hello,
I have on my computer (winxp) norton AV, Spybot/spysubtract, CWS shredder 2.12, and Hijack this.

1) I cannot get rid of any of my pwsteal trojans or backdoor trojans in Norton in Safe mode. The viruses remain in quarantine, but cannot be deleted.

2) In safe mode, CWS shredder has scanned and removed CWS.bootconf and CWS.Svchost32. But when I rescan in Normal mode it reapears at each scan even after it supposedly 'fixed' it. Incidently, everytime I press 'fix' at first attempt, the application closes -"CWS shredder has encountered a problem and will be closed..."

3) I cannot empty my trash bin. although there are no files when I double click, It still asks me 'are you sure you want to delete these files...".

4) in Safe mode, there are no malicious files logged. Yet in normal mode, there are always '01 hosts.69.20.16.183 ieautosearch.'

My windows are up to date. any suggestions? thanks.

You could try following the comprehensive steps found in General Cleaning (http://www.wilderssecurity.com/showpost.php?p=256853), though I suspect you will need to download and run “Hijack This” found here (http://www.wilderssecurity.com/showthread.php?t=12516) and post your log at one of the forums found at A-SAP (http://a-sap.org/).

Hope this helps…

Let us know how you go.

Cheers ;D

-{ Quote: "hello,
I have on my computer (winxp) norton AV, Spybot/spysubtract, CWS shredder 2.12, and Hijack this.

1) I cannot get rid of any of my pwsteal trojans or backdoor trojans in Norton in Safe mode. The viruses remain in quarantine, but cannot be deleted.

2) In safe mode, CWS shredder has scanned and removed CWS.bootconf and CWS.Svchost32. But when I rescan in Normal mode it reapears at each scan even after it supposedly 'fixed' it. Incidently, everytime I press 'fix' at first attempt, the application closes -"CWS shredder has encountered a problem and will be closed..."

3) I cannot empty my trash bin. although there are no files when I double click, It still asks me 'are you sure you want to delete these files...".

4) in Safe mode, there are no malicious files logged. Yet in normal mode, there are always '01 hosts.69.20.16.183 ieautosearch.'

My windows are up to date. any suggestions? thanks." }-
Hiding in a system restore point?

I guess so...I turned off system restore that was described in the above link of the above post....but problems still persist.

Hi, newbs

-{ Quote: "I cannot empty my trash bin. although there are no files when I double click, It still asks me 'are you sure you want to delete these files..."." }-
As you are using Norton, the file in the recycle bin are protected and can not be delete from there.

You have to delete them from within the Norton Window, I can not remember how. [have not used Norton since early 2002]

Sorry not to be of more help.

Take Care,
TheQuest 8)

after going through the general cleaning procedures, Once I restart in normal mode, trojanHunter had encountered a trojan "vx2.100" then a message:

unable to rename file C:\WINDOWS\system32\dgrgsnap.dll (The process cannot access the file because it is being used by another process). Scheduling file to be renamed on reboot
Trojan cleaning finished.

at this point when I click on the task bar(bottom of screen) the taskbar disappears. each time I reboot the same message appears, I & cannot delete this vx2 trojan.

-{ Quote: "...I & cannot delete this vx2 trojan." }-There is a VX2 cleaner amongst the steps of General Cleaning (http://www.wilderssecurity.com/showpost.php?p=256853), and all of the steps should be completed in Safe Mode...

Cheers ;D

hello, I have run vx2 cleaner and here are the results. nothing came under the delete file section. so I did not delete anything.

Log for VX2.BetterInternet File Finder

Files Found---


Guardian Key--- is called:

User Agent String---
{5FC8B3CB-5371-4100-8319-22429ED979E6}

At this point I would download and run “Hijack This” found here (http://www.wilderssecurity.com/showthread.php?t=12516) and post your log at one of the forums found at A-SAP (http://a-sap.org/).

Hope this helps…

Let us know how you go.

Cheers ;D