Hi, I have some problems with a trojan in the System Volume Information folder
The Operating system is Windows XP SP2
Avast 4.8 detects Signs of "Win32:Tiny-ADU [Trj]"
in "C:\System Volume Information\_restore{481DFA92-F681-4AB6-AAED-E378EE5F009D}\RP15\snapshot\_REGISTRY_MACHINE_SOFTWARE" file.
However when the C drive is scanned during boot there is no trojan detected.
I have turned off system restore, rebooted and enabled system restore but avast
keeps on detecting this trojan.
A couple of weeks ago the PC was infected by rogue Internet Security 2010 software
and google searches were also redirected to other websites.
The infection was cleaned using Malwarebytes,CCleaner and Spybot Search and destroy.
All user installations were also cleaned (all of them in safe mode).
Malwarebytes and Spybot do not detect any problem regarding the System Volume Information trojan detected by avast. I have also tested SuperAntiSpyware,Spyware Doctor and a Virus Removal Tool from Kaspersky.
These tools also fail to detect the trojan in System Volume Information.
Perhaps there is a residual infection in the PC, maybe in the file system folder:
system32\config, the relevant software file.
I would appreciate your help to solve this problem.
I enclose the relevant logs. The Superantispyware log detects a threat that is due to the
Kaspersky Virus removal tool that I installed, but neither avast nor Malwarebytes detect a problem
for the corresponding file.
The Operating system is Windows XP SP2
Avast 4.8 detects Signs of "Win32:Tiny-ADU [Trj]"
in "C:\System Volume Information\_restore{481DFA92-F681-4AB6-AAED-E378EE5F009D}\RP15\snapshot\_REGISTRY_MACHINE_SOFTWARE" file.
However when the C drive is scanned during boot there is no trojan detected.
I have turned off system restore, rebooted and enabled system restore but avast
keeps on detecting this trojan.
A couple of weeks ago the PC was infected by rogue Internet Security 2010 software
and google searches were also redirected to other websites.
The infection was cleaned using Malwarebytes,CCleaner and Spybot Search and destroy.
All user installations were also cleaned (all of them in safe mode).
Malwarebytes and Spybot do not detect any problem regarding the System Volume Information trojan detected by avast. I have also tested SuperAntiSpyware,Spyware Doctor and a Virus Removal Tool from Kaspersky.
These tools also fail to detect the trojan in System Volume Information.
Perhaps there is a residual infection in the PC, maybe in the file system folder:
system32\config, the relevant software file.
I would appreciate your help to solve this problem.
I enclose the relevant logs. The Superantispyware log detects a threat that is due to the
Kaspersky Virus removal tool that I installed, but neither avast nor Malwarebytes detect a problem
for the corresponding file.