Help please - Swizzor.br trojan

My PC has the swizzor.br trojan on it. It is not picked up by a virus scan but is by Adaware, I then quarantine and delete it, only for it to reappear again a couple of minutes later. How can I eradicate it completely? Also, I think this may be connected as the two have happened simultaneously, I have a lop.com search bar which keeps surfacing, along with regular pop-ups. I understand this is very hard to get rid of. Any suggestions please?

I run AVG, Adaware, Spybot S & D and Spywareblaster as well as having a hardware firewall so am not sure how my PC has become infected

Thanks in advance for any help.

 

Thank you. Will give it a try.

Ellie

 

This is "how" I got rid of it.
May not be very technical but it worked!
As you noticed, your ad-aware scan provided a different name for the file containing the trojanDownloader each time you scanned the system and 'quarentined' the file. So, there must be a 'mother file' somewhere!
I knew it was located at docum\myname\local settings\temp. However, after booting in safe mode DOS with F8 I could no longer have access to that directory. However, I noticed an equally long 239Kb file, FragAxis.exe, in a strange directory (myname\Application Data\online wma keep) but did nothing at that moment.
I rebooted again and there it was again the trojan Downloader. I quarentined it and watched the system 'task manager, processes': the FragAxis was there! I 'end process' the task and went to the above 'online wma keep' directory and deleted all the files and the directory altogether!
There!
(Can it be 'Skype' the cover for the invasion? Sorry, just guessing)

 

Hi Martinho,

Only just read your post. Thanks for your help - I eventually got rid of the pest by moving all my documents etc. into a separate file, then setting up a new user account, moving the new file over to the new user account, then deleting the old user account. I'm sure it's not a very orthodox way of doing it but hey, it worked for me, after hours and hours of frustration trying to beat the thing.

Thanks again

Scatterbrain

 

For future reference, this particular trojan is a mongrel to delete through normal methods, it comes from LOP, it can be removed by downloading a file from here http://lop.com/new_uninstall.exe then run a fully up-to-date AdAware in “Safe Mode”.

Being that you have this problem, I would suggest after cleaning off Swizzor.br that you run through each and every step found here: https://www.wilderssecurity.com/showthread.php?t=50662

All the best…

Cheers

 

Thanks Blackspear I will do what you suggest. I never seem to pick up any of this rubbish myself, it's always my daughters who manage to infect the system Kids, eh!

 

LOL, not just kids, I have a couple of "Click Happy" people in my household that just looooove to test out the security that I set up

Further down the link I provided are links advising on what security is wise on a PC...

Cheers