Jump to content

gap

Members
  • Posts

    2
  • Joined

  • Last visited

Everything posted by gap

  1. As a followup... Norman only found popcaploader. I deleted all files and reg keys it created, and then went to C:\documents and settings\all users\application data\microsoft\internet explorer\dlls and deleted all files in the folder using runas cmd with the only account that had rights to that folder. I can now install valid anti-spyware software. The bad thing is, BSODs while running the scans. More research. gap
  2. There appears to be a new "smarter" version of spywareguard 2008, that will not allow the installation of any program that can clean the machine. I was able to run the Norman scanner, but it doesn't appear to clean this version. Has anyone been able to find the hidden executable that keeps replacing all the files and reg entries that get deleted by the tools/manual removal? I found the DLLs in the C:\Documents and Settings\All Users\Application Data\Microsoft\Internat Explorer\DLLs folder, and have set the File Permission to Deny for all accounts but one Admin account. I am not sure if this can be done on XP Home. I also had to take ownership of the files, as the permission had been set based on the user account that was logged on when the malware installed itself. I am now able to logon with a limited user account, without spywareguard starting up, but I still cannot get malwarebytes to install. The executable launches (RunAs), and then disappears. I will let Norman Malware Cleaner run all night, and see if it can repair it further. I hope this helps someone smarter than me to run this to ground. gap
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.