Win Defender cannot remove spyware

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by claptrap, Mar 9, 2006.

  1. claptrap

    claptrap Private First Class

    When I downloaded Windows Defender beta (I preferred the previous version), I started having problems with my computer, though I dont know if Defender could be blaimed: Windows would crash at shut down and letters would print on the monitor slower than I could type, and that's slow! These problems sorted themselves out when I ran Win Doctor from old Norton Utilities (designed for Win98).

    I have a habit of running UW Cleaner and CCleaner after I've been on Internet and I check Spywareblaster, Spybot and Adaware for updates every day. My Avast virus checker should update itself every day, but it stopped reporting this when I downloaded Defender, although Avast still seems to be working ok: downloading updates manually I always get a message that the files are up tp date. For firewall I use Zonealarm Pro, which comes with its own spyware checker that runs every day.

    Now, whenever Defender runs a check (quick check, I cannot remember how to change this to a full one) it comes up with the same two pieces of malware as it fails to delete them. These programs do not flash up in any other of the spyware removal programs, which makes me wonder about the beta status of Defender, but then Adaware and Spybot are free and cannot be expected to be foolproof. Can anyone confirm that we are dealing with real spyware here and how to remove them manually? Please keep in mind that I have no techical knowledge, when you write instructions:

    [FONT=&quot]WhenU.SaveNow[/FONT]
    [FONT=&quot]H:\Claptrap's hard drive\Linux 8.1\Software\Linux\SuSE 8.1 Personal\disc1.ISO->dosutils\vnc\vnc-3.3.3r9_x86_win32.tgz->(GZip)->vnc_x86_win32/winvnc/data1.cab->(ishld#0000)[/FONT]
    [FONT=&quot] [/FONT]
    [FONT=&quot]RealVNC[/FONT]
    [FONT=&quot]C:\Documents and Settings\Claptrap\My Documents\Downloads\Screensavers\xts_inst.exe->(WiseSfx)->(wise0022)[/FONT]
     
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    WinVNC and RealVNC are not malware. But did you download them to your PC to use them for remote access?

    xts_inst.exe is possibly malware especially if it is a ScreenSaver. This was (I believe) a Christmas Tree screen saver. Just manually delete the file.

    Note: Be very careful if you have other Screensavers in that folder. Many screen saver downloads are nothing but trouble.
     
    Last edited: Mar 12, 2006
  3. claptrap

    claptrap Private First Class

    I don't think I have, but these files came with a backup of my old computer: it's such a long ago that I don't even remember what they could be associated with. I definitely don't need any remote control facilities myself.

    I think I found out why Win Defender cannot delete these files: it cannot delete any archived files. As it was someone else who backed the old pc into my secondary HDD, I'm not sure how these files appear, I mean are they archived or not.

    I'm not on my pc but while I'm here, I'd like your opinion about the Yahoo antispyware tool that comes with Yahoo toolbar (came along with yahoo IM)? Its the only thing I can think of why I would want it al all! Otherwise the toobar just takes up too much space from my 14" laptop screen.
     
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Well then uninstall WinVNC and RealVNC if they are seen in Add/Remove programs.

    As I said in my last message, delete the file yourself.

    I personally would not use or recommend Yahoo antispyware or any toolbars of anykind (unless you really need the toolbar which is not normally the case. ) Just uninstall them if you do not want them.
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds