Results 1 to 3 of 3

Thread: Win32.TrojanDownloader.Swizzor.br

  1. #1

    Default Win32.TrojanDownloader.Swizzor.br

    While doing a scan on my laptop using adaware, I keep getting the above malware even though I have deleted it completely. Anyone knows how to remove this thing completely from my laptop?

    Vendor:Win32.TrojanDownloader.Swizzor.br
    Category:Malware
    Object Type:Process
    Size:-
    Location:c:\docume~1\locals~1\temp\wjyylxgm.exe
    Last Activity:11/15/2004 4:22:33 AM
    Risk Level:High
    TAC index:8
    Comment: (CSI MATCH)
    Description: Distributed through unsolicited installations. Runs in stealth. Downloads and installs various third party malware objects.

  2. #2

    Default

    Quote Originally Posted by sathea
    While doing a scan on my laptop using adaware, I keep getting the above malware even though I have deleted it completely. Anyone knows how to remove this thing completely from my laptop?

    Vendor:Win32.TrojanDownloader.Swizzor.br
    Category:Malware
    Object Type:Process
    Size:-
    Location:c:\docume~1\locals~1\temp\wjyylxgm.exe
    Last Activity:11/15/2004 4:22:33 AM
    Risk Level:High
    TAC index:8
    Comment: (CSI MATCH)
    Description: Distributed through unsolicited installations. Runs in stealth. Downloads and installs various third party malware objects.
    Take a look here:

    http://securityresponse.symantec.com...ader.aphe.html

    there's removal instruction also.

  3. #3

    Default

    press window + r

    type msconfig, click ok

    go to Startup tab, search for Bore, bored, etc.. If you are not sure, look under the command column, and try to see if there's a single path that leads to c:\docume~1\locals~1\

    uncheck that box

    if you want to delete it manually, these are the additional steps:

    click on the boot.ini tab, select safeboot, then restart

    ignore the msconfig window that pops up

    when windows load, go to your file explorer, click on tools, folder options. go to the view tab, and check "show all hidden files and folders"

    then go to c:\documents and settings\your account name\my documents\application data\

    try looking for weird folders.. the names are not always the same.. but some used are bore, bored, lop, etc. The folders would usually contain only exe files, or exe and .dll files.

    delete them.

    when all is done, go back to your msconfig window, and go to the boot.ini tab. uncheck the safeboot thingy. Restart..

    VOILA.

    right, be sure to do a system restore point before you commence on the second part..

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •