When on the internet I am getting security warning pop-ups that seem to come from three self downloading security programs. On log-in my home page is replaced by ucleaner.com, I assume these are all linked. My new XoftSpy SE finds them and removes them, including the flashing red security warning in my task bar, but they reload the next time I'm online. I have a HJT scan log but I am afraid I may delete the wrong items. Can anyone help? I am a people doctor, so I can help you with your virus, but not my PC's. thanks dr.bd
I have a sick PC, the bug looks to be ucleaner.com
- Thread starter dr.bd
- Start date
- Status
kritius
Posts: 2,077 +0
You're going to have to re-attempt the AVG antispyware part because it says that there was no action taken, remember to have it quarantine its results.
Also I didnt notice any antivirus software or firewall on your system, do you have any? If not get some, AVG free and Avast! are both good free options and zone alarm and comodo are good free firewalls.
Also I didnt notice any antivirus software or firewall on your system, do you have any? If not get some, AVG free and Avast! are both good free options and zone alarm and comodo are good free firewalls.
Hi,
As per the HJT report you can remove the following entries.
O3 - Toolbar: etlrlws - {6990CA39-A0FA-4B4A-8C9A-E7E66518227C} - C:\WINDOWS\etlrlws.dll (file missing)
O4 - Startup: ZIPscript.lnk = C:\NavPress\ZIPscrpt.exe
Then boot the computer to safemode and run the complete system scan and quarantine or delete any infections found.TO do this you must have an Anti-Virus running on your computer.
To restart the computer in safemode.
Turn ON the computer and start tapping F8 immediately without any delay.
Then select Safemode and hit enter twise.
Logon as ADMIN.
Run the complete system scan.
Disable all the start up items and enable only those which you are aware of.
To do this
Click on start-->Run--> type msconfig and click ok.
You will see the System configutation utility.
Click on "startup" Tab on the top and then uncheck all those entries which are suspicious.
Once the scan is done reboot the computer to regular mode and open the Internet Explorer and disable all the Add-Ons.
Open IE-->CLick on tools-->Internet options-->Programs-->Manage ***-ons-->from the drop down list select-->Add-ons that are currently loaded in Internet explorer and select each one of them and select disable.
Reopen the Internet Explorer.
Please post the results once you are done with the above steps.
As per the HJT report you can remove the following entries.
O3 - Toolbar: etlrlws - {6990CA39-A0FA-4B4A-8C9A-E7E66518227C} - C:\WINDOWS\etlrlws.dll (file missing)
O4 - Startup: ZIPscript.lnk = C:\NavPress\ZIPscrpt.exe
Then boot the computer to safemode and run the complete system scan and quarantine or delete any infections found.TO do this you must have an Anti-Virus running on your computer.
To restart the computer in safemode.
Turn ON the computer and start tapping F8 immediately without any delay.
Then select Safemode and hit enter twise.
Logon as ADMIN.
Run the complete system scan.
Disable all the start up items and enable only those which you are aware of.
To do this
Click on start-->Run--> type msconfig and click ok.
You will see the System configutation utility.
Click on "startup" Tab on the top and then uncheck all those entries which are suspicious.
Once the scan is done reboot the computer to regular mode and open the Internet Explorer and disable all the Add-Ons.
Open IE-->CLick on tools-->Internet options-->Programs-->Manage ***-ons-->from the drop down list select-->Add-ons that are currently loaded in Internet explorer and select each one of them and select disable.
Reopen the Internet Explorer.
Please post the results once you are done with the above steps.
kritius
Posts: 2,077 +0
Its better to use your normal account. You should also view all hidden files and folders before you run the complete scan, and while your there do an antispyware one as well.
Instead of this, open Spybot and Go to the tools sections, then start ups and make your choices from there, just dont stop any of the ones highlighted in green.
- Status
Similar threads
Latest posts
-
Senua's Saga: Hellblade II system requirements revealed, 70GB of storage space required- Squid Surprise replied
-
Intel CPUs Are Crashing and It's Intel's Fault: Intel Baseline Profile Benchmark- erickmendes replied
-
Nvidia GeForce GTX 1080 Ti Revisit: Is this the GOAT?- Arbie replied
