I have this nasty trojan, spy-agent.bw!rootkit my mcafee antivirus says its removed but I can scan again immediately and its still there. My computer no longer lets me communicate with mcafee or Microsoft for updates or help. I can still use email and communicate with some websites

 

I have had some experience with removing spyware form infected machines.
I use AVG antivirus the paid version, and Webroots Spy Sweeper.

When I have cleaned up infected PCs, that kills it all.

You can get a free version of AVG at
http://www.avg.com/

For spyware, there are two good free ones.
Adaware
http://lavasoft.com/
Spybot Search & Destroy
http://www.safer-networking.org/index2.html

The latter one has to be run a few times, but it is a good product.

Some say you have to boot to Safe Mode when running these apps.
I never have, and they have cleaned up an infected PC just fine.

In this same forum section are older threads on how to remove spyware/viruses too.

And that tool with Windows called Windows Restore I think it is called, I never run it.
Your backups it keeps can contain a viruses and spyware, and it gets put back on again.
I back up all of my files by an external USB hard drive, so when it is time to clean the PC when it is running bad, I format, reinstall the OS, and then restore my backed up software.

 

it seems like every site that might help me I cant get too. I do and have run the adaware

 

So the trojan must be blocking known URLs to helpful sites.
Bummer...

I know there are some on the forum here that can help, maybe they can chime in later.

I really do like the Webroots Spy Sweeper app I have, as it can block sites that have crap on them.

Look into getting that later when your PC is cleansed.

 

macafee stinger. It's a stand alone utility that works great.

http://vil.nai.com/VIL/stinger/

 

Swerks, if your PC will not let you get to the above site to get the exe file
http://download.nai.com/products/mca...ger1001602.exe
I can download it and host it on my site for you to grab from me.

 

Any of those programs are good. I personally use "hijackthis" and "spybot search and destroy" when fixing other peoples computers.
It helps if you run the programs in "safe mode". Restart the computer and before you see anything on the screen, press F8 and keep pressing it until you get some text on the screen. Use the arrow key to get to the top selection and press enter.

 

I have been working in safe mode this thing is very frustrating I did try to down load the stinger without any luck how can this thing know every site that might help? any help you can give Cory would be much appreciated

 

Sending PM to you with the 2.4 MB file.
My guess is the virus knows of the helpful sites.
If it blocks my site too, then it is something else in the virus.

 

i got ride of a trojenn i had by going in to my temperary internet files and deleting every thing i had in there. it was kinda a hassel cuzz my passwords and such werent saved any more but 1000% worth it good luck also if it ses it is still running hit crtl+alt+delete and it will take u to a task menue and u can stop it from there and then delete it in your temp files hope this helps

 

try getting the actual file from someone elses computer, like burn it on a cd or such from theirs, take it to yours and get it done !

 

try deleting MCAFEE... you'd be surprised what your computer could do. Mcaffee IS the virus... delete mcafee and put AVG on there. or if you have to format the drive, take the ram out for a few minutes, then reload everything. that will clear anything.

 

I recieved the stinger It didnt work?? thanks for everyones efforts

 

Should have also mentioned, if you're running XP turn off system restore run your anti virus apps. then turn system restore back on.

 

I mentioned that above.

 

I have turned system restore off. None of my system tools work any way, I cant defrag, or clean up ???

 

Well, I am back up and running, had to completely reformat and reload O.S. lost some info,but like having a new computer again!

 

Cool...
Get all of your Windows updates done, get a good virus scanner, and a spyware one too.

Set the virus app to auto download and apply the DAT files.
Most scanners update their DAT files daily.

This should help, and nothing like a freshly formatted disc.

 

try this click on your start menu and then run.

Type msconfig in the window that opens then enter.

when the window opens select the option that says diagnostic startup. Click apply and then restart this will only load the basic services you need to run windows xp (which is what I assume you have).

If you feel up to it you can click on the tab that says startup and look for anything that shouldnt be there. meaning some software you didnt install yourself. Simply uncheck the box next to it and click apply.

Then when you are rebooted try to run the anti-virus/spyware software. This should not allow the virus program to start with windows and will be easier to remove.

Of course you can do what I do and create an unattended install and just reinstall the OS. Just google a thing called "nlite" without the quotes. Remember to back up your bookmarks and saved game files though. Good luck