I’ve just done a scan using Avast and it’s found this trojan on my system.
I moved the files straight to the chest and deleted them but the files were located in my System Volume Information Folder.
Is that all i need to do to get rid of it? I cant find much information on the trojan itself.
Can anyone help? Thanks in advance.
Hi,
some info:
VGREP
if you have infected files in your RESTORE-folder, then you need to disable RESTORE & reboot, to get rid of them:
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
Hi, i’ve deleted the files already in the chest without disabling system restore, does this means it will keep coming back?
I have disabled it and scanned the system just now and it found nothing.
Hi,
afaik avast can’t normally delete files in System restore…
but if you disabled RESTORE incl reboot, then ALL files in it will be gone… → so a subsequent scan with avast won’t/can’t find anythign in it…
for additional safety, you could run an onlinescan from Trend (see below) and/or www.ravantivirus.com
after you’ve cleaned up your PC , you can reenable system restore, and set a new restore-point
I’ve done a scan with housecall and it didn’t find anything, so i guess it’s gone.
The problem i have now is that one of my ports is being checked for trojans according to my firewall.