Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Adware Problem


  • Please log in to reply
4 replies to this topic

#1 TheBob

TheBob

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:28 AM

Posted 21 September 2008 - 04:27 PM

I woke up this morning with a ton of adware/spyware/malware (whatever you want to call them), I've managed to get rid of the vast majority of them, but I'm stuck with some that I can't seem to get rid of. I've looked at some other topics here involving my problem and tried to fix it, but couldn't.

I have Windows Vista.

Here are the error messages that I've been seeing, word for word.

Critical System Warning! Your system is probably infected by Spyware.IEPass.Thief. This may result in website access being stolen from Internet Explorer, Mozilla Firefox, Outlook Express, etc. Click yes to scan and remove these threats. (Recommended)

Excessive SMTP email traffic has been detected. Probably spambot infection. Do you wish to scan for spambot type malware now? (Recommended)

Windows system files have ben compromised. Probable causes: Malware infection. Replace modified files with backup copies and perform a scan of malware?



Here are the 4 error messages on the bottom, right tool bar on my computer.

- Zlob.p0rn.ad adware has been detected. This adware module advertises websites with explicit content. Be advised of such content being possibly illegal. Please click here to locate and remove this threat now. (I know I removed the adware it's talking about since the icons on the desktop that were appearing are gone), but the error message is showing up

- CPU Performance has degraded significantly. Probably cause: malware infection. Click here to perform system security audit.

- Network connection is now restricted. Abnormal network activity detected. Probably cause: spyware infection. Click here to perform system security audit.

- Security errors detected. Remove these as soon as possible to precent data loss and private information exposure. Click here to install protection tools now.

What I've discovered is that these messages are causes by processes known as:
YURC81F
YURCC82

When I end these processes, the error messages disappear. However, when the system restarts, the errors appear again.

Any help would be greatly appreciated.

BC AdBot (Login to Remove)

 


#2 trashcan7

trashcan7

  • Members
  • 402 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:28 AM

Posted 21 September 2008 - 06:12 PM

Wow, that seems like a lot.
Did you actually try scanning with one of your own applications? Antivirus, too? In safe mode?

#3 TheBob

TheBob
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:28 AM

Posted 21 September 2008 - 09:23 PM

I figured it out. I found the two files causing the error messages, moved them to the desktop, sent them to the recycling bin and emptied the bin. Everything is fine now.

Took me the entire day to remove everything, but it's done. I'll run my anti-virus and spyware removal programs just in case there's something left I am unaware of.

Thanks a lot guys, Even though I figured this part out, I received a lot of help from previous threads since it seems like this isn't too rare.

#4 etherduck

etherduck

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:06:28 AM

Posted 29 July 2010 - 02:44 AM

Hi,
i think u shud use some good antispyware application
If u wish i can suggest u one ,
" Advanced System Protector", it not only blocks the spyware b4 it can enter your system,
will also clean the infections if any and it gives routine updates of the latest definitions
and is very easy to use..
The On Execution Scanner & Alert Shields make it more efficient in the case of internet access.

For me the Advanced System Protector is the Best Antispyware...U can also give a try...
free version of ASP is also available at cnet

Edited by etherduck, 29 July 2010 - 02:47 AM.


#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,122 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:28 AM

Posted 29 July 2010 - 07:01 AM

Please download TFC (Temp File Cleaner) by Old Timer and save it to your desktop.
alternate download link
  • Save any unsaved work. TFC will close ALL open programs including your browser!
  • Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • TFC will clear out all temp folders for all user accounts (temp, IE temp, Java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.
Note: It is normal for the computer to be slow to boot after running TFC cleaner the first time.

Please download Malwarebytes Anti-Malware (v1.46) and save it to your desktop.Download Link 1
Download Link 2
MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users