Trojan Horse?

[shadowhunter]

Hey every one new to the sight here.....Just wondering if any one knows about the Trojan Horse xxxtoolbar...This virus got into my computer and I could not get it out, it showed up in drive c with a folder that said (peree) and affected sys/32 cmd.exe file, I was running avast hm, ad-aware se and spyware vanisher, after messing around with it for hours I decided to reformat my system, after that it was history, but I spent 8-10 hours setting my computer back up, any one have any suggestions

[MFB]

What OS are you using?

You may use these free anti-Trojan scanners if you didn't:

a-squared Free: http://www.emsisoft.com/en/software/free/

ewindo:  http://www.ewido.net/en/

[shadowhunter]

I am running xp pro, Thanks I will get these programs down loaded incase I run into that pesty worm again.

[Lisandro]

I am running xp pro, Thanks I will get these programs down loaded incase I run into that pesty worm again.

You can you schedule a boot-time scanning. Start avast! > Right click the skin > Schedule a boot-time scanning. Select for scanning archives. Boot.

You should disable System Restore. If you find a virus keeps coming back after you delete it, it's most probably infected the System Restore folder, the best way to solve this is to disable System Restore, reboot your machine and then enable it again. Enable/Disable System restore on Windows XP: http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;310405

Windows attempts to protect files that are deleted from the system folders (just in case it was an accident), so they can be restored if required.
The problem is many malware writers are wise to that and put their files in the system folders, this is also done to confuse you into thinking you could be deleting an important system file. Disable system restore, reboot, scan and if clean enable system restore again.

[FreewheelinFrank]

Spyware Vanisher is a 'rogue' product and not recommended:

Spyware Vanisher  spywarevanisher.com     false positives work as goad to purchase; same company as SpywareBeGone

http://www.spywarewarrior.com/rogue_anti-spyware.htm

Spybot Search & Destroy, X-cleaner, Yahoo! AntiSpy and MS Anti-Spyware are all legitimate and effective free spyware cleaners.

Spybot Search & Destroy: http://www.safer-networking.org/en/download/
MS AntiSpyware: http://www.microsoft.com/downloads/details.aspx?FamilyId=321CD7A2-6A57-4C57-A8BD-DBF62EDA9671&displaylang=en
Yahoo! Anti-Spy: http://toolbar.yahoo.com/
X-Cleaner Free: http://www.xblock.com/download-freeware.php

Webroot SpySweeper is also good and it has a working free trial, as does SpySubtract:

Webroot Spy Sweeper: http://www.download.com/Webroot-Spy-Sweeper/3000-8022_4-10373771.html

SpySubtract:http://www.intermute.com/products/spysubtract.html

You can protect yourself against xxxtoolbar by using SpywareBlaster and IE-Spyad, or by switching to Firefox, which is not affected.

http://www.javacoolsoftware.com/spywareblaster.html
https://netfiles.uiuc.edu/ehowes/www/resource.htm
http://www.mozilla.org/products/firefox/

[polonus]

Hi FreewheelinFrank,

I agree with your opinion completely. It is absolutely vital to stick to  reliable anti-malware software, and the site you advised is the place to go for this information. The forum on spywarewarrior.com and the one at castlecops is very instructive. There are loads and loads of programs pretending to be anti-adware, anti-spyware, anti-trojan and lure you to download their scumware, good for many a false  positive, clearing some malware out, and putting even nastier scumware back. Also some reliable scanners like bazooka leave certain adware out, because else they would have a courtcase on their necks. Bazooka has a list of adware and screensavers it does not scan for. But anyway it lists these omissions.  The anti-malware world is a "shady"world for some  indeed, just like the real world is. But when the spam-man works for the ad-man paid by the number of clicks according to the stat-man, what else would you expect to happen?

greets,

polonus

[shadowhunter]

Thanks every one, Y'all have been most help full, should I delete spyware vanisher? I am some what a beginner at this, I new some soft ware was no good but just did'nt relize that there was that many bogus programs out there, Thanks again!!

[FreewheelinFrank]

You should certainly think about uninstalling the program.

It has been classified as a rogue product because it generates false positives: it gives you a message like 'Spyware Vanisher has found spyware on your computer- please buy the full version in order to remove it' even when your system is clean.

It possibly doesn't actually remove any real spyware at all.

I recommend you use only the free anti-spyware products listed in my previous posting (it's a good idea to use more than one, as they all find different things) or purchase a legitimate program.

The Spyware Warrior link below will tell you which products to avoid; an excellent source of legitimate security products both free and fee is:

http://www.snapfiles.com/

[shadowhunter]

Well as luck would have it, I got a Trojan Horse on my other computer same xxx.toolbar and same file affected, but this one showes up on the hard drive as moio, I was unable to get rid of this and tryied all the soft ware listed here including avast pro, just wanted to let every one know that if you get this virus you are doomed and will proably have to reformat your system, Thanks again for every one's help!!