Sign in with
Sign up | Sign in
Your question

Infected with Privacy Protection, tried multiple removal suggestions to no avail

Last response: in Windows 7
Share
November 19, 2011 10:36:25 PM

Hello,
The fake antispyware program has been installed on my computer and I'm trying to remove it. Privacy protector does not allow any .exe files to open, so I had to use my phones internet to find out how to remove it. I was instrcuted by several guides to open windows in safe mode with networking to get around being unable to run programs.
I am now running in safe mode, but all the anti-malware or root-kit removal tools I have downloaded, I am not able to open, so I am stuck here.
I also tried running a .reg file which would allow .exe files to run, but it would not work either.
Getting extremely frustrated by this, and help with this issue would be greatly appreciated.
Thank you.
a b $ Windows 7
November 19, 2011 11:05:10 PM

Housecall, Bitdefender, Kapersky and many others offer scans off their severs not requiring you to download the program. What OS are you running? Do you have a backup image? Can you use system restore from safe mode? If you are using Win7 and have a valid install disk, you can use it to boot and select a repair using system restore. If all else fails, back the data you deem essential and do a clean install of windows and all drivers. Here is the Symatec removal link. Note they offer a tool the may reverse the inability to open programs (http://www.symantec.com/security_response/writeup.jsp?d...). In the end a clean install may be the best solution.
m
0
l
November 19, 2011 11:17:17 PM

Thanks for your reply dogsnake,
While I was in safemode I found the location of the offending program and deleted it. I wasn't sure if that would solve the problem entirely so I ran tdsskiller and malwarebytes anti-malware (in normal running mode) and found 4 infections which i removed. Everything seems fine now, but I guess it's a sign to start backing up my files.
I appreciate your suggestion, I'll keep this bookmarked in case the problem reoccurs.
Thanks very much.
m
0
l
a b $ Windows 7
November 20, 2011 1:14:55 AM

Please be sure to go to system restore and shut it off. This will delete all your saved restore points. The infection is on those restore points. Once you deactivate it you can restart it and creat a clean new restore point. Some infections can restore themselves from the system restore point without you ever using the system restore feature. Clearing these old points will eliminate this possible reinfection. Look at the registry list from the Symantec link and use the regedit function to check to see if any traces remain. Even the best tools can miss traces in the registry. Good to hear you are on the track to recovery:) 
m
0
l
November 23, 2011 4:06:58 AM

im having to same problem, but i did a system restore, and i am unable download or run anything on regular mode now. But i can now surf the net, what do i do now?? I am severly irritated, and frustrated... Help if you can...
m
0
l
a b 8 Security
a b $ Windows 7
November 23, 2011 5:12:43 AM

Hi Terina30,

Are u gonna be able to download and run a LiveCD?
m
0
l
November 24, 2011 9:31:26 PM

Privacy Protection file location,

Windows XP:
C:\Documents and Settings\All Users\Application Data\privacy.exe

Windows Vista/7:
C:\ProgramData\privacy.exe

Rename privacy.exe to virus.exe. Restart your computer. The rogue av won't block Internet Explorer anymore. Download TDSSKiller http://support.kaspersky.com/downloads/utils/tdsskiller...

Rename tdsskiller to winlogon and run it. Remove found rootkits. Next, download Malwarebytes or any other antimalware software and run a full system scan. This should do the trick. More info on this page: http://deletemalware.blogspot.com/2011/11/remove-privac...

I hope this helps. Good luck!
m
0
l
November 24, 2011 11:41:20 PM

Hansom said:
Thanks for your reply dogsnake,
While I was in safemode I found the location of the offending program and deleted it. I wasn't sure if that would solve the problem entirely so I ran tdsskiller and malwarebytes anti-malware (in normal running mode) and found 4 infections which i removed. Everything seems fine now, but I guess it's a sign to start backing up my files.
I appreciate your suggestion, I'll keep this bookmarked in case the problem reoccurs.
Thanks very much.


Recommend imaging your harddrive.
m
0
l
!