B
Bill Fuller
Does anyone know if there is a sure-fire way to rid a Windows XP laptop from
a trojan short of rebuilding from scratch?
a trojan short of rebuilding from scratch?
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
S
smlunatick
Does anyone know if there is a sure-fire way to rid a Windows XP laptop from
a trojan short of rebuilding from scratch?
Most up to date anti-virus and anti-spywares usually can remove most
trojans. However, you failed to metion which trojan you are working
on removing so we can not give you other recommendations.
D
Daave
Bill said:Does anyone know if there is a sure-fire way to rid a Windows XP
laptop from a trojan short of rebuilding from scratch?
Absolutely. But it depends on the specific trojan.
B
Bill Fuller
I'm not sure. I ran both AVG and Trojan Remover and they removed serveral
threats and were clean when I rescanned. However, threats were back after I
rebooted and tried rescanning. This time AVG is reporting:
Hosts: A0109584.exe
Result/Infection: Trojan horse downloader.Obfuscated
Path: C:\System Volume Information\_restore[guid]\RP348\A0109584.exe
Most up to date anti-virus and anti-spywares usually can remove most
trojans. However, you failed to metion which trojan you are working
on removing so we can not give you other recommendations.
threats and were clean when I rescanned. However, threats were back after I
rebooted and tried rescanning. This time AVG is reporting:
Hosts: A0109584.exe
Result/Infection: Trojan horse downloader.Obfuscated
Path: C:\System Volume Information\_restore[guid]\RP348\A0109584.exe
Does anyone know if there is a sure-fire way to rid a Windows XP laptop
from
a trojan short of rebuilding from scratch?
Most up to date anti-virus and anti-spywares usually can remove most
trojans. However, you failed to metion which trojan you are working
on removing so we can not give you other recommendations.
N
nass
Bill Fuller said:I'm not sure. I ran both AVG and Trojan Remover and they removed serveral
threats and were clean when I rescanned. However, threats were back after I
rebooted and tried rescanning. This time AVG is reporting:
Hosts: A0109584.exe
Result/Infection: Trojan horse downloader.Obfuscated
Path: C:\System Volume Information\_restore[guid]\RP348\A0109584.exe
Does anyone know if there is a sure-fire way to rid a Windows XP laptop
from
a trojan short of rebuilding from scratch?
Most up to date anti-virus and anti-spywares usually can remove most
trojans. However, you failed to metion which trojan you are working
on removing so we can not give you other recommendations.
Run the scan again for both malware and viruses then do the following:
SuperAntispyware - Free
http://www.superantispyware.com/superantispywarefreevspro.html
Right click My Computer and select properties, on the system properties
click System Restore tab and then select your Drive letter say...
C:\ and check this box:
[ ] Turn off System Restore on all Drives and Click [Apply..] then [OK]
Hit refresh or F5 on your Keyboard and repeat the last steps of going to the
System Restore Tab and this time uncheck the check box:
[ ] Turn off System Restore on all Drives and Click [Apply..] then [OK].
Reboot your machine and run a thorough scan gain, does the threat exist?.
The infection seems to exist on one of your restore points by flushing them
and create a new Clean Restore point your computer will be clean (hopefully).
HTH.
Let us know
nass
P
PA Bear [MS MVP]
Unexplained computer behavior may be caused by deceptive software
http://support.microsoft.com/kb/827315
Run a /thorough/ check for hijackware, including posting your hijackthis log
to an appropriate forum.
Checking for/Help with Hijackware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://aumha.net/viewtopic.php?t=5878
http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/data/prevention.htm
http://inetexplorer.mvps.org/tshoot.html
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://defendingyourmachine2.blogspot.com/
http://www.elephantboycomputers.com/page2.html#Removing_Malware
When all else fails, HijackThis v2.0.2
(http://aumha.org/downloads/hijackthis.exe) is the preferred tool to use.
It will help you to both identify and remove any hijackware/spyware with
assistance from an expert. **Post your log to
http://forums.spybot.info/forumdisplay.php?f=22,
http://castlecops.com/forum67.html,
http://forums.subratam.org/index.php?showforum=7,
http://aumha.net/viewforum.php?f=30, or other appropriate forums for review
by an expert in such matters, not here.**
If the procedures look too complex - and there is no shame in admitting this
isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA) computer repair shop.
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/
http://support.microsoft.com/kb/827315
Run a /thorough/ check for hijackware, including posting your hijackthis log
to an appropriate forum.
Checking for/Help with Hijackware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://aumha.net/viewtopic.php?t=5878
http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/data/prevention.htm
http://inetexplorer.mvps.org/tshoot.html
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://defendingyourmachine2.blogspot.com/
http://www.elephantboycomputers.com/page2.html#Removing_Malware
When all else fails, HijackThis v2.0.2
(http://aumha.org/downloads/hijackthis.exe) is the preferred tool to use.
It will help you to both identify and remove any hijackware/spyware with
assistance from an expert. **Post your log to
http://forums.spybot.info/forumdisplay.php?f=22,
http://castlecops.com/forum67.html,
http://forums.subratam.org/index.php?showforum=7,
http://aumha.net/viewforum.php?f=30, or other appropriate forums for review
by an expert in such matters, not here.**
If the procedures look too complex - and there is no shame in admitting this
isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA) computer repair shop.
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/
Bill said:I'm not sure. I ran both AVG and Trojan Remover and they removed serveral
threats and were clean when I rescanned. However, threats were back after
I
rebooted and tried rescanning. This time AVG is reporting:
Hosts: A0109584.exe
Result/Infection: Trojan horse downloader.Obfuscated
Path: C:\System Volume Information\_restore[guid]\RP348\A0109584.exe
Does anyone know if there is a sure-fire way to rid a Windows XP laptop
from
a trojan short of rebuilding from scratch?
Most up to date anti-virus and anti-spywares usually can remove most
trojans. However, you failed to metion which trojan you are working
on removing so we can not give you other recommendations.
K
Ken Blake, MVP
Does anyone know if there is a sure-fire way to rid a Windows XP laptop from
a trojan short of rebuilding from scratch?
Two answers:
1. Most trojans (and other malware) can be removed by using one of the
many tools available to do this.
2. If you are talking about *any* possible trojan, and looking for
something that is literally "sure-fire," no, there is no way to do
this.
B
Bill Fuller
nass said:Bill Fuller said:I'm not sure. I ran both AVG and Trojan Remover and they removed serveral
threats and were clean when I rescanned. However, threats were back after
I
rebooted and tried rescanning. This time AVG is reporting:
Hosts: A0109584.exe
Result/Infection: Trojan horse downloader.Obfuscated
Path: C:\System Volume Information\_restore[guid]\RP348\A0109584.exe
Does anyone know if there is a sure-fire way to rid a Windows XP laptop
from
a trojan short of rebuilding from scratch?
Most up to date anti-virus and anti-spywares usually can remove most
trojans. However, you failed to metion which trojan you are working
on removing so we can not give you other recommendations.
Run the scan again for both malware and viruses then do the following:
SuperAntispyware - Free
http://www.superantispyware.com/superantispywarefreevspro.html
Right click My Computer and select properties, on the system properties
click System Restore tab and then select your Drive letter say...
C:\ and check this box:
[ ] Turn off System Restore on all Drives and Click [Apply..] then
[OK]
Hit refresh or F5 on your Keyboard and repeat the last steps of going to
the
System Restore Tab and this time uncheck the check box:
[ ] Turn off System Restore on all Drives and Click [Apply..] then
[OK].
Reboot your machine and run a thorough scan gain, does the threat exist?.
The infection seems to exist on one of your restore points by flushing
them
and create a new Clean Restore point your computer will be clean
(hopefully).
HTH.
Let us know
nass
I'm a little confused on the steps. Here is what it sounds like you
suggesting.
1. Run SuperAntispy
2. Turn off System Restore on all drives
3. Turn on System Restore on all drives
4. Turn off System Restor on all drives
5. Reboot
6. Run SuperAntispy
Is my understaning correct? Also, should I turn on System Restore at some
point?
N
nass
Bill Fuller said:nass said:Bill Fuller said:I'm not sure. I ran both AVG and Trojan Remover and they removed serveral
threats and were clean when I rescanned. However, threats were back after
I
rebooted and tried rescanning. This time AVG is reporting:
Hosts: A0109584.exe
Result/Infection: Trojan horse downloader.Obfuscated
Path: C:\System Volume Information\_restore[guid]\RP348\A0109584.exe
Does anyone know if there is a sure-fire way to rid a Windows XP laptop
from
a trojan short of rebuilding from scratch?
Most up to date anti-virus and anti-spywares usually can remove most
trojans. However, you failed to metion which trojan you are working
on removing so we can not give you other recommendations.
Run the scan again for both malware and viruses then do the following:
SuperAntispyware - Free
http://www.superantispyware.com/superantispywarefreevspro.html
Right click My Computer and select properties, on the system properties
click System Restore tab and then select your Drive letter say...
C:\ and check this box:
[ ] Turn off System Restore on all Drives and Click [Apply..] then
[OK]
Hit refresh or F5 on your Keyboard and repeat the last steps of going to
the
System Restore Tab and this time uncheck the check box:
[ ] Turn off System Restore on all Drives and Click [Apply..] then
[OK].
Reboot your machine and run a thorough scan gain, does the threat exist?.
The infection seems to exist on one of your restore points by flushing
them
and create a new Clean Restore point your computer will be clean
(hopefully).
HTH.
Let us know
nass
I'm a little confused on the steps. Here is what it sounds like you
suggesting.
1. Run SuperAntispy
2. Turn off System Restore on all drives
3. Turn on System Restore on all drives
4. Turn off System Restor on all drives
5. Reboot
6. Run SuperAntispy
Is my understaning correct? Also, should I turn on System Restore at some
point?
Sorry for not being accurate in my steps.
Here it is how it should be:
1- Run a scan with AVG for Viruses
2- Run a scan with Supperspyware for malware/grayware/adware
3- Turn the System Restore OFF and Refresh your screen.
[ √ ] Turn off System Restore on all Drives and Click [Apply..] then
[OK].<- by checking the check box [ √ ]
4- Turn ON your System Restore Back ON to create a new restore Point
[ ] Turn off System Restore on all Drives and Click [Apply..] then
[OK].<- by unchecking the check box [ ]
Reboot your machine and perform a scan with both AVG and Supper..
does the scan comes out clear?.
HTH.
nass
S
smlunatick
I'm not sure. I ran both AVG and Trojan Remover and they removed serveral
threats and were clean when I rescanned. However, threats were back after
I
rebooted and tried rescanning. This time AVG is reporting:
Hosts: A0109584.exe
Result/Infection: Trojan horse downloader.Obfuscated
Path: C:\System Volume Information\_restore[guid]\RP348\A0109584.exe
Does anyone know if there is a sure-fire way to rid a Windows XP laptop
from
a trojan short of rebuilding from scratch?
Most up to date anti-virus and anti-spywares usually can remove most
trojans. However, you failed to metion which trojan you are working
on removing so we can not give you other recommendations.Run the scan again for both malware and viruses then do the following:
SuperAntispyware - Free
http://www.superantispyware.com/superantispywarefreevspro.htmlRight click My Computer and select properties, on the system properties
click System Restore tab and then select your Drive letter say...
C:\ and check this box:
[ ] Turn off System Restore on all Drives and Click [Apply..] then
[OK]
Hit refresh or F5 on your Keyboard and repeat the last steps of going to
the
System Restore Tab and this time uncheck the check box:
[ ] Turn off System Restore on all Drives and Click [Apply..] then
[OK].
Reboot your machine and run a thorough scan gain, does the threat exist?..
The infection seems to exist on one of your restore points by flushing
them
and create a new Clean Restore point your computer will be clean
(hopefully).
HTH.
Let us know
nass
I'm a little confused on the steps. Here is what it sounds like you
suggesting.
1. Run SuperAntispy
2. Turn off System Restore on all drives
3. Turn on System Restore on all drives
4. Turn off System Restor on all drives
5. Reboot
6. Run SuperAntispy
Is my understaning correct? Also, should I turn on System Restore at some
point?- Hide quoted text -
- Show quoted text -
Turning off the System Restore is to "clear" out the trojan from the
system restore points. However, you must note that all restore points
will be "cleared" off your PC and will aonly start creating new oen
when you turned it back on.
C
Carey Frisch [MVP]
Cleaning a Compromised System
http://www.microsoft.com/technet/community/columns/secmgmt/sm0504.mspx
--
Carey Frisch
Microsoft MVP
Windows Desktop Experience -
Windows System & Performance
---------------------------------------------------------------
:
Does anyone know if there is a sure-fire way to rid a Windows XP laptop from
a trojan short of rebuilding from scratch?
http://www.microsoft.com/technet/community/columns/secmgmt/sm0504.mspx
--
Carey Frisch
Microsoft MVP
Windows Desktop Experience -
Windows System & Performance
---------------------------------------------------------------
:
Does anyone know if there is a sure-fire way to rid a Windows XP laptop from
a trojan short of rebuilding from scratch?
O
oasts
Bill Fuller said:Does anyone know if there is a sure-fire way to rid a Windows XP laptop from
a trojan short of rebuilding from scratch?
Hi i had a lot of trojans and viruses on my system which is running the home edition,i had to run muti scans, and they cleared but for the trojan, then i installed spybot search and destroy and have had no other problems or instance of trojans, i see you have had help, from the proffeshional but im so happy with this product im recomending it to you to stop all trojan attemps in the future.
K
Ken Blake, MVP
Hi i had a lot of trojans and viruses on my system which
is running the home edition,i had to run muti scans, and
they cleared but for the trojan, then i installed spybot
search and destroy and have had no other problems or
instance of trojans, i see you have had help, from the
proffeshional but im so happy with this product im
recomending it to you to stop all trojan attemps in the future.
Not a good recommendation. It may have worked for you in your specific
instance, but it will certainly *not* "stop all trojan attemps in the
future."
Spybot Search and Destroy is an anti-spyware program. In general, you
need anti-virus software to prevent and remove trojans.
Ask a Question
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.