How can I get rid of Trojans

G

Guest

I have used microsofts antispyware and have just installed Sophos. Both
detected trojans, sophos has got as far as quarantining them but when I run
the next virus check they are still there - in system volume
information_restore.

There are two trojans - Troj/FakeAle-H and Troj/SpyDldr-G.
Does anyone know what damage they can do and how I can get rid of them for
good -v esp now I have a new virus checker on?
Cheers
Would really appreciate any help
 
G

Guest

Hello Anne-Marie,

Scan your computer now online and clean it for free!
You can run Ewido in safe mode with networking, fwiw.
http://www.ewido.net/en

My computer, Local Disk , right click , Properties, Disk-Cleanup, Run, Other
Options, check delete old restore points (the last recent checkpoint
remªins).

For the benefit of the community reading this post, please rate the pºst.

I hope this post is helpful.

Let us know how it works ºut.

Еиçеl
 
R

Randy Knobloch

Anne-Marie said:
I have used microsofts antispyware and have just installed Sophos. Both
detected trojans, sophos has got as far as quarantining them but when I run
the next virus check they are still there - in system volume
information_restore.
Click to expand...
<snip>
You need to flush the Restore archive to get rid of the embedded Trojan.
Seek help how to do that, below - assuming you run Windows XP?
'How to turn on and turn off System Restore in Windows XP'
(http://support.microsoft.com/?kbid=310405)

Once done, contact Sophos Tech Support for further help.

Randy

--
siljaline

MS - MVP Windows (IE/OE) & Windows Security, AH-VSOP

Security Tools Updates
http://aumha.net/viewforum.php?f=31

Reply to group, as return address is invalid that we may all benefit.
 
G

Guest

Thanks Randy - have done this and am running a virus check now. Why do you
think I now need to contact Sophos? Will the virus still be in the computer?
 
G

Guest

Just completed the virus check. All of the system volume information_restore
viruses have disappeared but now new ones have been detected in sys 32 which
were not there before Troj DownLdr -QK and XQ and Troj Fake Ale - H
I will write this as a separate post as well. Will they return in the sys
vol info_restore?
Thanks for your help on all of that
 
G

Guest

Hi Engel,
I ran the link below and have just rerun a scan with Sophos and the trojans
in win32 are still there although the trojans in the _restore have now gone.
What should I do now?
 
R

Randy Knobloch

Anne-Marie said:
Just completed the virus check. All of the system volume information_restore
viruses have disappeared but now new ones have been detected in sys 32 which
were not there before Troj DownLdr -QK and XQ and Troj Fake Ale - H
I will write this as a separate post as well. Will they return in the sys
vol info_restore?
Thanks for your help on all of that
Click to expand...

You are far from being disinfected at this point - obviously.
Assuming that you have turned off System Restore, it has effectively flushed
viruses/trojans
in the Restore archive and created a new restore point.

Follow the below instructions appropriate to your Sophos product and post back
your findings.
http://www.sophos.com/support/disinfection/trojan.html

Randy

--
siljaline

MS - MVP Windows (IE/OE) & Windows Security, AH-VSOP

Security Tools Updates
http://aumha.net/viewforum.php?f=31

Reply to group, as return address is invalid that we may all benefit.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Trojans in Sys 32 2
Trojans/Dialers!! 4
Virus In G-Spot v2.21 3
Windows 10 How to get rid of lines on documents 2
Trojans Galore 15
Unclassified.Spyware.61 (spyware)??? 4
How to get rid of citadelbuild.exe? 6
Can't get rid of Vundo, please help 5

Top