returning spywhare and defender pro

[Jspeedo]

I have defender pro. It quarantines "Trojan v7 and I delete it, I do
another scan latter and defender pro quarantines "Trojan v7 again. I
must be doing some thing wrong. Question is, what am doing wrong
causing it to return?

 

[Maurice N ~ MVP]

Hello Jspeedo,
Use Windows' Disk Cleanup to delete all temporary files.

Download & save Malwarebytes Anti-Malware from
http://www.besttechie.net/tools/mbam-setup.exe or
http://malwarebytes.gt500.org/mbam.jsp
Double Click mbam-setup.exe to install the application.
Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware
and Launch Malwarebytes Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform FULL Scan, then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be
prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the
Logs tab in MBAM.
Copy & Paste the entire report in a new reply as soon as it has finished.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented
with 1 of 2 prompts.
click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

MBAM is an excellent first-line program to use and keep.

Checking for/Help with Malware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://aumha.net/viewtopic.php?t=5878
http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/data/prevention.htm
http://inetexplorer.mvps.org/tshoot.html
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://defendingyourmachine.blogspot.com/
http://www.elephantboycomputers.com/page2.html#Removing_Malware

** Help at malware removal forums: Read the topmost directions at the
forum and Post your logs as required by the forum to one (and only one) of
the following
http://aumha.net/viewforum.php?f=30,
http://www.bleepingcomputer.com/forums/forum22.html,
http://forum.malwareremoval.com/viewforum.php?f=11
http://forums.spywareinfo.com/index.php?showforum=18
http://www.spywarewarrior.com/viewforum.php?f=5&sid=24750ebcb0d878746c0ca7ab9210f7ae, http://forums.subratam.org/index.php?showforum=7, http://forums.spybot.info/forumdisplay.php?f=22 or other appropriate forums for expert analysis, not here.**Make very sure you read and follow the very topmost instructions at theforum you have selected.Do NOT post your logs here.--Maurice NMS-MVP--"Jspeedo" <[email protected]> wrote in messageI have defender pro. It quarantines "Trojan v7 and I delete it, I do> another scan latter and defender pro quarantines "Trojan v7 again. I> must be doing some thing wrong. Question is, what am doing wrong> causing it to return?>> --> Jspeedo

 

[Jspeedo]

Malwarebytes' Anti-Malware 1.24
Database version: 1043
Windows 5.1.2600 Service Pack 2

11:33:39 PM 8/11/2008
mbam-log-8-11-2008 (23-33-39).txt

Scan type: Full Scan (C:\|D:\|E:\|)
Objects scanned: 179464
Time elapsed: 58 minute(s), 34 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 5
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Interne
Explorer\SearchScopes\{5b4c3b43-49b6-42a7-a602-f7acdca0d409
(Adware.OneStepSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) -
Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ONESTEP_SEARCH_SERVIC
(Adware.OneStepSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) -
Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3ps
(Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

 

[Maurice N ~ MVP]

MBAM has found some adware. You may well have some other residual malware.

Read the topmost directions at one of the following forums
and post your logs as required by that forum.
Do NOT post your logs here on the MS newsgroups.

http://aumha.net/viewforum.php?f=30,
http://www.bleepingcomputer.com/forums/forum22.html,
http://forum.malwareremoval.com/viewforum.php?f=11
http://forums.spywareinfo.com/index.php?showforum=18
http://www.spywarewarrior.com/viewf...p://forums.subratam.org/index.php?showforum=7, http://forums.spybot.info/forumdisplay.php?f=22or other appropriate forums for expert analysis, not here.**Make very sure you read and follow the very topmost instructions at theforum you have selected.All the best.--Maurice NMS-MVP--"Jspeedo" <[email protected]> wrote in messageMalwarebytes' Anti-Malware 1.24> Database version: 1043> Windows 5.1.2600 Service Pack 2>> 11:33:39 PM 8/11/2008> mbam-log-8-11-2008 (23-33-39).txt>> Scan type: Full Scan (C:\|D:\|E:\|)> Objects scanned: 179464> Time elapsed: 58 minute(s), 34 second(s)>> Memory Processes Infected: 0> Memory Modules Infected: 0> Registry Keys Infected: 5> Registry Values Infected: 0> Registry Data Items Infected: 0> Folders Infected: 0> Files Infected: 0>> Memory Processes Infected:> (No malicious items detected)>> Memory Modules Infected:> (No malicious items detected)>> Registry Keys Infected:> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet> Explorer\SearchScopes\{5b4c3b43-49b6-42a7-a602-f7acdca0d409}> (Adware.OneStepSearch) -> Quarantined and deleted successfully.> HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) ->> Quarantined and deleted successfully.>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ONESTEP_SEARCH_SERVICE> (Adware.OneStepSearch) -> Quarantined and deleted successfully.> HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) ->> Quarantined and deleted successfully.> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss> (Adware.MyWebSearch) -> Quarantined and deleted successfully.>> Registry Values Infected:> (No malicious items detected)>> Registry Data Items Infected:> (No malicious items detected)>> Folders Infected:> (No malicious items detected)>> Files Infected:> (No malicious items detected)>

 

[Jspeedo]

How do I clean the malwhere up. I've been using Ad-aware SE personal
also.

 

[Maurice N ~ MVP]

Select one of the forums I listed (the list I had in my last reply). My
list has 7 of them pick 1.
You'll get guided help at a forum.
While Ad-aware SE is ok, it is not enough to get serious trojan infections.
No one single tool is enough.

 

[Jspeedo]

I did this post on
AumHa forums

Select one of the forums I listed (the list I had in my last reply). M

list has 7 of them pick 1.
You'll get guided help at a forum.
While Ad-aware SE is ok, it is not enough to get serious troja
infections.
No one single tool is enough.

--
Maurice N
MS-MVP
--
"Jspeedo" (e-mail address removed) wrote in message

How do I clean the malwhere up. I've been using Ad-aware SE personal
also.



Jspeedo;3167452 Wrote:-
I have defender pro. It quarantines "Trojan v7 and I delete it, I do
another scan latter and defender pro quarantines "Trojan v7 again
I
must be doing some thing wrong. Question is, what am doing wrong
causing it to return?-

 

[Maurice N ~ MVP]

Make sure you follow the steps outlined for you at Aumha, by Bill Castner,
MS-MVP.
All the tools used for malware removal are free. If you will follow-up with
that, it would be to your benefit.