win32/reno

  • Thread starter Thread starter Bill
  • Start date Start date
B

Bill

I have this spyware, defender identifies it as a high risk problem and
removes it. but then if I reboot it comes back. How do I get rid of this
permanently?
 
yup.

last night I would boot into safe mode, run defender, and it would clean it
out. (If I wasn't in safemode I got a warning to shut down IE so files could
be removed)

reboot into safe mode, as I recall it was ok

reboot into normal mode, the sujmptoms were back. it's like there is a
program that spawns the spyware, defender get's rid of the spyware but not
the program that spawns it
 
OK. RU using XP as your OS?

Stu



Bill said:
yup.

last night I would boot into safe mode, run defender, and it would clean it
out. (If I wasn't in safemode I got a warning to shut down IE so files could
be removed)

reboot into safe mode, as I recall it was ok

reboot into normal mode, the sujmptoms were back. it's like there is a
program that spawns the spyware, defender get's rid of the spyware but not
the program that spawns it
Click to expand...
 
OK. Try this.

First delete your system restore points in XP cos if you have an infection
it may well be contained in a System Restore point and reinfect at a latter
time: here`s how:

http://www.lockergnome.com/windows/2005/04/12/delete-system-restore-points-to-free-disk-space/

Reboot into safe mode then try WD again making sure you have the latest defs
first.

They are available here on a daily basis for 32/64 bit systems.

http://www.microsoft.com/security/portal/

Stu





on a daily basis:. I would suggest at least three passes in safe mode? If
you don`t get a `clean bill of health` post back here.

Stu
 
Somewhat foolishly, i never made system restore points, unless they are made
automagically

Unless the defs have been updated in the last few days, i have latest defs,
I've repeatedly ran Defender in safe mode, every time I do it, I can reboot
in safe mode, run defender again, and it finds nothing. I boot back into
normal mode, and my desktop has changed; all the symptoms are back
 
What the name of the spyware identified by DFNDR?
Go through these Cleaning steps:
1... First, try to clean up your caches, Internet files and delete cookies
by doing this:
Click Start >> Control Panel >> Double click Network and Internet
Connections >> Double click Internet Options.
On the IE properties windows you will see these Tabs:
General | Security | Privacy | Content | Connections | Programs |
Advanced
Under General Tab clear your History, Internet Files and Cookies.
Then click on Advanced tab and scroll down to under the Browsing Option:
[&] Browsing
[ ] Enable Third-Party browser extensions (Req Rest) uncheck this box.
Then click on Programs Tab and click Manage Add-Ons and Disable all non
Verified Add-Ons (You should Renable them later one-by-one and see the
culprit and update it or remove it.
How to manage Add-Ons:
http://support.microsoft.com/kb/883256
Scan for malware from here:
SuperAntispyware - Free
http://www.superantispyware.com/superantispywarefreevspro.html
Download, install and run a full scan with Malwarebytes
http://www.malwarebytes.org
Run a scan from here on-line:
http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
Download Avast Cleaner (offline scanner) from here:
http://www.avast.com/eng/avast-virus-cleaner.html

Run disk clean up on your Drive.
You can download this tool o run clean up:
http://www.ccleaner.com
Comodo BOClean : Anti-Malware Version 4.27
http://www.comodo.com/boclean/boclean.html

You can download this tool "AutoRuns for Windows"
http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
Don't forget to flush your System Restore after doing these cleaning steps
then create a clean Restore point.
Clear the Restore Points as they seems to be infected by the trojans!
Do this:
Right click "My Computer" icon and select Properties from the drop down list.
On the system Properties click on System Restore Tab and check this box:
[ ] Turn off System Restore on all drives

Click [Apply] then click [OK] try to access some programs on your machine
then do the stpes again to access the System Restore to create a new clean
restore Point and this time Uncheck the check box [ ].
Right click "My Computer" icon and select Properties from the drop down list.
On the system Properties click on System Restore Tab and Uncheck this box:
[ ] Turn off System Restore on all drives

HTH
nass
 
Back
Top