Privacy Componets

Help and Discussion

Moderator: The Mod Squad

Privacy Componets

Postby Comp_parter » Sat Mar 07, 2009 6:25 am

Hello all.

Has anyone been tied up with the "Privacy Componets" spyware yet?

Working on a laptop for a fellow and this one seems to be stickier than others.

My usual M/O is booting with UBCD4win and cleaning the system with Spybot,
but this system does not have an ethernet port the UBCD4Win
recognizes :( , therefore can't download latest updates for Spybot.

Thanks

Progress so far:

Ran Avira Anti-virus from UBCD4Win and found 11 infected mp3's.
Deleted said nasties and rebooted and the problem regenerates itself.
If I kill the process it leaves me with a black screen and a cursor and nothing else.
When you log in there is a female voice speaking what appears to be German.
Now I have taken drive out and installed as a slave on my desktop and
am scanning with Spybot...... Waiting .. Watching..
Should be said that Laptop has Windows Vista Premium...
Comp_parter
Black Belt
Black Belt
 
Posts: 563
Joined: Mon Nov 19, 2001 1:01 am
Location: Troy, Ohio

Postby evasive » Sat Mar 07, 2009 9:50 am

We hate rut, but we fear change.
********************************
System error, strike any user to continue...
evasive
Mobo-fu Master
Mobo-fu Master
 
Posts: 37389
Joined: Sun May 06, 2001 12:01 am
Location: Netherlands

Postby Comp_parter » Sat Mar 07, 2009 12:27 pm

Update:

Forget about installing the drive as a slave.. did that .. painfull slow scan.

Reinstalled drive, booted drive problem came back.

Hit ctrl+alt+delete
Run : taskmgr
End process on "pc.exe"
At this point all I had was a black screen and cursor :o
Hit ctrl+alt+delete
run taskmgr
Hit file>run>"explorer.exe"<<This got the desktop back to normal.
Downloaded anti-malware installed and scanned and cleaned 60+ infections
Rebooted....
:D :D :D
Installed Spybot and am now scanning... Fingers crossed...
More later
Comp_parter
Black Belt
Black Belt
 
Posts: 563
Joined: Mon Nov 19, 2001 1:01 am
Location: Troy, Ohio

Postby pbailey » Sat Mar 07, 2009 2:20 pm

Did you run a full scan on anti-malware?



.
The day you stop learning, is the day you die!

Paul
pbailey
Black Belt 1st Degree
Black Belt 1st Degree
 
Posts: 1174
Joined: Tue Mar 26, 2002 12:00 am
Location: KC MO

Postby Karlsweldt » Sat Mar 07, 2009 2:32 pm

The only sure way to 'sanitize' a hard drive is to first turn off the restore feature in Windows, then restart in safe mode. Most Trojan and viral forms are inactive then, and easily routed. If in normal operation, they may guise themselves as system files.. and not be accessible.
Only after a few restarts normally, with no remnants of the infection, should you turn the restore feature back on. Failure to deactivate that feature means that Windows will faithfully undo all your work on the next reboot!
Many viral forms can root themselves in the Registry, and make a comeback.. along with drawing in new variants. A program called HijackThis is very effective and quick about killing off bad Registry keys. But use with discretion, as the results may cause other system problems. Do a Registry backup prior to use.
Also check the Firewall program.. all too many viral forms can cause it to become disabled, or provide an open port to other malware.
F@H.. to solve mankind's maladies.. in our lifetimes!
Karlsweldt
Mobo-fu Master
Mobo-fu Master
 
Posts: 20659
Joined: Wed Nov 12, 2003 11:57 am
Location: 07438

Postby Comp_parter » Sat Mar 07, 2009 3:05 pm

I did a full Spybot scan and came back clean..

Life seems good now. I am currently running a virus scan with AVG.

Will update with results of that scan...
Comp_parter
Black Belt
Black Belt
 
Posts: 563
Joined: Mon Nov 19, 2001 1:01 am
Location: Troy, Ohio

Postby Comp_parter » Sun Mar 08, 2009 4:27 am

:D :D :D :D

Scan Complete...

All Clean...
Comp_parter
Black Belt
Black Belt
 
Posts: 563
Joined: Mon Nov 19, 2001 1:01 am
Location: Troy, Ohio

Postby Karlsweldt » Sun Mar 08, 2009 1:41 pm

Hopefully the cleansing is permanent. Viral files can include common tagnames such as used with image files, MP3 or MOV files.. even DLL files! If the resident anti-viral program skips certain files, then the infection will not be cleansed. Best to do a 100% all-files scan. Some of those vagrant files may not be true viral forms, and are not regarded as threats in themselves. But they can be "beacons" which call in other files when you go on the Web, and then you have problems.
MS has a decent malware removal program to do the task kicking out those "unwanted guests" that plague you. KB890830 is the official name. Should be a monthly 'update' if you have the auto-update feature active.
F@H.. to solve mankind's maladies.. in our lifetimes!
Karlsweldt
Mobo-fu Master
Mobo-fu Master
 
Posts: 20659
Joined: Wed Nov 12, 2003 11:57 am
Location: 07438


Return to Virus/Spyware/Security

Who is online

Users browsing this forum: No registered users and 1 guest