Spyware Location

[Buswaybob]

Each auto spyware scan, the same spyware threat is
detected and removed. My question is: how do I find out
how it gets in and prevent it from happening. It is
called "EGroup.IEAccessC (Dialer)"

 

[Engel]

Steps to take if you have spyware that is not removed by
Microsoft Windows AntiSpyware (beta)
1) Open up AntiSpyware
2) Click Tools at the top
3) Click "Submit a Suspected Spyware Report"
4) Fill out the form with as much detail so they can
analyze quickly

See
http://labs.paretologic.com/spyware.aspx?remove=EGroup


From: "AndyManchesta" Sent: 8/28/2005 10:03:15 AM

Here's a fix for IE Access Dialer:

Download Merijn's new program "Brute Force Uninstaller"

http://www.merijn.org/files/bfu.zip

save it to a folder of it's own (like c:\BFU) and extract
the files

Next Download IEACCESS remover.

http://andymanchesta.com/DL/ieaccess.zip

Save it into the BFU folder and then extract the files.

Start the BFU program by doubleclicking BFU.exe

In the 'scriptline to execute' Line you will see another
small box at the end of this area with '..' inside the
box, Press this and then find the ieaccess file then
double click it so in the Scriptline To Execute window it
then shows:

C:\bfu\ieaccess\ieaccess.bfu

Then Press 'execute' and let it do it's job

When its finished Open Control Panel Then > Internet
Options > on the programs tab press reset web settings
then goto the General tab and change your startpage to
the one you want and press apply .

If you have other malware issues as well as this then
download Ewido Security Suite and run this in safe mode
with your other Antispy Applications to remove the malware

Let me know if you have any problems,

Regards Andy

The Brute Force Uninstaller seems to have worked with
others posts.

I hope these references, help you

Engel

 

[Bill Sanderson]

Do a manual scan--one you initiate yourself:

Better yet, do this in safe mode--restart Windows, and press the F8 key
several times before the initial Windows screen appears.

Hover the mouse over Last Scan, and move it to the right and down to Run a
scan.

Select a full deep scan.

When the scan completes, it will display the results, including the
locations of the precise items found. I believe this information is also in
the scan history, accessable via Tools, Spyware Scan, view Spyware scan
history.

Go ahead and remove the scan after the scan, and then run another scan and
see if that one comes through clean. If it does, you are done.

There are several possibilities for what is happening: Often, I believe
what you are seeing indicates incomplete cleaning--a piece of the threat is
being left behind, and it is regenerating.

It may also be that the threat is being detected in the System Restore
storage area. This is of very little concern, unless you use such an
infected restore point to restore your system. If you us the System Cleanup
tool, you can delete all but the most recent restore point--this is a good
safe way to clean out the System Restore storage area.