[CDATech]

So my wife decided to attempt to infect my PC with a trojan. Seems like a generic one because AVG caught it as sheur and heur varient (which I believe means heuristics detected it). It caught the originating file and then also caught the 3 files it places in the root of c:\ named randomly. Also one file in the C:\windows\system32 folder was caught. All files moved to the vault.

I performed a full scan of AVG 8 and cleaned it up. Also performed a full scan of Malwarebytes and that cleaned up a few entires. I also installed Ad-Adware and ran a full scan.

I ran these several times and all turned out clean. I then ran the BitDefender online scan and that turned up nothing.

I had to manually remove the startup entry for the Trojan but besides that everything went smoothly. Anyone recommend me try anything else to make sure this system is secure? I don't feel like formatting since this is a recent installation but I'm just shy of paranoid and want to make sure I should scan with something else to feel more confident about it being clean.

Thanks again guys

[mrss]

Try a Kaspersky online scan.

For the future, get a good backup image program. The next time you do a reformat, image the system after Windows has been updated and all the apps reloaded/updated. Keep a second image with recent data. Then it's trivial to reload the system after a hack attack or a disk crash.

[CDATech]

mrss,

Good idea. I have jungledisk and an external drive to backup my data but no current image of it. I'm pretty sure I'm clean..but just wanted a second opinion. Seems like the A/V did it's job this time around.

[1002richards]

Perhaps get a HJT log checked out in the Malware forum?
Also perhaps have a look at Returnil Personal, this from their website:
"
Returnil virtualization technology clones a computer's System Partition and boots the PC into this system rather than native Windows, allowing you run your applications in a completely isolated environment. Hence the session and all activity, malicious or otherwise, will happen in the virtual environment, not in the real PC environment. If the PC is attacked or gets infected, all you need to do is to simply reboot the PC to erase all changes. After reboot, the system will be restored to its original state, as if nothing ever happened. All of this without sacrificing computer performance or usability while helping to reduce technical support intervention and the need for routine maintenance."

Inserted from <http://www.returnilvirtualsystem.com/rvspersonal.htm>

Richard

[CDATech]

Oh, that's a great idea 1002richards.

I will run HJT when I get home and gather up more virus info from the logs.

[1002richards]

You're welcome.