Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spyware That Spy Sweeper Can't Get Rid Of


  • Please log in to reply
5 replies to this topic

#1 Conface

Conface

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:35 PM

Posted 03 August 2006 - 11:32 AM

Every time I use Spy Sweeper it comes up with a few of the same infections.

Trojan-Download-Zlob and Trojan agent winlogonhook.

They come up every time I scan and I quarentine and delete them every time, but they come back with each new scan. These popups are getting annoying does anyone have a permanent solution to my problem?

Thanks in advance for the help!

BC AdBot (Login to Remove)

 


m

#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,588 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:35 PM

Posted 03 August 2006 - 11:51 AM

Hello Conface

If your using Win XP or 2000, do this.

First, print out these instructions, or copy them to a NotePad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.

Then please download, install and update Ewido Anti-Spyware v4.0. DO NOT perform a scan yet.
Print out the Ewido Install and Scan Instructions.

Go here and follow the instructions for using SmitfraudFix. Read "How to create/extract a ZIP File in Win ME/XP/2003" or "How to create/extract a ZIP File in Win 9x/2000" if your not sure how to do this.

After using the tool reboot again in "SAFE MODE" and Clean out your Temporary Internet files as follows:
  • Quit Internet Explorer and quit any instances of Windows Explorer.
  • Click Start, click Control Panel, and then double-click Internet Options.
  • On the General tab, click "Delete Files" under Temporary Internet Files.
  • In the Delete Files dialog box, tick the "Delete all offline content check box", and then click "OK".
  • On the General tab, click "Delete Cookies" under Temporary Internet Files, and then click "OK".
  • Click on the Programs tab then click the Reset Web Settings button. Click "Apply" then "OK".
  • Click "OK".
Next Click Start, click Control Panel and then double-click Display. Click on the Desktop tab, then click the Customize Desktop button. Click on the Web tab. Under Web Pages you should see a checked entry called Security info or something similar. If it is there, select that entry and click the Delete button. Click "Ok" then "Apply" and "Ok".

Empty the Recycle Bin by right-clicking the Recycle Bin icon on your Desktop, and then clicking Empty Recycle Bin.

Then scan with Ewido per the instructions you printed out and reboot back to normal mode.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Conface

Conface
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:35 PM

Posted 03 August 2006 - 05:15 PM

Thanks alot man, that helped alot. But I still have one thing that ewido always detects and quarentines at startup: Adware.Virtumonde

Ewido can't seem to get rid of it, any help with this one?

Again thanks in advance.

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,588 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:35 PM

Posted 03 August 2006 - 05:18 PM

I thought you might be dealing with multiple infections here.

Now see the self-help tutorial How To Remove Winfixer/Virtumonde/Msevents/Trojan.vundo.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 Conface

Conface
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:35 PM

Posted 04 August 2006 - 04:16 PM

Great that got rid of it, thank you very very much!!!!

Computer is running great now, for the first time in a few weeks!

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,588 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:35 PM

Posted 04 August 2006 - 05:09 PM

Good job. :thumbsup:

Now you should SET A NEW RESTORE POINT to prevent reinfection from an old restore point. Any malware you picked up could have been saved in System Restore. Since System Restore is a protected directory, your tools can not access it to delete these bad files which can reinfect your system. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to set a new RESTORE POINT:
1. Go to Start > Programs > Accessories > System Tools and click "System Restore".
2. Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
3. Then go to Start > Run and type: Cleanmgr
4. Click "OK".
5. Click the "More Options" Tab.
6. Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users