Hello,
I’ve got a laptop that got hit with what i think was first iehelper.dll as avast 4 home picked that up first. I stopped it prevented it from running, about 30 seconds or so later windows xp pro comes up with the system is infected. I’m speculating the iehelper.dll pulled in win32:rootkit-gen which pulled in some additional trojans, sysguard.exe and also infected some files that are for virtual machines that this laptop runs. I need to get this machine cleaned, currently a reinstall is not an option. I’d appreciate any and all help.
If additional information is required let me know.
Thanks.
Dave.
sysguard.exe is a rogue program as far I know. You should get rid of it. Use MBAM.
Why do you suspect it will infect the virtual machines? Is avast installed in each of the virtual machines?
Hello,
Thanks for your reply. When i used avast to scan the hard disk of the laptop two of the files were vmware .vmdk virtual disk files they didn’t have the win32:rootkit-gen file in them, but they did have another trojan.
My primary concern is win32:rootkit-gen any suggestions on that?
Any other suggestions on the rootkit or the iehelper.dll which is spyware i’d appreciate.
I’ll run your indicated program and report back.
Thanks.
Dave.