Solved What is privacy protection? Fake virus program?

[ChopperX]

Hey guys I have a new application on my PC that just showed up and I have no idea what it is. It called itself privacy protection that just popped up on my desktop with no warning whatsoever. I have been using Windows 7 ultimate since he came out and I've never seen this program ever. In fact I had never even heard of it before. It started scanning my computer and found 20 viruses on it. All of my programs closed I could not reopen them and I even restarted my computer. With my computer turned back on the privacy protection application still popped up and I could not access my programs at all. I am getting really worried since I just reformatted my computer about two weeks ago and everything was working perfectly. Is this some sick new virus that is making its way to my computer? I have attached a screenshot below so you guys can take a look at it.

Any help would be appreciated and currently my computer is going to remain off until we figure this out.

 

[Golden]

Hi,

This is RogueWare, designed to fool you into thinking you have malware.

Please scan your system using Microsoft System Sweeper:

http://www.sevenforums.com/tutorials/166445-microsoft-standalone-system-sweeper.html

Post back if you need more help.

Regards,
Golden

 

[Britton30]

Yes it is a rogue, fake scan program designed to get money from your. There's a link to MalwareBytes below my sig.
Remove Privacy Protection (Uninstall Guide)
EDIT, or Golden's plan too, we were posting at the same time. You may have to boot into Safe Mode with networking to download anything.

 

[ChopperX]

Okay following the directions.

 

[ChopperX]

Okay so I followed the steps in Brittons post and I seem to have removed it for good. However are my files really infected for good? Do I need to have to reformat? How do I prevent this from happening again? I am currently using Microsoft Security Essentials.

 

[Golden]

Hi,

MSE is fine, but do occasional scans with Malwarebytes (don't forget to update it before using it).

You probably picked up the rogueware whilst downlaoding something from the web - be careful what you download, all is not what it seems.

Regards,
Golden

 

[ChopperX]

Thanks guys I really appreciate the help. You guys rock!

 

[Britton30]

Likely you are clean, but do the MalwarBytes scan anyway. That type of malware generally isn't dangerous but will disable most of your PC trying to protect itself.

 

[Francis93]

It is highly recommended to do a post-virus removal scan using Malwarebytes and different scanners (Hitman Pro, SUPERAntiSpyware, your antivirus). There still could be remnants of it lurking in your PC due to extensive infection.

Download CCleaner too, install it and tick everything before clicking the 'Analyze' button to remove infected cookies, temp files and the like.

It's better to do the aforementioned in Safe mode. Kindly reread the removal instructions for Privacy Protection and in the first few steps you should find instructions how to boot.

 

[klarose1]

Already purchased!!!

I already fell for the privacy protection scam and purchased it yesterday!! Now it's in my computer and I can't open the Internet and it's asking me to purchase more!!! What do I do now???

 

[seavixen32]

You're best bet is to format your hard drive and carry out a clean install of Windows or a factory restore if you are using recovery discs.

 

[Jacee]

Following the advice by seavixen32 ...

If your computer was used for online banking or has credit card information on it, all passwords should be changed immediately to include those used for email, eBay and forums.
You should consider them to be compromised.

They should be changed by using a different computer and not the infected one, if not an attacker may get the new passwords and transaction information.

Banking and credit card institutions should be notified of the possible security breech.

More info can be found below:
How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
How to report ID theft, fraud, drive-by installs, hijacking and malware? Security | DSLReports.com, ISP Information

 

[Meemee]

Did I get it all out??

If I ran tdsskiller and it didn’t detect anything, and if my computer appears to be working properly (I could run my antiviral software and it didn’t come up with anything either), does that mean I’m free of this privacy protection?

 

[Jacee]

Please see this ... removal instructions: Remove Privacy Protection (Uninstall Guide)

 

[Meemee]

I did that, and I did a system restore after that to a few days ago, and I just want to make sure my computer is safe from that

 

[bigcitycat]

I already fell for the privacy protection scam and purchased it yesterday!! Now it's in my computer and I can't open the Internet and it's asking me to purchase more!!! What do I do now???

Call your bank and cancel the transaction. Have them issue a new card.

 

[Jacee]

@ Meemee did you have "System Protect" on your computer?

 

[Shift209]

I've recently been hit by this too. Malwarebytes seems to have taken care of the problem already, the only concern I have are about the few items lingering in my system configuration's startup menu.

I manually disabled these when Spybot's TeaTimer (I think) was spamming me with alerts to allow or deny changes being made in my start up. This all happened when taking care of privacy protection. Since then I've updated Malwarebytes and used quick scan with no more problems being found.

A lot are the same dwme.exe in my AppData\Roaming\ folders. There's also .exe's in my C:\windows\system32\ folder.

Not sure if they're doing anything, just feel uneasy with them being there

 

[Britton30]

Hi Shift and Welcome. Exe's in system32 is fine, many Windows components live there and in system. Those listed in you snip don't look valid though. You should also run a full MalwareBytes scan.

   Note

If others have this same infection, please read through this thread and try the suggestions here. If you have no luck, start a new thread in the Security forum outlining the steps you've taken. Jacee has posted a way to manually remove Privacy Protection below.

 

[Meemee]

@jaycee:

I don't know what that is, if that's part of the privacy protection thing I don't know, but it it's a legit antiviral software I may or may not have downloaded at some previous time, no I don't have it