Infected pc with Various Trojans/Unknown, need your opinion

Discussion in 'other anti-virus software' started by light50, Sep 11, 2006.

Thread Status:
Not open for further replies.
  1. light50

    light50 Registered Member

    Joined:
    Feb 23, 2006
    Posts:
    30
    Hi, after i have just formatted i connected the computer to download windows updates and i did a small time without any antivirus. After some time i noticed my pc was acting sluggish, and found 2 setup.exe on my 2 partitions. I uploaded them to jotti's virus scan and it was reported by 4 scanners that it is a probable variant, by some called Trojan.Spambot and a variant of Medbot.BJ. I currently have kis and it wasn't detected by it even with an on demand scan of the file. However i've done a complete scan with kaspersky and found several trojan infections like Trojan-Downloader.Win32.Zlob.ajl and Trojan-Proxy.Win32.Horst.ig

    I've deleted all files but sometime it finds another one, and the setup files keep reappearing. Also i can't see any suspicious processes. I would really like to know what you guys think of this please.
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    NOD32 reports these files as a variant of TP.Horst, maybe an infected file made it to the system restore folder and therefore keeps re-appearing. You can contact technical support of the vendor whose AV you are using. If you still have NOD32 installed you can drop an email to support @ eset.com along with a link to this thread.
     
  3. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    Try to disable system restore like Marcos says:

    IMPORTANT NOTES:
    You must be logged in as an Administrator to do this. If you are not logged in as an Administrator, the System Restore tab will not be displayed.
    Turning off System Restore will clear out all previous restore points.

    To turn off Windows XP System Restore:

    NOTE: These instructions assume that you are using the default Windows XP Start Menu and have not changed to the Classic Start menu. To re-enable the default menu, right-click Start, click Properties, click Start menu (not Classic) and then click OK.


    1. Click Start.
    2. Right-click the My Computer icon, and then click Properties.
    3. Click the System Restore tab.
    4. Check "Turn off System Restore"
    5. Click Apply.
    6. When turning off System Restore, the existing restore points will be deleted. Click Yes to do this.
    7. Click OK, reboot and do a scan with settings in high in "Scan my computer".

    Also send the files you mention to: newvirus@kaspersky.com, in a passwoed protected zip, include the password in the mail.
     
  4. light50

    light50 Registered Member

    Joined:
    Feb 23, 2006
    Posts:
    30
    disabled system restore and sent the file to kaspersky. Hope it helps. I would have just formatted again since i didn't install everything yet but it is also on my back up partition and don't want to risk it
     
Loading...
Thread Status:
Not open for further replies.