Virus: Privacy protector, Spyware & malware protection, error cleaner

Status
Not open for further replies.
Well. About 2 days ago, this all started, my computer has been exhibiting these problems:

Details of the problems:

- URL icons on Desktop named: Error Cleaner, Privacy Protector, Spyware and
Malware Protection

- SystemFixError
- change of Desktop background to a red picture written:
Your Privacy is in Danger!
Dowload Privacy Protection Software Now (box)

- Windows message boxes keep poping up with texts like:
Windows has detected an Internet attack attempt...
Somebody's trying to infect you PC with spyware
...
Click here to download spyware remover for total protection
or
Danger, your computer is
infected, you can loose all your data; to solve the problem
click the yes button

Can someone please help, it is really quite annoying. And Neither ZoneAlarm, Avira, nor Spybot will help.

Here is my Hijackthis logfile.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:54:58 PM, on 4/24/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\ZoneLabs\vsmon.exe
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
F:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
F:\Nexon\Mabinogi\npkcmsvc.exe
F:\WINDOWS\system32\PSIService.exe
F:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
F:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
F:\Program Files\CursorXP\CursorXP.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
F:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
F:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
F:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = (Can't post, not enough post count.)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6f74-2d53-2644-206d7942484f} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: DVA Gate - {AEAFB69D-EDE2-47C8-BDBA-D8938DE059D3} - F:\WINDOWS\qnmargolewk.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - F:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: dpevflbg - {CE66268D-0208-4D9E-8BC7-12D91072A34D} - F:\WINDOWS\dpevflbg.dll
O4 - HKLM\..\Run: [avgnt] "F:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [googletalk] F:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [ZoneAlarm Client] "F:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] "F:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
O4 - HKCU\..\Run: [MSMSGS] "F:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [CursorXP] F:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [MySpaceIM] F:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "F:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Veoh] "F:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [VirusIsolator.exe] F:\Program Files\VirusIsolator\VirusIsolator.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] F:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] F:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] F:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O8 - Extra context menu item: e&xport to microsoft excel - res://F:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780b25-18cc-41c8-b9be-3c9c571a8263} - F:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O21 - SSODL: vadokmxt - {0A466ADE-C647-4681-898C-6B3F69B8FDD8} - F:\WINDOWS\vadokmxt.dll
O21 - SSODL: wdpoefan - {EE793B1C-1EE9-43A9-9CF1-CEBE2279A179} - F:\WINDOWS\wdpoefan.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - F:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - F:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: npkcmsvc - INCA Internet Co., Ltd. - F:\Nexon\Mabinogi\npkcmsvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - F:\WINDOWS\system32\PSIService.exe
O23 - Service: StyleXPService - Unknown owner - F:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - F:\WINDOWS\system32\ZoneLabs\vsmon.exe
O24 - Desktop Component 0: Privacy Protection - file:///F:\WINDOWS\privacy_danger\index.htm

--
End of file - 5292 bytes

Edit:
I am currently doing a Malwarebytes' Anti-malware scan, and getting combofix. As mentioned in the previous thread.

I've attached my Combofix log
 
Im having the same problem

I Beleive it's related to an Activex download. I did some research...Did your task manager become unusable?..that was one of the side effects. That problem is easily fixable.
 
Status
Not open for further replies.
Back