Adware found but not eliminated.

[Guest]

My Norton Antivirus program has detected two adware programs, but refuses to take any steps to delete them. Considering that the programs listed are \WINDOWS\sysdll.reg and \WINDOWS\winlogon.exe, the reluctance seems reasonable to me. However the adware programs appear to be creating problems in my system, and I'm not sure how to deal with them. Would the Windows System Restore be able to swap them with the uninfected versions, and if so, would there be any other serious side effects to consider. (I've never used system restore and would like to determine potential problems before using it.
Thank You

 

[Will Denny]

Hi

NAV *****tries***** to detect viruses. It doesn't, and can't, detect spyware. Try SR. If that doesn't work, please post back.

--

Will Denny
MS-MVP Windows - Shell/User


| My Norton Antivirus program has detected two adware programs, but refuses to take any steps to delete them. Considering that the programs listed are \WINDOWS\sysdll.reg and \WINDOWS\winlogon.exe, the reluctance seems reasonable to me. However the adware programs appear to be creating problems in my system, and I'm not sure how to deal with them. Would the Windows System Restore be able to swap them with the uninfected versions, and if so, would there be any other serious side effects to consider. (I've never used system restore and would like to determine potential problems before using it.)
| Thank You

 

[Guest]

Well I have been having the same problem, for about a week... I have McAfee, and I did an update and that seemed to get rid of the downloader trojan...... The problem is,,,,, now XP is messed up,,,,, and it won't let me do a System Restore... And if thats not bad enough,, in all my atempts to fix all of this, seem to have erased all of the previous restore points....

 

[Will Denny]

Hi

McAfee isn't too 'good' for XP either. There are problems with various AV programs and XP. For the moment, could I suggest that you download a free copy of AVG - www.grisoft.com - see how that works with your system.

--

Will Denny
MS-MVP Windows - Shell/User


| Well I have been having the same problem, for about a week... I have McAfee, and I did an update and that seemed to get rid of the downloader trojan...... The problem is,,,,, now XP is messed up,,,,, and it won't let me do a System Restore... And if thats not bad enough,, in all my atempts to fix all of this, seem to have erased all of the previous restore points.....
|

 

[Rosanne]

My Norton Antivirus program has detected two adware programs, but refuses to take any steps to delete them. Considering that the programs listed are \WINDOWS\sysdll.reg and \WINDOWS\winlogon.exe, the reluctance seems reasonable to me. However the adware programs appear to be creating problems in my system, and I'm not sure how to deal with them. Would the Windows System Restore be able to swap them with the uninfected versions, and if so, would there be any other

serious side effects to consider. (I've never used system restore and would like to determine potential problems before using it.)

Thank You

I'd only use System Restore as a last resort. If your system isn't too
far gone, I'd download and execute the following programs:

Spybot Search & Destroy (http://www.safer-networking.org) - I think the
current download has the latest definitions, but you might want to hit
"update" before you do anything else. Once you've downloaded and run
it, set it to "Immunize" and it will block a lot of malware.

Lavasoft AdAware (http://www.lavasoftusa.com/) - only the paid version
of this is automatic. I'd stick with the free version for now.
Download it, hit "update" to get the latest definitions, then run it.

The winlogon.exe in the WINDOWS folder is a fake. The real one lives in
WINDOWS/SYSTEM32. Take a look

I'd imagine it's the same with sysdll.reg, if it's supposed to be there
at all.

The program CWShredder also comes highly recommended for severe
infestations of CWS, although I've never used it. You can find it at
http://www.thespykiller.co.uk. They're under a lot of Denial of Service
attacks lately (blocking adware... DOS attacks... Hmmmmmm...), so I'd
only use this if I had to. Do NOT go to the original site - merijn.org
for it - that one appears to have been taken over. My hosts file won't
let me see anything on it, so I suspect it's been redirected.

Of course, none of the above advice means anything unless you have all
of your MS Critical Updates and your antivirus program is up-to-date and
running. That comes first. I'd also make sure I had a firewall
running.

Hope this helps!

~ Rosanne

 

[Guest]

Hmm, thanks. Your right as far as the winlogon.exe goes, looking at it with window's explorer it's described as "rsocal MFC Application". Now in point of fact my system has not taken all that much trouble in general, though partially that's because I had downloaded Spybot S&D a while back and use it periodicly. Of corse in this case, while it killed additional adware grafted onto my system, it missed the two instigating files. I've just grabed and run AdAware, It spotted a number of extra programs to deal with. (One other source mentioned that AdAware and SpyBot S&D work well in tandem, as they each are better at a different type of scanning

Well I'll have to reboot my system, to be sure, but in general I'm optomistic

Thank YOu

 

[bizbee]

On Sun, 25 Apr 2004 12:21:02 -0700 in
<[email protected]>, James R.

Well I have been having the same problem, for about a week... I have McAfee, and I did an update and that seemed to get rid of the downloader trojan...... The problem is,,,,, now XP is messed up,,,,, and it won't let me do a System Restore... And if thats not bad enough,, in all my atempts to fix all of this, seem to have erased all of the previous restore points.....

line length!!!

 

[bizbee]

My Norton Antivirus program has detected two adware programs, but refuses to take any steps to delete them. Considering that the programs listed are \WINDOWS\sysdll.reg and \WINDOWS\winlogon.exe, the reluctance seems reasonable to me. However the adware programs appear to be creating problems in my system, and I'm not sure how to deal with them. Would the Windows System Restore be able to swap them with the uninfected versions, and if so, would there be any other serious side effects to consider. (I've never used system restore and would like to determine potential problems before using it.)
Thank You

line length!!