Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't remove trojans


  • This topic is locked This topic is locked
6 replies to this topic

#1 Mr_Twister

Mr_Twister

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 14 April 2009 - 11:49 PM

Hello, I recently did a scan of my computer using McAfee Security Suite and the results were:

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|userinit" "Spy-Agent.bw!mem" "14"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|userinit" "Spy-Agent.bw!mem" "14"
"C:\WINDOWS\system32\ntos.exe" "Spy-Agent.bw!mem" "5"
"C:\WINDOWS\system32\twex.exe" "Spy-Agent.bw!mem" "5"
"C:\WINDOWS\system32\twext.exe" "Spy-Agent.bw!mem" "5"
"C:\WINDOWS\system32\winlogon.exe" "Spy-Agent.bw!mem" "10"

Theses results continue to appear even after it had said they were removed. I also did a scan using Malwarebytes' Anti-Malware and the only threat in the results was:

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) -> Quarantined and deleted successfully.

I have also tried to remove it a few times and each time it keeps reappearing just like the others. Another problem I have is that whenever the computer is connected to the internet, McAfee advises that it has blocked a change to:

C:\WINDOWS\system32\svchost.exe

Any help is highly appreciated, thank you.

BC AdBot (Login to Remove)

 


#2 Mr_Twister

Mr_Twister
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 17 April 2009 - 09:51 AM

I should also add that every once in awhile when on the internet. The browser would freeze and stay blank. I'm not sure if this is attributed to anything but I don't get any error messages at all like I would normally get when this happens..

#3 TSalarek

TSalarek

  • Members
  • 135 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Kentucky and Florida, USA
  • Local time:05:45 AM

Posted 17 April 2009 - 10:52 AM

Info on this bug:

McAfee: http://vil.nai.com/vil/content/v_142956.htm

MBAM forum: http://www.malwarebytes.org/forums/index.php?showtopic=13671 **read all the way through: cleaning this bug improperly can kill the OS (see post #4, specifically)

are you XP or Vista?

Read up, then sit back and wait for one of the boss techs to chime in....I would, but I'm slammed right now with in-person cases.

#4 Mr_Twister

Mr_Twister
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 17 April 2009 - 11:39 AM

Okay, will do. I am using Microsoft XP. Thanks for the info.

#5 Mr_Twister

Mr_Twister
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 17 April 2009 - 07:40 PM

Another thing that im beginning to notice is that the computer takes almost twice as long to boot up and surfing the internet in very slow.

#6 Mr_Twister

Mr_Twister
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 19 April 2009 - 09:58 AM

Anything else I can do?

#7 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:03:45 AM

Posted 19 April 2009 - 09:45 PM

Closed, due to starting another topic:
Logging in problem
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users