Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Privacy components at boot


  • Please log in to reply
5 replies to this topic

#1 hometechguy

hometechguy

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:36 PM

Posted 11 February 2009 - 04:10 PM

Help! This one is ugly and I've done a bunch of searching on the net and I can't get answer for how to fix this problem.

My daughter-in-law clicked on a fake spyware warning and installed a nasty bit of malware called "Privacy Components". This software appears to be "hostageware" as you can't boot the computer anymore, either regularly, or in safe mode without the Privacy components screen appearing and demanding that it be registered for $49.95. You can not access any Windows components except the default browser. I have brought this computer home to try to fix, but I will not connect it to my personal network to avoid infecting 4 other computers.

I can't put in the requisite Hijack This log because it can't be installed on the infected computer because I can't get past the damn malware screen. :thumbsup:

This is some nasty stuff. I could do a manual removal of the components and edit the registry to remove those, but I can't get past the fake "you're infected" screen that demands the money to "register" the malware.

Like I said, booting to safe mode is not an option. The exact same thing happens in safe mode as well as a normal boot up.

::::Update: Cntl-Shift-Escape does not work to enter the process manager.::::

Thanks in advance!

Edited by hometechguy, 11 February 2009 - 05:14 PM.


BC AdBot (Login to Remove)

 


#2 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:03:36 PM

Posted 11 February 2009 - 05:40 PM

This rescue disk has some tools on it that can help to get you to where you can get online for other tools
Avira AntiVir Rescue System

http://www.free-av.de/en/tools/12/avira_an...cue_system.html
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#3 hometechguy

hometechguy
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:36 PM

Posted 11 February 2009 - 08:09 PM

This rescue disk has some tools on it that can help to get you to where you can get online for other tools
Avira AntiVir Rescue System

http://www.free-av.de/en/tools/12/avira_an...cue_system.html


Mike, thanks for the heads up. First thing I did was a scan. Took two hours and it couldn't "fix" anything. So.... After the scan I decided to check out the command line interface and the software locked up. I'm going to reboot the computer with the disk and we'll see if I can get to the internet with it.
"
::::UPDATE: A reboot of the computer using the Avira Disk still locks up when I attempt to click on "Commandline". All I can is scan the computer with this program and it doesn't seem to remove anything.::::

Got any specific suggestions on how to use the rescue system disk?



Jim

Edited by hometechguy, 11 February 2009 - 08:16 PM.


#4 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:03:36 PM

Posted 12 February 2009 - 12:50 PM

The reason I recommended that specific disk is it's easy to download and run.
A much better one is UBCD:
http://www.ubcd4win.com/
It has quite a few A-V and malware tools:
http://www.ubcd4win.com/contents.htm
The only thing is you need to make the CD bootable. That means you need to burn an ISO
There are instructions on the site to tell you how to do that
I'm the first to admit I don't know everything, but with your problems that's all I can think of other then reinstalling the OS
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#5 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:03:36 PM

Posted 14 February 2009 - 03:27 PM

We can also try this:

Turn on your computer, in Normal mode
Right-click on the bottom of the screen and Open Task Manager
Click on the applications tab and end the process
Open task Manager again and click on the New Task button
Type in - explorer.exe - and click OK
You should now be able to download and run mbam



thanks pete c
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#6 hometechguy

hometechguy
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:36 PM

Posted 14 February 2009 - 06:34 PM

We can also try this:

Turn on your computer, in Normal mode
Right-click on the bottom of the screen and Open Task Manager
Click on the applications tab and end the process
Open task Manager again and click on the New Task button
Type in - explorer.exe - and click OK
You should now be able to download and run mbam



thanks pete c


Sorry I've not responded earlier. Real life intrudes on my computer fixing hobby. Anyway, I finally got by the hijackware by using safe mode with the command prompt. I used the command prompt to run MSCONFIG to alter the startup menu and then went to programs and deleted things like agent.exe that many sites on the net said to remove.

That got me by the opening screen on a reboot into safe mode, only to discover that he'd been surfing for porn and items like that with only Windows Defender running on the system. No antivirus or anything else was on it, just the basic windows firewall and defender. That didn't bode well. Turns out he'd never updated it either and it had all the holes in Vista and Office never patched.

I got the computer connected to the net and got AVG and Spybot installed and ran the scans. More crapware (zlob and about 20 others) was installed than you can imagine. I deleted everything those found and and installed Ad Aware as well and scanned with it. More malware was found and deleted. Did an online scan from Kapersky and that came out clean.

Unfortunately, some part of the process, either the malware installation or deletion corrupted something in windows. The computer would lock up after running for about an hour and a half. I spent most of the last two days altering the processes and startup configuration (Going from nothing to the point where something would cause it to lock up) and discovered that I couldn't replicate the lockup by using any combination of startup items or services....

Oh well, I've had enough of this. At least I could now get the computer to run for long enough to back up the important stuff and do a system restore from the Toshiba disks, so I just finished restoring the computer to it's brand new configuration, installing hours worth of updates from Microsoft, added AVG 8.0, Spybot, Ad Aware, and Zone Alarm. He'll get the computer back with a working knowledge of how to use those 4 programs to protect his rear end when he chooses to satisfy his carnal desires via the internet. ;-)

Thanks for the help. Too bad I didn't get to try the stuff you suggest, but maybe next time. I've still got a 14 year old and an 11 year old using computers at home. :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users