browserquestions@yahoo.com wrote:
> On Nov 26, 10:39 am, "PA Bear [MS MVP]" <PABear...@gmail.com> wrote:
>> browserquesti...@yahoo.com wrote:
>>
>> <snip>
>>
>>> Malwarebytes found 6 backdoor bots and some infected files:
>>> svchost.exe, twext.exe
>>> that the other spyware tools missed.
>>> My IE 6 browser is back to normal now.
>>
>> But is the computer free of any/all hijackware?
>
> The saga continues.
>
> After the initial cleanup using Malwarebytes Anti-Malware and
> SUPERAntiSpyware,
> MBAM found an additional Trojan.Downloader in a system restore point.
> Next day, it found
> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
> \iepinit_dlls (Spyware.Agent.H) -> Quarantined and deleted
> successfully.
> and C:\WINDOWS\system32\nvaux32.dll (Spyware.Agent.H)
>
> Next day,
> my Computer Associates AntiVirus v8 reported a couple of instances of:
> Win32/Pruserinf.Y
> on the infected laptop, and now also on a Desktop PC that was shared
> via a network share!
>
> I Installed avast! on the laptop, and during the initial boot up scan,
> it found:
> Win32:Zbot-ASN [Trj]
> Win32:Invo [Cryp]
>
> But now, CA anti-virus on the laptop crashes (conflict with avast! ?)
>
> My laptop Firewall (ZoneAlarm free) reports outbound requests in the
> middle of the night from strangely named .exe file from the Windows
> \temp folder.
>
> I've also upgrade the MSIE on the laptop to v7, but use Firefox v3 as
> the default.
>
> Is there something still hiding in the laptop, and generating all
> these other trojans?

Yes.