My desktop has been 'taken over' by 'RazeSpyware' continually flashing 'Danger Spyware'. I have tried to remove it by changing the desktop, using restore etc but with no joy. Any suggestions please?
H49

Try downloading the free Microsoft Anti-Spyware beta program from its website http://microsoft.com and then run this over your system.

It will identify all spyware and delete the files.

:cool:

Thanks for the advice......please note the 'pop up' or whatever it is, is trying to sell me some anti-spyware software....does your advice still apply?
H49

Is Microsoft Anti-Spyware 100% reliable? I tend to run two of everything and rotate through a cycle of scans of each product.
My kids are not too bad, but I do get the occasional malware appearing on their machine.

Example: I ran Ewido, and it identified backdoor.genlot.dx trojan. It has picked up this one before and others. Microsoft Anti-Spyware has never picked up one yet. Now maybe thats just the luck of the draw coinciding with when its run, and when I'm infected, but I looked into the MS Anti-spyware log, and found that it had permitted pohci13F.sys to run, which was the file with that trojan onboard. It also did not pick up the trojan once it was installed.
I have the following installed and cycle their scans:

AVG free edition (and run Housecall online as an occasional backup)
Spybot search and destroy
Spyware Blaster
Lavasoft Ad-aware
Microsoft Anti-Spyware
Ewido


Also run CCleaner daily
Keep an eye on things with
Hijack This and Rootkit Revealer weekly

Now, there are programs in there that claim to catch spyware /malware 'on the fly' but stuff still gets through.

I'll continue to run belt and braces, but on the basis of detection in my experience, I would be comfortable with running AVG with Ewido, and uninstalling the rest. That said, Ad-Aware is good but not as good as Ewido.
I am going to get round to paying for Ewido for the real-time upgrade, I think its worth it.

It's just a pop-up trying to sell you something. Consider using Firefox as your browser.

To kill the pop-up you could press Ctrl-Alt-Delete, and cancel the browser pop up.

I have AVG and associated spyware running but this 'new desktop' has penetrated these systems and now forms my dektop background....what's more I cannot remove it!
hELEN

http://forums.spywareinfo.com/lofiversion/index.php/t60868.html

have a look at this - might help

Hello Helen

My employers got hit really hard by one of these things about a year ago where it took over the desktop.

We tried everything to remove it but to no avail. Having inspected the registry there were files all through it and none of them could be deleted.

In the end, it meant a total reinstallation of Windows - which I recommend you do.

To add a rant to this, Windows XP is by far the worst operating system I have ever had the displeasure of using and if it wasn't for the fact that Flight Simulation keeps me sane when I can't afford to fly, then I would be Mac or Linux all the way.

As soon as XPlane becomes decent and gives me nice scenery to play with instead of those horrible cockpits, I'll be dumping Gates' Ghoul into the nearest sewer.

:*

Have a look at the forum Cheerio provided the link to. This route is the most likely to offer success. Follow the directions exactly.

I got one of these things about 8months ago. Ended up having to reinstall. They often seem to be installed by a trojan. (In my case, zolob trojan downloader..)

I always found Ewido had a much more effective search and clean function than the then MS offering. Another that appears to work exceptionally well is Spyware Terminator.

Don't be surprised if, when running Ewido, AVG suddenly farts at you and says "BlahBlah detected." It seems to me that Ewido can get into and scan areas that AVG cannot.

To Cheerio, any idea why the instructions on that forum say to disable the resident shield?

I'm guessing that it would be to supress any action on the malware until you are ready to hit it after a safe mode boot and system update turned off?
I don't see any reason why it would be kept off once the system was clean.

Try THIS (http://safety.live.com/site/en-gb/default.htm) It just might help

Like AA, I really would reccomend using Firefox as a browser instead of the MS Internet Exploder.

Conan