Trojans in Sys 32

[Guest]

With help from you guys I seem to have cleaned the trojans from system volume
information _restore by clearing all of the restore points. I have just done
a virus check and new infected places have now come to light - all win/sys 32
/phqghume.exe/Troj/DownLdr-QX
/qjrkvy.exe Troj/FakeAle
/vkogeslm TrojdownLdr - xq
/winflash.dll Troj/FakeAle-H

my questions are:
Can anyone help me to get rid of them? and will the infection return in sys
vol info _restore when a new restore point is made.
I think this all happened with my old virus checker. I now have Sophos which
seems to be quarantining but not getting rid - if that makes sense!

Would really appreciate some help to get rid without damaging anything.

 

[Tom Emmelot]

Hello Anne Marie,

i think that there is a option in Sophos to delete Quarantined items?

Regards >*< TOM >*<

Anne-Marie schreef:

 

[Guest]

Apply the KISS (keep it simple .....) principle. Quarantine means delete the
malware from the computer and retain a copy in a "quarantine managed folder".
If you think Sophus is not deleting the trojans from your system, then do a
back to back Sophus scan. System Restore doesn't know about malware, so just
because a copy is maintained in a restore point doesn't mean Sophus is to
blame. Since your system has already been infected, I would suggest doing an
online scan with a-squared:

http://www.emsisoft.com/en/software/ax/

Once your system is clean, then purge the restore points. Now if your
system gets re-infected, you will have to a more in depth analysis.