Doug Bruce asks: I recently ran Spy Sweeper. This identified that I had been infected by Securybanks, which I understand is a phishing Trojan.
Spy Sweeper advised me that it had removed and quarantined the Trojan and then removed it from quarantine. I ran Spy Sweeper shortly afterwards and it again advised me that Securybanks was on my computer and had been removed again. I did this twice more and again it told me my computer was infected. On a subsequent sweep it came up clean.
Since then I have disabled System Restore and Spy Sweeper tells me the computer is clean. I have looked at the places the Trojan was placed in the Registry but cannot find the exact file for the Trojan. The file was:
When I look in the Registry I can find the the first part of the file but not the last sequence: \0023f9.dat.
Is there any way I can check that this Trojan has really been removed? Spy Sweeper keeps coming up clean. I used to bank online and booked airline tickets online but have now stopped this activity because I am a bit paranoid! Would appreciate your advice if you are not too inundated.
An excellent free tool for discovering deeply embedded spyware is HijackThis. This will examine your hard drive and Registry to identify suspicious elements indicative of spyware. As you have sufficient skills to search the Registry, the output should be meaningful to you.