Trojan Slime

[John]

I have windows xp pre-installed on my pc . I have trojan slime which was
picked up by avg anti-spyware .quarrentined now . When i preinstall windows
again this trojan comes backm in system restore . How can i can rid of this
for good . any help greatly appreciated . I have filseclab firewall .avast
antiviris and windows defender and c cleaner . . Novice at this . thanks

 

[Bill Sanderson]

If I am reading your message correctly, your antispyware is shoing this
malware, but only in the System Restore store.

If this is correct, there is nothing to worry about, as long as you do not
make use of an infected restore point.

If you are satisfied that your system is functioning correctly, and have a
current, malware free restore point, you can delete all but that most recent
restore point using the system clean-up application.

Start
all programs
accessories
system tools
disk clean-up

Once the scan has completed, choose the "More options" tab.

Click the third button down to remove all but the most recent restore point.
This may take a few minutes in which there is no obvious sign of what is
happening in the UI. When you are able to navigate away from that tab, the
operation is done.

You should then be able to get a clean scan of your system.

 

[Robinb]

Bill I have found it better to remove all restore points
go into safe mode
redo the scans and see if all is clean
for all you know it could be infected from the prior day he saw the trojan
Removing all but the recent ones might not take off the trojan if it is in
the most resent one

I have done it your way and still found when I scanned the antispyware
program again found the trojan
when I went and did it my way and scanned in safe mode I got a clean machine
I went back into Windows, reput system restore on, rescanned and was still
clean

robin

 

[nass]

I have windows xp pre-installed on my pc . I have trojan slime which was
picked up by avg anti-spyware .quarrentined now . When i preinstall windows
again this trojan comes backm in system restore . How can i can rid of this
for good . any help greatly appreciated . I have filseclab firewall .avast
antiviris and windows defender and c cleaner . . Novice at this . thanks

Go through these Cleaning steps:
1... First, try to clean up your caches, Internet files and delete cookies
by doing this:
Click Start >> Control Panel >> Double click Network and Internet
Connections >> Double click Internet Options.
On the IE properties windows you will see these Tabs:
General | Security | Privacy | Content | Connections | Programs |
Advanced
Under General Tab clear your History, Internet Files and Cookies.
Then click on Advanced tab and scroll down to under the Browsing Option:
[&] Browsing
[ ] Enable Third-Party browser extensions (Req Rest) uncheck this box.
Then click on Programs Tab and click Manage Add-Ons and Disable all non
Verified Add-Ons (You should Renable them later one-by-one and see the
culprit and update it or remove it.
How to manage Add-Ons:
http://support.microsoft.com/kb/883256
Scan for malware from here:
SuperAntispyware - Free
http://www.superantispyware.com/superantispywarefreevspro.html

Run a scan from here on-line:
http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
Download Avast Cleaner (offline scanner) from here:
http://www.avast.com/eng/avast-virus-cleaner.html

Run disk clean up on your Drive.
You can download this tool o run clean up:
http://www.ccleaner.com
Comodo BOClean : Anti-Malware Version 4.27
http://www.comodo.com/boclean/boclean.html

Don't forget to flush your System Restore after doing these cleaning steps
then create a clean Restore point.
Clear the Restore Points as they seems to be infected by the trojans!
Do this:
Right click "My Computer" icon and select Properties from the drop down list.
On the system Properties click on System Restore Tab and check this box:
[ ] Turn off System Restore on all drives

Click [Apply] then click [OK] try to access some programs on your machine
then do the stpes again to access the System Restore to create a new clean
restore Point and this time Uncheck the check box [ ].
Right click "My Computer" icon and select Properties from the drop down list.
On the system Properties click on System Restore Tab and Uncheck this box:
[ ] Turn off System Restore on all drives

HTH
nass

 

[Robinb]

ok, that about sums it up
robin

I have windows xp pre-installed on my pc . I have trojan slime which was
picked up by avg anti-spyware .quarrentined now . When i preinstall
windows
again this trojan comes backm in system restore . How can i can rid of
this
for good . any help greatly appreciated . I have filseclab firewall
.avast
antiviris and windows defender and c cleaner . . Novice at this . thanks

Go through these Cleaning steps:
1... First, try to clean up your caches, Internet files and delete cookies
by doing this:
Click Start >> Control Panel >> Double click Network and Internet
Connections >> Double click Internet Options.
On the IE properties windows you will see these Tabs:
General | Security | Privacy | Content | Connections | Programs |
Advanced
Under General Tab clear your History, Internet Files and Cookies.
Then click on Advanced tab and scroll down to under the Browsing Option:
[&] Browsing
[ ] Enable Third-Party browser extensions (Req Rest) uncheck this box.
Then click on Programs Tab and click Manage Add-Ons and Disable all non
Verified Add-Ons (You should Renable them later one-by-one and see the
culprit and update it or remove it.
How to manage Add-Ons:
http://support.microsoft.com/kb/883256
Scan for malware from here:
SuperAntispyware - Free
http://www.superantispyware.com/superantispywarefreevspro.html

Run a scan from here on-line:
http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
Download Avast Cleaner (offline scanner) from here:
http://www.avast.com/eng/avast-virus-cleaner.html

Run disk clean up on your Drive.
You can download this tool o run clean up:
http://www.ccleaner.com
Comodo BOClean : Anti-Malware Version 4.27
http://www.comodo.com/boclean/boclean.html

Don't forget to flush your System Restore after doing these cleaning steps
then create a clean Restore point.
Clear the Restore Points as they seems to be infected by the trojans!
Do this:
Right click "My Computer" icon and select Properties from the drop down
list.
On the system Properties click on System Restore Tab and check this box:
[ ] Turn off System Restore on all drives

Click [Apply] then click [OK] try to access some programs on your machine
then do the stpes again to access the System Restore to create a new clean
restore Point and this time Uncheck the check box [ ].
Right click "My Computer" icon and select Properties from the drop down
list.
On the system Properties click on System Restore Tab and Uncheck this box:
[ ] Turn off System Restore on all drives

HTH
nass

 

[nass]

Thanks and hope it will help the OP!
nass

ok, that about sums it up
robin

I have windows xp pre-installed on my pc . I have trojan slime which was
picked up by avg anti-spyware .quarrentined now . When i preinstall
windows
again this trojan comes backm in system restore . How can i can rid of
this
for good . any help greatly appreciated . I have filseclab firewall
.avast
antiviris and windows defender and c cleaner . . Novice at this . thanks

Go through these Cleaning steps:
1... First, try to clean up your caches, Internet files and delete cookies
by doing this:
Click Start >> Control Panel >> Double click Network and Internet
Connections >> Double click Internet Options.
On the IE properties windows you will see these Tabs:
General | Security | Privacy | Content | Connections | Programs |
Advanced
Under General Tab clear your History, Internet Files and Cookies.
Then click on Advanced tab and scroll down to under the Browsing Option:
[&] Browsing
[ ] Enable Third-Party browser extensions (Req Rest) uncheck this box.
Then click on Programs Tab and click Manage Add-Ons and Disable all non
Verified Add-Ons (You should Renable them later one-by-one and see the
culprit and update it or remove it.
How to manage Add-Ons:
http://support.microsoft.com/kb/883256
Scan for malware from here:
SuperAntispyware - Free
http://www.superantispyware.com/superantispywarefreevspro.html

Run a scan from here on-line:
http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
Download Avast Cleaner (offline scanner) from here:
http://www.avast.com/eng/avast-virus-cleaner.html

Run disk clean up on your Drive.
You can download this tool o run clean up:
http://www.ccleaner.com
Comodo BOClean : Anti-Malware Version 4.27
http://www.comodo.com/boclean/boclean.html

Don't forget to flush your System Restore after doing these cleaning steps
then create a clean Restore point.
Clear the Restore Points as they seems to be infected by the trojans!
Do this:
Right click "My Computer" icon and select Properties from the drop down
list.
On the system Properties click on System Restore Tab and check this box:
[ ] Turn off System Restore on all drives

Click [Apply] then click [OK] try to access some programs on your machine
then do the stpes again to access the System Restore to create a new clean
restore Point and this time Uncheck the check box [ ].
Right click "My Computer" icon and select Properties from the drop down
list.
On the system Properties click on System Restore Tab and Uncheck this box:
[ ] Turn off System Restore on all drives

HTH
nass

 

[Bill Sanderson]

I can understand that this might happen, but I'm not ready to advise
removing all restore points in a public forum.

In addition to the individual whose problem we are trying to solve, perhaps
hundreds of other folks will read this discussion, and some of them will be
trying what we suggest in case it fixes their issue, which may be somewhat
different. I don't want to take the risk of suggesting removing all restore
points and doing in that safety net, until it is clear that this is
necessary in an individual case.

 

[Robinb]

I only take out all the restore points as stated, if I find there is no
other way because the trojan will not leave that that is after trying to
remove it with every trojan program I have.
I thought I made that clear in my first post so when others read it you do
this if all else fails.
It is better to do it this way as a last result then reformat the HD
robin

 

[Bill Sanderson]

I'm in full agreement that removing all restore points is likely a better
solution for most users than reformatting.