

Hey I have tried all the steps and nothing...I have Error Cleaner, Privacy, and Spyware and malware protection my computer. I tried programs left and right and cant get it off. I usually can get them off but I am lost for words on this one. Ive Downloaded Spyblaster and ie-spyadzo and got nothing. I play Computer games and work on my computer...really tried my patience. I did the DSS.exe thing....

Deckard's System Scanner v20071014.68
Run by Polli on 2008-01-14 00:32:33
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 2 Restore Point(s) --
2: 2008-01-14 06:32:48 UTC - RP2 - Deckard's System Scanner Restore Point
1: 2008-01-14 06:16:23 UTC - RP1 - System Checkpoint

Backed up registry hives.
Performed disk cleanup.

-- HijackThis Clone ------------------------------------------------------------

Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-01-14 00:34:56
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE

A:I have Privacy Protector,Error cleaner, and Spyware and malware protection and popups

Apologies for the delay in responding.

The workload on this forum is intense, and sometimes it is not possible to respond to every inquiry.

Extract the files to the Desktop

~~~~
Start the computer in Safe Mode:When the machine reboots, tap the F8 key before Windows starts
Select the option for Safe Mode using the arrow keys.
Press Enter to boot into Safe Mode.

~~~~
Open SmitfraudFix Double-click smitfraudfix.cmd
Select Option 2 - Clean by typing 2 and press Enter (Deletes infected files)
You are prompted: Do you want to clean the registry? answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection.
The tool also checks if a relevant file, wininet.dll, is infected.
You may be prompted to replace the infected file (if found).
Replace infected file? Answer Y (yes) and hit Enter to restore a clean file.

~~~~
Restart the computer to complete the removal process.

~~~~
Save it to the Desktop

Double-click combofix.exe to run the program
(Don't click on the window while the program is running, it may cause your system to stall.)

When finished, a log, ComboFix.txt, is produced.

~~~~
Run HijackThis once again to obtain a new log.

~~~~
Please post the SmitFraudFix report located at C:\rapport.txt , the ComboFix.txt, and a ne... Read more

1 more replies

Smitfraudfix posted here worked temporarily, but my machine keeps getting taken over by this virus. If anyone can help interpret what i have here, I would appreciate it. Internet explorer changes my homepage without permission to this ucleaner website. This started from a fake myspace blog I opened. I get shortcuts to error cleaner, privacy protector, and spyware-malware protection urls.here is the smitfraud fix log:SmitFraudFix v2.274Scan done at 15:56:58.68, Thu 12/27/2007Run from C:\Documents and Settings\Administrator\Desktop\fixes\SmitfraudFixOS: Microsoft Windows XP [Version 5.1.2600] - Windows_NTThe filesystem type is NTFSFix run in safe mode???????????????????????? SharedTaskScheduler Before SmitFraudFix!!!Attention, following keys are not inevitably infected!!!SrchSTS.exe by S!RiSearch SharedTaskScheduler's .dll???????????????????????? Killing process???????????????????????? hosts127.0.0.1 localhost???????????????????????? Winsock2 FixS!Ri's WS2Fix: LSP not Found.???????????????????????? Generic Renos FixGenericRenosFix by S!Ri???????????????????????? Deleting infected filesC:\DOCUME~1\ADMINI~1\Desktop\Error Cleaner.url DeletedC:\DOCUME~1\ADMINI~1\Desktop\Privacy Protector.url DeletedC:\DOCUME~1\ADMINI~1\Desktop\Spyware?Malware Protection.url DeletedC:\DOCUME~1\ADMINI~1\FAVORI~1\Error Cleaner.url DeletedC:\DOCUME... Read more

A:Error Cleaner-privacy Protector-spyware Malware Urls Reoccurring

Hello juleeeaaa and welcome to BleepingComputer!Apollogies for the delay. The forum has been very busy lately. If you are still having problems please post a brand new HijackThis log as a reply to this topic. Before posting the log, please make sure you follow all the steps found in this topic:Preparation Guide For Use Before Posting A Hijackthis Log.Thanks,Johannes

2 more replies

Please help!! This programs have embedded themselves somewhere in my computer! I was having endless pop-ups and could barely get on the internet, but I purchased the highest Norton Anti-virus available and have managed to clean some of it out, but not all. I still get a tool bar and a popup blocker from them. Also, instead of ads on the webpages, I end up with videos. Please help me clean my computer!!!! Thank you!!

A:Error Cleaner, Privacy Protector & Spyware/Malware hijacking my computer!!

Hello and welcome to TSF

Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.Close all applications and windows.
Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt here.
To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box:C:\Deckard\System Scanner\extra.txt

What DSS will do: create a new System Restore point in Windows XP and Vista.
clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.

===================
Logs Required
C:\Deckard\System Scanner\main.txt
C:\Deckard\System Scanner\extra.txt<---Attached

3 more replies

A:Infected By: "privacy Protector, Error Cleaner, Spyware&malware Protection"

10 more replies

These are the log files in reference to this thread.

Rapport.txt = Smitfraudfix

I have followed all steps in my original thread. When installing spywareblaster i try to run it and get this error message: "This program has been damaged, possibly by a bad sector of the hard drive or a virus. Please reinstall it." and get the same when reinstalling etc.

I have noticed some programs wont open, they give me a message saying file corruped, manipulated by a virus and may be infected, program will not work anymore.

The popups come every couple of hours. When they come up i restart in safe mode and run simtfraudfix, then restart in normal mode and everything is fine for 2/3 hours, then i have to do it again when the popups come.

A:Logs: Error cleaner, Privacy protector, Spyware/Malware protection

These was no minimized extra.txt???

Deckard's System Scanner v20071014.68
Run by LeeAndrew on 2008-01-29 15:38:03
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- HijackThis (run as LeeAndrew.exe) -------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:39, on 2008-01-29
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe

19 more replies

I get these error cleaner/privacy protector/spyware&malware protection icons whenever i reboot my computer..and if I delete them they just come back. I can't access my task manager either. It says "task manager has been disabled by administrator," but this is my computer at home.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 7:08:45 PM, on 5/1/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16640)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\savedump.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exeC:\PROGRA~1\McAfee\MSC\mcmscsvc.exec:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exeC:\PROGRA~1\McAfee\VIRUSS~1\mcods.exeC:\PROGRA~1\McAfee\MSC\mcpromgr.exec:\PROGRA~1\COMMON~1\... Read more

A:Error Cleaner/privacy Protector/spyware&malware Protection Icons

9 more replies

It showed up on my computer as 3 programs - Error Cleaner/Privacy Protector/Spyware & Malware Protection - which have caused a full screen program (as shown in picture - appears to turn my desktop red but is closable by finding the x in the corner) and popups warning me my computer is at risk and that I should download their antivirus/spyware/malware products. I have tried using BitDefender, AVG, Stinger, Ad-Aware, Norton, Spyware Doctor and Spybot Search & Destroy. At times a scan has seemingly gotten rid of the problem but on restart of the computer the problem returns (or sometimes on the second restart). Please help me get rid of this. Logfile of Trend Micro HijackThis v2.0.2Scan saved at 12:54:59 PM, on 9/1/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exeC:\Program... Read more

A:Infected By Error Cleaner/privacy Protector/spyware & Malware Protection

Please. Anyone that can help me out on this?

29 more replies

More replies

Hi,
my friend has this on his laptop. Security warning! Spyware alert, worm.win32.Netsky warning etc.
I have updated all antivirus, spyware and adware applications and run them with no luck.
I have followed the steps for 'if you think you are infected' to remove malware. Any advice would be appreciated.

Deckard's System Scanner v20071014.68
Run by PAUL ANDREWS on 2008-02-07 10:59:05
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --
28: 2008-02-07 10:59:13 UTC - RP202 - Deckard's System Scanner Restore Point
27: 2008-02-07 10:39:02 UTC - RP201 - Spyware Begone! Spy Removal
26: 2008-01-21 23:16:31 UTC - RP200 - Spyware Begone! Spy Removal
25: 2008-01-13 03:57:58 UTC - RP199 - System Checkpoint
24: 2008-01-09 21:10:44 UTC - RP198 - Software Distribution Service 3.0

-- First Restore Point --
1: 2007-10-24 14:33:36 UTC - RP175 - Installed Windows XP KB915865.

Backed up registry hives.
Performed disk cleanup.

Percentage of Memory in Use: 86% (more than 75%).
Total Physical Memory: 503 MiB (512 MiB recommended).

-- HijackThis (run as PAUL ANDREWS.exe) ----------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:00:40, on 07/02/2008
Platform: Windows XP SP2 (WinNT ... Read more

A:[SOLVED] Privacy Protector, Error Cleaner and Spyware&amp;Malware protection

Hopefully problem solved. Thanks to anyone who has worked on this problem which seems to be popping up left right and centre.
Cheers
Mike

1 more replies

Somehow i have error cleaner, privacy protector, spyware and malware protection on my desktop and it has also set my homepage as a fake spyware site. I have tried smitfraud and re-insalling windows but still no luck. I would appreciate any help!

A:Error Cleaner, Privacy Protector, Spyware And Malware Protection. Need Help Removing Please!

16 more replies

Alright, I posted earlier but now I found the real problem. I had malware installed on my computer and it was the Privacy Protector, Error Cleaner, Spyware&malware Protection problem.I just ran SD fix.exe and it found a lot but now that my computer is up, I am still getting the attack messages.I followed the instructions here:http://www.bleepingcomputer.com/forums/t/105116/privacy-protector-error-cleaner-spyware-malware-protection/These are the results of my fix:SDFix: Version 1.205 Run by Administrator on Tue 07/15/2008 at 06:26 AMMicrosoft Windows XP [Version 5.1.2600]Running From: C:\SDFixChecking Services :Restoring Default Security ValuesRestoring Default Hosts FileRestoring Windows ProductId To Remove Fake Virus AlertRebootingChecking Files : Trojan Files Found:C:\Documents and Settings\user\Desktop\Error Cleaner.url - DeletedC:\Documents and Settings\user\Favorites\Error Cleaner.url - DeletedC:\Documents and Settings\user\Desktop\Privacy Protector.url - DeletedC:\Documents and Settings\user\Favorites\Privacy Protector.url - DeletedC:\Documents and Settings\user\Desktop\Spyware&Malware Protection.url - DeletedC:\Documents and Settings\user\Favorites\Spyware&Malware Protection.url - DeletedC:\WINDOWS\system32\s.bat - DeletedC:\WINDOWS\EPEB.EXE - DeletedRemoving Temp FilesADS Check : Final Check :catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2008-07-15 06:39:03Windo... Read more

A:Privacy Protector, Error Cleaner, Spyware&malware Protection - Just Finished Using Sdfix.exe - Someone Let Me Know If I...

My ComboFix log:ComboFix 08-07-13.11 - user 2008-07-15 6:56:27.1 - NTFSx86Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.616 [GMT -4:00]Running from: C:\Documents and Settings\user\Desktop\ComboFix.exeWARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!.((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))).C:\Documents and Settings\user\Application Data\inst.exeC:\Documents and Settings\user\Desktop\Error Cleaner.urlC:\Documents and Settings\user\Desktop\Privacy Protector.urlC:\Documents and Settings\user\Desktop\Spyware&Malware Protection.urlC:\Documents and Settings\user\Favorites\Error Cleaner.urlC:\Documents and Settings\user\Favorites\Privacy Protector.urlC:\Documents and Settings\user\Favorites\Spyware&Malware Protection.urlC:\WINDOWS\system32\mcrh.tmp.((((((((((((((((((((((((( Files Created from 2008-06-15 to 2008-07-15 ))))))))))))))))))))))))))))))).2008-07-15 06:19 . 2008-07-15 06:20 <DIR> d-------- C:\WINDOWS\ERUNT2008-07-15 06:18 . 2004-04-08 01:42 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\InterTrust2008-07-15 06:18 . 2008-07-15 06:18 <DIR> d-------- C:\Documents and Settings\Administrator2008-07-15 ... Read more

4 more replies

Hi; I picked up this worm a couple of days ago. I get constant popups telling me how I'm infected etc, my pc has slowed and frequently freezes, outlook is a joke. In short it;s a mess. How can I get rid of this thing and where do I find the perpetrator so I can inflict serious damage on his juvenile, penis challenged body? I'm running Windows XP Professional 2002 on a Dell desktop[ pc.

A:win32 error cleaner/privacy protector/spyware and malware protection virus

9 more replies

These programs embedded itself into my system. It changes my desktop and keeps poping up with warnings and websites. It is called Privacy Protector, Error Cleaner and Spyware&Malware protection. I also get security warnings saying 'spyware alert' asking me to click to remove.

More replies

I got this a couple of days ago and noticed that a couple of people also had this problem and were able to resolve it with your help. These desktop icons keep appearing no matter how many times I delete them and there are several annoying pop ups that have just made my computer experience these past days dull. I got the same exact problem with these two threads http://www.bleepingcomputer.com/forums/t/106853/malware-privacy-protector-error-cleaner-and-spyware-malware-protection/ and http://www.bleepingcomputer.com/forums/t/105116/privacy-protector-error-cleaner-spyware-malware-protection/ and im wondering wether or not to risk following the steps written on those threads or not since I have completley diffrent Anti virus software from them. I got both Kaspersky Anti-Virus and Spyware doctor. Can Anyone help me with this problem? Id really appreciate anyone who is willing to lend a hand, but im not quiet the computer expert and dont have the software mentioned in the other two threads like HijackThis and the other stuff so if you would also link the site to download it that would be great thanks.

A:Maleware, Error Cleaner, Privacy Protector, Spyware&malware Protection Desktop Icons

8 more replies

Hi,Repeated popups and warnings led to a Google search on the Subject above and finding this forum.I initially attempted a "Restore Point" rollback but that would not complete successfully.I then completed the following -- Uninstall "XP Anti-Virus"- Ran SmitfraudFix- Ran SDFix- Ran ComboFix- Installed and Ran HijackThis(Attempted a "Fix Checked" without success of "O2 - BHO: (no name) - {EE5A1465-1E73-4784-8F63-45983FDF0DB8} - C:\WINDOWS\system32\awtuvULB.dll")- Installed and Ran SUPERAntiSpyware(found 0 errors or problems in any category)HijackThis still displays "O2 - BHO: (no name) - {EE5A1465-1E73-4784-8F63-45983FDF0DB8} - C:\WINDOWS\system32\awtuvULB.dll" which concerns me so I am posting so the guru's can check out the logs....As a newby to the forum I appreciate any help/advice :^) Thanks.Deckard's System Scanner v20071014.68Run by administrator on 2008-04-18 16:18:31Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore --------------------------------------------------------------Successfully created a Deckard's System Scanner Restore Point.-- Last 5 Restore Point(s) --96: 2008-04-18 23:18:37 UTC - RP324 - Deckard's System Scanner Restore Point95: 2008-04-18 22:49:23 UTC - RP323 - Installed SUPERAntiSpyware Free Edition94: 2008-04-18 21:40:02 UTC - RP322 - Restore Operation93: 2008-04-18 21:27:20 UTC - RP321 - Restor... Read more

A:Removal Of Xp Anti-virus, Privacy Protector, Error Cleaner And Spyware&malware Protection

Hello there and welcome to Bleeping Computer's security forum.My name is David, I will be helping you with your log today.It is a good idea to print off these instructions. There is a possibility some of the instructions will need to be carried out where internet access is not available. It is important that you complete the instructions in the right order, and that you don't miss out any steps.Please set your system to show all files. Click Start, open My Computer, select the Tools menu and click Folder Options.Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders.Uncheck: Hide file extensions for known file typesUncheck the Hide protected operating system files (recommended) option.Click Yes to confirm.Start HijackThis, close all open windows leaving only HijackThis running. Place a check against each of the following if still present:O2 - BHO: (no name) - {EE5A1465-1E73-4784-8F63-45983FDF0DB8} - C:\WINDOWS\system32\awtuvULB.dllO20 - Winlogon Notify: awtuvULB - C:\WINDOWS\SYSTEM32\awtuvULB.dllO21 - SSODL: DriveSys - {7dc6ff88-ddc9-4b18-a143-ef3f8f110be0} - C:\WINDOWS\Resources\DriveSys.dll (file missing)O21 - SSODL: SysBoot - {fd5ffa08-e23f-467f-867a-8a5770344bc3} - C:\WINDOWS\Resources\SysBoot.dll (file missing)Click on Fix Checked when finished and exit HijackThis.Make sure your Internet Explorer is closed when you click Fix Checked!Open hijackthis, click 'conf... Read more

1 more replies

Hello,
I am having a problem within my Window7 OS. I removed a "Java solace k" virus in 06/2010 but am still having issues with redirects from my browser and fake security scanners telling me of a security breach within my system. Any assitance would be greatly appreciated.

buhdabless

A:malware/spyware and fake security scanner

Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
If nothing happens or if the tool does not run, please let me know in your next replyDo not reboot your computer after running rkill as the malware pro... Read more

5 more replies

A:Malware/Spyware/ EVERYTHING Virus.. Scanner doesn't complete the scan... Just disappears

14 more replies

These programs embedded itself into my system. It changes my desktop and keeps poping up with warnings and websites. It is called Privacy Protector, Error Cleaner and Spyware&Malware protection. I have tried to fix this but have had no luck. I have ran Kaspersky, Ad-aware, but nothing has worked. Please get this virus out of my computer. Any help you can give would be appreciated!!

A:Error Cleaner, Privacy Protector, & Spyware/Malware Protector hijacking my conputer

Hello and welcome to TSF

Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.Close all applications and windows.
Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt here.
To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box:C:\Deckard\System Scanner\extra.txt

What DSS will do: create a new System Restore point in Windows XP and Vista.
clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.

========================
Logs Required
C:\Deckard\System Scanner\main.txt
C:\Deckard\System Scanner\extra.txt<---Attached

18 more replies

These programs embedded itself into my system. It changes my desktop and keeps popping up with warnings and websites. It is called Privacy Protector, Error Cleaner and Spyware&Malware protection. I have tried to fix this but have had no luck. I have the Shield Anti-Virus and Uni-Blue Spy eraser but they didn't help. Please help me !!!

A:Error Cleaner, Privacy Protector, & Spyware/Malware Protector hijacking my conputer

8 more replies

These programs embedded itself into my system. It changes my desktop and keeps poping up with warnings and websites. It is called Privacy Protector, Error Cleaner and Spyware&Malware protection. I have tried to fix this but have had no luck.

Thanks!

A:Error Cleaner, Privacy Protector, & Spyware/Malware Protector -hijackthis included

11 more replies

The three spyware things I have listed above managed to attach them to my pc, getting past norton 2007. I tried everything to get rid without success. I downloaded spybot but that didnt get rid of it. Then this morning I decided to have another go. Spybot box came up saying important registry change had occurred and did I want to allow it. In desperation I agreed. The three spyware icons disappeared and pc seems to be working alright. Am I clear - how do I find out?

A:Error Cleaner Privacy Protector Spyware Malware Protector

Hello jimisis and welcome to the BleepingComputer forums.Please download SmitfraudFix (by S!Ri)Extract the content (a folder named SmitfraudFix) to your Desktop.Open the SmitfraudFix folder and double-click smitfraudfix.cmdSelect option #1 - Search by typing 1, and press Enter. A text file will appear, which lists infected files (if present).Please copy/paste the content of that report into your next reply.

6 more replies

Is there a decent registry tool (scan, clean, etc.) that's free?

pjblevin

A:registry scanner/cleaner

16 more replies

Running Win7, plenty of RAM & CPU speed.

Today on the internet, "Turboyourpc" is touted as a trouble free registry cleaner. Suppose to speed up your computer by removing bits and pieces of uninstalled programs left behind  I've always been leary about messing with my registry. Does BC have a recommendation, either way, leave it alone or run this software "-------------------"?

A:Registry Cleaner/Scanner

Hi pinegum These programs are known to be harmful to the system and should not be used for any reason there is. It's a known fact that using Registry Cleaners can easily break a Windows installation, to the point where a complete reinstallation might be needed. Here's a few myths about using these programs, and why they are just plainly false."Using a Registry Cleaner will improve a system's performance" - False. The Windows Registry is a big database which contains information on everything present on the system, from the boot settings to how your programs looks when you open them. There's so many entries in it that cleaning even thousands of them isn't enough to boost a system performance. Also, there's no studies, tests, benchmarks, etc. which shows that using Registry Cleaners actually improve a system speed;"Using a Registry Cleaner will fix all your errors" - False. Using a Registry Cleaner won't fix any problems at all. In fact, it have more chances to create them if anything. There's no program that can fix every problems in a simple click, and there probably never will. If you have an error, it's better to troubleshoot that error in particuliar by finding what's causing it and fixing it than using a software that might give you more errors;"If you don't use a Registry Cleaner, you'll leave a door open for malware" - False. It is rare that malware will actually hijack orpheans keys and keypairs in the Registry to create persistence or install themself. They'll usually... Read more

3 more replies

Hey all...I am used to using WinASO for cleaning my registry. Their latest version (3.2) is still not 64-bit capable. My guess is that I should use a 64-bit registry cleaner?? What do you guys use and recommend?

Same for virus scanning. I have a license for AVG Professional. No 64-bit one available, so I'm running a trial version of eset nod32, which has a 64-bit version, and works very well. Again, which one do you guys use/recommend? Should I buy a license for nod32, or can I use my paid-for AVG 32-bit one?

Finally, is it important to have an x64 virus scanner, as well as an x64 reg. cleaner, or would I be able to use 32-bit versions of each???

Thanks!

A:64-bit virus scanner, 64-bit reg. cleaner?

Avast is a good choice, it is free and does not hog recourses.

Free antivirus - avast! 4 Home Edition

1 more replies

Recently from http://www.bleepingcomputer.com/forums/t/494727/superantispyware-or-malwarebytes/. Please take the poll and post suggestions for the poll here.

A:Best Anti-Spyware/Anti-Malware/On-Demand Scanner

Hitman Pro to check scan, but needs paying for removal.   Comodo Cleaning Essentials which comes free with Comodo Internet Security for removal.

38 more replies

i need a real time spyware scanner for free. I also need a virus scanner (realtime) avast, avg, or antivir? Does anybody have suggestions?

A:real time spyware spyware scanner? (free)

16 more replies

I try to search for pro pc cleaner here or anywhere on the web and it switches the search to pc cleaner pro.
I believe the malware is made by Rainmaker.
Scan by AVG livecd shows folders named 'pro pc cleaner' in app data and elsewhere.
Anyone point me how to search for a solution?
Typed from my phone right now.
Problem is on WIN 7 laptop.
Thanks

Update: just found this youtube removal process of it, will try later.

A:pro pc cleaner vs. pc cleaner pro malware

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/549788 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

2 more replies

I have a pop up for PC Cleaner and other stuff.Here are my logs Thanks for the HelpKaspersy------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Monday, April 21, 2008 2:02:38 PM Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 21/04/2008 Kaspersky Anti-Virus database records: 718029-------------------------------------------------------------------------------Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: trueScan Target - My Computer: A:\ C:\ D:\Scan Statistics: Total number of scanned objects: 40515 Number of viruses found: 6 Number of infected objects: 16 Number of suspicious objects: 0 Duration of the scan process: 01:12:36Infected Object Name / Virus Name / Last ActionC:\Deckard\System Scanner\backup\DOCUME~1\LISAPH~1\LOCALS~1\Temp\rsyncini.exe Infected: Trojan.Win32.Shutdowner.em skippedC:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skippedC:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skippedC:\Documents and Settings\Lisa Phillips\Application Data\Sun\Java\Deploym... Read more

A:Spyware Pc Cleaner Pop Up

4 more replies

what is the best spyware and adaware removers for Vista?? i have alot of spyware on my computer and cant seem to shake it

More replies

Hey. Well, I just bought a new Dell computer and have started to get lots and lots of pop-ups for Ultimate Cleaner and Spyware saying that I am at high risk of having my passwords and other private information stolen and that I need to get Ultimate Cleaner to fix it. I've also had a big red pop-up come up and cover my entire desktop. I'd appreciate any type of help I can get because they are really bothersom and are making my computer really really slow. I saw a post from some time back about the Hijack This software so here is the code that I was told to copy. Thanks so much!!!

-Stephanie

----------------------------------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:03:50 PM, on 9/15/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe

A:Ultimate Cleaner/Spyware pop-ups

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :
· After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
· Select the first option, to run Windows in Safe Mode, then press Enter.
· Open the extracted SDFix folder and double click RunThis.bat to start the script.
· Type Y to begin the cleanup process.
· It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
· Press any Key and it will restart the PC.
· When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
· Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
(Report.txt will also be copied to Clipboard ready for posting back on the forum).
· Finally paste the contents of the Report.txt back on the forum
===========

http://www.superantispyware.com/superantispywarefreevspro.html

1 more replies

My computer was infected with the ultimate cleaner spyware. I used Smitfraudfix.exe to eliminate it. Can you please check my log, so I know I'm clear or is there anything else I need to do.

Aj

Logfile of HijackThis v1.99.1
Scan saved at 8:37:55 PM, on 8/14/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Hijack This\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://espn.go.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.espn.com/
O2 - BHO: AcroIEHlprObj ... Read more

A:Ultimate Cleaner spyware

That looks ok....but let's use this tool for a more comprehensive set of logs.

Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.Close all applications and windows.
Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt here.
To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box:C:\Deckard\System Scanner\extra.txt

What DSS will do: create a new System Restore point in Windows XP and Vista.
clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.

---------------------------------------------------------------------------------------------

17 more replies

Fresh off the BugTraq mailing list.Our new survey is now up and ready for polling: click here to votehttp://castlecops.com/modules.php?name=Surveys&pollID=3019 of the most popular and known anti-spyware cleaners can be selected.Like all our previous surveys, this one too takes in unique votes, sochoose wisely! This survey looks at both free and pay-for anti-spywarecleaners.Also, take a moment to view what our readers had to say in their reviews on many anti-spyware products here. http://castlecops.com/compare-3You'll see what is hot and what is not in ratings from "Overall feeling","Customer Support", "Value for Money", "Ease of Use", "Install", "CompanyWebsite", and "Reliability". Both Spy Sweeper and Pest Patrol have themost reviews completed to date.Sincerely,Paul Laudanski .. Computer Cops, LLC.CastleCops(SM)... http://castlecops.com

More replies

My computer has been turned upside down, i have weird anti-spyware things installed on my computer, a new red background and a new homepage that wont change.

heres this if it will help
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:31:20 PM, on 8/15/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php...MjI6Ojg5&lid=2
O2 - BHO: MSVPS System - {47C... Read more

A:HELP Ultimate Cleaner spyware?

Being helped here

http://forums.techguy.org/malware-removal-hijackthis-logs/610180-hijackthis-log.html

1 more replies

Wondering if someone could take a look at this for me.
Thanks in advance (no pun intended)

Woke up this morning with a blank/locked up screen.

Rebooted and found AdvancedCleaner Free installed.
SpywareGuard keeps warning me of homepage and search page changes. It will not take stop.

AVG finds nothing

Ran Spybot S&D Removed several malwares.

Incident Status Location

This is a bump. Any help is appreciated.

17 more replies

I have a Dell desktop running Windows XP. My daughter must have accidentally clicked yes on something and now the background is red and has a unusual symbol on it. There are 3 new shortcuts on the desktop. One for Error Cleaner, one for Spyware protection and one for virus web protector. Whenever I try to open IE, one of the sites comes up and tells me my computer is not protected and wants me to purchase something.

Where should I start to diagnose and fix this problem?

More replies

Many virus's cleaned off this pc but still there is an icon flashing in the lower right hand side between a question mark and occasionally I will get a warning bubble telling me that I have spyware and need to get it cleaned and blah, blah, blah. No name associated with it. Clicking on it will open an IE window but it remains blank.I've been through all the usual suspects of cleaning and this remains. Here is the Hijack log. Thanks in advance.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 5:08:51 PM, on 11/14/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16544)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\alg.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Internet Explorer\IEXPLORE.EXEC:\Program Files ... Read more

A:Unknown Fake Spyware Cleaner

Hi william schubertPlease download SmitfraudFixDouble-click SmitfraudFix.exeSelect option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).Please copy/paste the content of that report into your next reply.Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.http://www.beyondlogic.org/consulting/proc...processutil.htm

1 more replies

I'd usually use ad-aware, but that is only free from home/personal use. Is there a on-par spyware cleaner out there that is free for use by corporations?

A:Free spyware cleaner for corporations

Shameless bump =)

1 more replies

Hello ! I have somehow gotten this spyware on my computer yesterday and can't find a way to remove it. I have ran many anti-spyware programs but they can't solve my problem. Here is my log report done by HijackThis v1.99.1Logfile of HijackThis v1.99.1Scan saved at 8:42:28 AM, on 7/20/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\ATKKBService.exeC:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exeC:\Program Files\Microsoft LifeCam\MSCamSvc.exeC:\Program Files\Analog Devices\SoundMAX\SMAgent.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\wscntfy.exeC:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exeC:\Program Files\ATI Technologies\ATI.ACE\cli.exeC:\Program Files\Java\jre1.6.0_01\bin\jusched.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC: ... Read more

A:Ultimate Cleaner 2007 Spyware

3 more replies

Check out Microsofts new BETA 1 Spyware cleaner.
WORKS WELL!!

www.microsoft.com

Dale

A:Microsoft BETA Spyware cleaner

stocker340 said:

Check out Microsofts new BETA 1 Spyware cleaner.
WORKS WELL!!

www.microsoft.com

Dale
Click to expand...

1 more replies

hi guys,im newbee to this forum. kaaash i got this site address from my friend.my system got effected with the rogue spyware " trust cleaner".i went through the whole process wht u guys suggested in the forum http://www.bleepingcomputer.com/forums/t/54501/how-to-remove-trust-cleaner-removal-instructions/ but still hev the problem..i used spyware doctor, windows defender, panda live scan, norton anti spyware...i would appreciated if any one helps to sort it out..here im sending the log file... pls help meLogfile of HijackThis v1.99.1Scan saved at 12:48:14 AM, on 7/6/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.5450.0004)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeC:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exeC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\WINDOWS\system32\spoolsv.exeC:... Read more

A:Pls Help Me To Get Rid Of This Rogue Spyware "trust Cleaner"

Im eagerly waitng for the help. thanks in advance

7 more replies

i have just seen a post from "DR_COOL_J" to download and use X-Cleaner
http://forums.techguy.org/t228599.html

based on advice here I'm using - ad-aware, spy-bot + i have spywareblaster and spywareguard on my PC.

how good / better is x-cleaner ????

any views ???

A:free spyware scanners x-cleaner

x-cleaner is very similar to spybot and ad-aware

the reason why it so handy is..

1. Its 500k , and doesnt have to be installed
so its much easier and simple to run then the others
no updates its all in one .exe file
2. Removes almost as much as spybot & ad-aware

x-cleaner has a free and a paid verison
the one listed is the free version and it works great at removing
spyware

just to test i installed imesh and kazaa
man the computer was infected with spyware
i ran spybot, looked at the number of itmes found
then ran x-cleaner it removed all most all of them
just a bit less than both spybot and ad-aware

that convinced me it was a great tool 2 use
but i will ususally recommend if x-cleaner finds any items
to run spybot & ad-aware for the final blow on spyware

I am always looking for the easiest way for ppl to remove spyware

3 more replies

This is really annoying. I need to get rid of this programs that just suddenly appeared. They are called Error Cleaner, Privacy Protector, & Spyware

A:Error Cleaner, Privacy Protector, & Spyware need help getting rid of it

Deckard's System Scanner v20071014.68
Run by Owner on 2007-12-19 02:34:31
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Total Physical Memory: 495 MiB (512 MiB recommended).
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2007-12-19 02:35:32
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Washer\WasherSvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe

2 more replies

Maybe about a year ago, Tech Support Guy solved my trojan horse problem in about two days. At that time, it was recommended that I use Easy Cleaner (and Super Anti Spyware) to clear up my problem. I've been using them ever since. I was wondering if TSG still recommends these free programs. SAS continues to update their definitions, but I've never been able to update Easy Cleaner. Should I delete it?

Thanks...and TSG ROCKS!

wbirgen

A:Easy Cleaner and Super Anti Spyware?

Hi,
The current TSG suggested progs are here:
http://forums.techguy.org/general-security/603629-security-help-tools.html

I think both that you mention get regular good press here.

Hope this helps?

Richard

3 more replies

I just bought a Dell computer for my son. He downloaded mine craft and some kind of mod and wam, not even a week old and I can't do a thing. There were tons of pop ups. I downloaded malwarebytes and ccleaner, it won't let me do jrt. Mal ware just keeps doing the prescan. It finally pope up a few things I was able to quarantine and delete but I am unable to get on the internet. I went to Uninstaller and Uninstalled a few but they are still there of course. I am trying a system restore and the first 3 attempts, it wouldn't work. It looks like it "might" work this time. I don't know what to do.
I took pics of the screen with my phone, but need to figure a way to put them on here. Please tell me even where to begin.

I am editing to add the system restore worked. I can get on the internet now. I do not see any pop ups at this time, but I would like you to tell me what scan to run to make sure the virus that was on here is gone.

Thank you

A:son's computer infected with spyware cleaner, taplika and others.

2 more replies

Hi there i was experiencing the same problem as Faria_85
and iv'e been searching for a fix for a couple days now..
i came across this forum and followed the instructions by garmanma
after installing MBAM, i scanned my computer and it found a lot of trojans..
i cleaned it .. but 3 or 4 wouldnt go.. here is the log, ANY HELP IS APPRECIATED!

Malwarebytes' Anti-Malware 1.32
Database version: 1648
Windows 5.1.2600 Service Pack 3

1/13/2009 11:17:46 AM
mbam-log-2009-01-13 (11-17-46).txt

Scan type: Quick Scan
Objects scanned: 65381
Time elapsed: 5 minute(s), 48 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 4
Registry Keys Infected: 20
Registry Values Infected: 3
Registry Data Items Infected: 5
Folders Infected: 0
Files Infected: 24

Memory Processes Infected:

Memory Modules Infected:
C:\WINDOWS\system32\efcyyXRI.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\xmjxrqtw.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\hyhnklls.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\rnovux.dll (Trojan.Vundo.H) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d7abb238-8cd3-4b60-b950-ffefbc03a654} (Trojan.Vundo.H) -> Dele... Read more

A:recommended to start spyware cleaner tool

1 more replies

A:Drive Cleaner Ad Popup Etc - Infected With Spyware?!

9 more replies

I can't get rid of spyware in my computer. I've got trojan, drive clean, etc. After using adware, apy box it still remains.Don't know what to do. Hope you can help me.GemgLogfile of HijackThis v1.99.1Scan saved at 14:47:40, on 25-6-2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exeC:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exeC:\PROGRA~1\McAfee\MSC\mcmscsvc.exec:\program files\common files\mcafee\mna\mcnasvc.exeC:\PROGRA~1\McAfee\VIRUSS~1\mcods.exeC:\PROGRA~1\McAfee\MSC\mcpromgr.exec:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exeC:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exeC:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exeC:\Program Files\McAfee\MPF\MPFSrv.exeC:\Program Files\SiteAdvisor\6066\SAService.exeC:\Program Files\Analog Device... Read more

A:Trojan.agent,drive-cleaner,spyware,

15 more replies

Does Anyone Know if Comodo BO Malware Cleaner conflicts with Avast? I read on the site that it does something different then anti virus by scanning memory but I thought Avast does that with its web shield mail shield file shield etc etc.

A:Bo Malware Cleaner

http://www.comodo.com/home/internet-security/anti-malware.php

It says it works alongside antivirus programs.

1 more replies

Must block this site from install their software at our labtop because it is a malware or that we called a trojan.On january 2015 there was 3 times I found their yac at my labtop and it bring a problem to me.My ltop became low memory and always shutdown it self and then windows ask for start up repair launch and 2 times my labtop cant restart.I dont know what to do to block this company to install their malware at my ltop.Some one here.. pls help.Edit: Topic moved from Windows 10 to the more appropriate forum. ~ Animal

A:yac cleaner (malware)

3 more replies

Im on XP, ive ran every spyware/adware remover under the sun but i get many many annoying pop ups and it causes my computer to slow down chronicly, please can someone advise. Thanks

16 more replies

Hi i need some help urgently,

my laptop has got a virus which keeps shutting down my laptop. Nortons cant pick it up and my wallpaper has changed to a blue screen with a yellow box containing the message 'Warning! Spyware detected on your computer! Install an antivirus or spyware remover to clean your computer'.

Thanks

Jaysica

A:Error cleaner, privacy detector and spyware on my laptop

Hello and welcome to TSF

Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.Close all applications and windows.
Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt here.
To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box:C:\Deckard\System Scanner\extra.txt

What DSS will do: create a new System Restore point in Windows XP and Vista.
clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.

=======
Logs Required
C:\Deckard\System Scanner\main.txt
C:\Deckard\System Scanner\extra.txt<----Attached

1 more replies

Hi guys I was wondering if anyone could offer me some advice on some malware removal.

My farther is a silver surfer and although i have warned him to never click on programs from the internet he did exactly that when using ms messenger. This has caused an infection of a malware desk top hijacker type program called ?driver cleaner".

My farther has turned to me for help in removing this however i am far from an expert but am a competent pc user.
What I have tried so far:

1 Ran a virus scan with Norton
2 Ran a virus scan with Norton when not connected to the internet
3 Ran a virus scan with Norton when not connected to the internet and in safe mode

Norton seems to fix the problem each time but when i restart the computer it gets re-infected as soon as you connect to the internet.

I would be very grateful if anyone can offer me some advice or help as this is a bit out of my league.

Thanks Leon

A:Driver Cleaner Malware

9 more replies

I keep getting these annoying pop ups annd the yellow triangel in my tray can anyone help me fix?
Thank you, I WANT MY PC BACK!!!!
ROBERT

A:Abebot/malware, Pc Cleaner Pop Ups

Hi Robert and Welcome to BC,

You may even be further directed to post in the HJThis thread so be patient.

This section of the forum is primarily used to answer questions about the use of XP and problems with the O/S. We aren't specifically trained in the removal of maleware.

4 more replies

Hello to everyone here at bleepingcomputer. I have been here many times before for help on removing and identifying malware from other's posts. This will be my first post and I want to say ahead of time that I appreciate your help.

I was recently visiting my parents and noticed that their home computer is "acting up". The computer is running slowly, there are pop ups when opening internet pages, and the home page keeps changing from the specified one. I also found a program called Smart PC Cleaner that keeps opening up with warnings about viruses and spyware. After some online search, I determined that this program is malware that must have been installed mistakenly by my parents at some point. I also found another program called "GamesXN GO" that appears to be causing some of the pop-ups. From what I found, this program is installed without permission when one installs Skype. I need help in removing both of these programs from my parent's computer and determining whether there may be other malware that I have not yet found. The computer is currently "protected" by Norton 360, but it does not appear to find any of these issues. I also downloaded and ran Norton Power Eraser, which found 2 issues and fixed them; however, they are not related to the ones above.

The computer is running:
Windows Vista Home Premium 64-bit Service Pack 2
Norton 360 Premier Edition

Please let me know if I need to provide any further information.

Thank you

A:Need help with Smart PC Cleaner and other malware

Hello and Welcome -

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Please post the contents of that document.
Note:: If a security program requests permission to access the Internet, allow it to do so.

Next -
Please download and run RKill by Grinler. A black DOS box will briefly flash and then disappear.
This is normal and indicates the tool ran successfully.
At worst the tool will run for about 2 minutes

Important: Do not reboot your computer until you complete the next step.

* Double-click on AdwCleaner.exe to run the tool.* Vista/Windows 7/8 users right-click and select Run As Administrator.
* Click on the Scan button (only once)
* AdwCleaner will begin...be patient as the scan may take some time to complete.
* After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open for review.
* NOW - Click on the Clean button (only once)
* Press OK when asked to close all programs and follow the onscreen prompts.
* Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
* After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.

1 more replies

Whilst browsing the net I received a system alert advising that my computer was infected and the only cure was to buy a programme - which was not available. Esential Cleaner (EC) slowed down all attempts to access my protection - Paretologic health advisor, XoftSpySE, then Spybot and refused access to malwarebytes. I attempted to access paretologic support on line but as soon as I hit the enter key it disconnected and switched off my internet connection. ( This is via an Orange Dongle) After many attempts I gained net access and found rkill which I downloaded and ran. I then updated malwarebytes and ran that. It found NO infections!I am concerned that when I reboot my computer it will find traces of EC which will then reinfect my system. How can I protect against this?Malwarebytes Log - Malwarebytes' Anti-Malware 1.50.1.1100www.malwarebytes.orgDatabase version: 6526Windows 5.1.2600 Service Pack 2Internet Explorer 7.0.5730.1307/05/2011 13:46:41mbam-log-2011-05-07 (13-46-40).txtScan type: Full scan (A:\|C:\|D:\|E:\|F:\|)Objects scanned: 182459Time elapsed: 35 minute(s), 4 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious... Read more

A:malware 'Essential Cleaner'

Here's the experience I had yesterday. I don't seem to have any lingering effects from this malware.

http://www.bleepingcomputer.com/forums/topic395949.html

1 more replies

Hi -I have tried everything I can think of to get rid of this malware which has taken over my machine. I followed all the procedures recommended on this site before posting the HiJackThis log but nothing has helped. My browser keeps directing my home page to //www.ucleaner.com/freeware/2/?wmid=6010&mid=MjI6Og==&lndid=13&p=1.I am hoping someone can help me get rid of this.My hijackthis log is as follows:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 14:40, on 2007-07-18Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\Program Files\Intel\Wireless\Bin\WLKeeper.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\ccEvt... Read more

A:Getting Rid Of Ultimate Cleaner Malware

Hi Rocket Ryan,
I will be handling your log to help you get cleaned up. Please give me some time to look it over and I will get back to you as soon as possible.

11 more replies

Hello, I am new to the forum and hoping to get some help. I run a Dell Inspiron 1200 laptop with Windows XP. I use Firefox (unfortunately had not installed the NoScript addon yet), and my wife used IE. Anyway, my wife installed Yahoo Instant Messenger (and who knows what else), I starting noticing substantial system slowness, but nothing compared to what happened next. I went to MySpace and apparently got hit with some malware from one of their advertisers. I started getting multiple popups telling me to go to scanner.malware-scan.com and my system became very slow, even locking up occasionally. I ran SpyBot a couple of times, but no real help.
From browsing this forum I see that you like to work from HJT logs, so I here is mine. Any help would be appreciated.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:44:19 PM, on 2/15/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\Q2hyaXMgSHVkc29u\command.exe

A:MySpace malware: scanner.malware-scan (w/ HJT log)

Never mind, I just wiped the drive and installed Linux.

1 more replies

Hi I an new to this site, and desperate for help.

I keep getting pop ups and sluggish performance, it happened overnight.

1) My desktop background changed says I am infected and vulnerable with hazord symbol.

2) i have three shortcut icons thatg i can't delete (they reappear after restart)

3) home intnet page automatically changes
4) new sites added to favorites
5) pop up pop up pop upssssss
6)if i cntrl alt delete and stop explorer process then access internet through Mcafee direct link to see threats at least i can serch/browse web

A:VIRUS-Error Cleaner, Privacy Protector, Spyware& Protection-HELP!!!

btw I am literate, i just can't type :)

3 more replies

Just got my laptop. I running xp. download dss here the log:

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel Pentium II processor
Percentage of Memory in Use: 79%
Physical Memory (total/avail): 223.36 MiB / 46.64 MiB
Pagefile Memory (total/avail): 546.66 MiB / 292.05 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1923.25 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 9.37 GiB total, 5.85 GiB free.
D: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - HITACHI_DK23BA-10 - 9.37 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 9.37 GiB - C:

-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

A:Old lady problem with Error Cleaner, Privacy Protector, Spyware

12 more replies

I have tried following instructions that some seem to have posted before with the same problems. My desktop background keeps getting replaced with a red background that states a privacy protection warning and that I should download spyware alond with window security alert pop ups. I also have error cleaner, spyware and protection, and privacy protector loaded on my desktop. Occassionaly I have sound effects and music playing. I used Smitfraudfix and DSS, which seemed to work for a bit but everything just comes back.

I would greatly appreciate the help, thanks!

A:Can't get rid of this virus (error cleaner, spyware&protection, privacy protector)

Please go HERE and carry out the instructions that are posted.

If you cannot complete any of the Steps, simply move on to the next one - remember to let the Analyst know about this when you post your logs.

1 more replies

Hi,

I am getting this pop up error message in the system tray on my laptop. "Warning Security Report! your computer is infected it is recommended to start spyware cleaner tool."
This is preventing me to go online using firefox or IE - after typing an url, it just stays there. shows Done at the bottom of firefox and does nothing. it also disabled my task manager.

Any help would be appreciated.

-Faria

A:your computer is infected it is recommended to start spyware cleaner tool

2 more replies

Hi, everyone. It was suggested on another site somewhere that I come to bleepingcomputer.com for help on this issue. I have recently been infected with a malware program called Galileo System Cleaner. It basically gives constant popups, fake system scans, and then blocks any web browser from browsing the internet with a fake proxy problem page. It restores its own files when they are deleted, and I assume it's gone pretty deep into my system. Do you have any advice on this issue? Please keep in mind that I have no experience or knowledge concerning my registry (or even what that is), and both ComboFix (run in safe mode) and Malware Bytes have failed so far. Malware Bytes did detect two problem files, but their deletion had no effect on Galileo.Any thoughts? Any help would be wonderful.Argh, I realize I just posted this in the wrong forum! Sorry, mods. Is there no way I can delete this?Edit: Not to worry, moved topic from Win 7 to the more appropriate forum. ~ Animal

A:Galileo System Cleaner - Malware

I am having the same problem.

1 more replies

I am home for Spring break and my mother's PC is completely infected. Had some weird popups and the browsers automatically set themselves to go through some proxy server. Any and all help would be greatly appreciated!

The FRST log is below and the Addition.txt file is attached.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Donna (administrator) on DONNAWESTON on 19-03-2015 19:09:26
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe

A:Pro PC Cleaner/AirGlobe/Assortment of Malware

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===What can you tell me about this Air Globe?Air Globe (HKLM\...\Air Globe) (Version: 2015.03.15.160424 - Air Globe) <==== ATTENTION===Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.

start

CloseProcesses:

HKU\S-1-5-21-1612059837-2104035131-939018749-1004\...\Run: [Itibiti.exe] => C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
AppInit_DLLs-x32: C:/PROGRA~3/{1C76F~1/193~1.1/cedo.dll => C:\ProgramData\{1C76F4B5-4CF4-2533-FD72-55B12DF0863F}\1.9.3.1\cedo.dll [1010688 2015-03-15] ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
GroupPolicy: Group Policy on Chrome detec... Read more

2 more replies

I had an infection of Trojan.Win32.Patched.aa or W32/Liger which had infected Services.exe lsass.exe winlogon.exe and svchost.exe. I used Norman malware cleaner to remove the virus. The problem is it must not of correctly disinfected those files. After the removal reboot I could not drag and drop files and programs would not minimize to the taskbar. My user account in control panel was blank, the extended services applet did not work correctly and was blank while the standard Services tab would show the services but right clicking did nothing. Also installing certain programs does not work sometimes giving no error while .vbs scripts give access denied error.

I booted into another xp operating system on the same computer and replaced services.exe, lsass.exe, winlogon.exe and svchost.exe and the problems with drag and drop, taskbar, blank user account and extended services plus right clicking standard services were all gone but the installation errors are still present. Also Internet Explorer has restrictions placed on the internet zone where I get an error I cannot run activex on my computer when I try to go to Windows update. Changing settings in IE7 does not correct this problem and there are no settings in group policy that I can see that would create this restriction on my computer.

I tried to reinstall SP3 and install IE8 over IE7 but I get the error that the cryptographic service may not be started when it is running in the services applet. I tried running a .vbs scri... Read more

A:Norman Malware Cleaner and W32/Liger

The previous log is from another OS on another partition sory here is the correct DDS log:
DDS (Ver_09-06-26.01) - NTFSx86
Run by Administrator at 8:19:31.57 on 22/07/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.319 [GMT -8:00]

AV: Norman Security Suite *On-access scanning enabled* (Updated) {EB9EFB40-AE72-4C43-B204-0FCD0E92D5F1}
AV: Kaspersky Anti-Virus *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kerio WinRoute Firewall *enabled* {916dafda-8250-4a1d-9095-000da68ac4da}

============== Running Processes ===============

C:\Program Files\Norman\Npm\Bin\Elogsvc.exe
C:\Program Files\Norman\Npm\Bin\scheduler.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Norman\Npm\Bin\Zanda.exe
C:\Program Files\Norman\npm\bin\nvoy.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\CachemanXP\CachemanXP.exe
C:\Program Files\cFosSpeed\spd.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\FolderSize\FolderSizeSvc.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

4 more replies

Hi

It's been awhile since I was last here. Not sure if we can request who helps us or not. Cookiegal helped me years ago and was very easy to understand. If possible I would like to work with her again. If not, thats ok. I know everyone here works on their own time for free and we all appreciate your services.

My problem is I seem to have some sort of malware. Every two minutes I get a security bubble alert in the taskbar that looks like a Microsoft update alert or warning (yellow triangle with an exclaimation mark inside) saying I have spyware, or someone is trying to connect to me. Its has 3-4 different bubble messages. Also, every 10 minutes I get a "Windows Security Center Warning" pop-up saying I have malware and to click here to remove it. Both of the mentioned pop-ups direct me to a page trying to sell me Spy Away and Perfect Cleaner. I also sometimes get the webpage to pop-up on its own. The URL is "about:Security". I've scanned with AVG AV and found no viruses. I used adaware and AVG anti-spyware and found several malware including AdBreak, 4Arcade Pbor and Dropper.small.j. (I used to just get cookies when scanning for malware) I've tried both deleting and quaranetee, but they come back usually on the next scan. Perhaps not Dropper.small.j.

I know the website that I got it from. I will post if it helps, but dont really want anyone going there to get what I got. It kept trying to get a microsoft program to run, but I kept clicking... Read more

A:Malware connects to Spy away and Perfect Cleaner

16 more replies