Solved

Probable Pushdo Trojan - What can detect it? (& maybe how to remove it?)

Posted on 2013-06-20
1
939 Views
Last Modified: 2013-11-22
Hi. Five days ago I visited a link only to be told that my IP address had been blocked due to it sending out traffic related to the Pushdo trojan. AVG couldn't detect it. Neither could Malwarebytes or TDSSKiller or Windows MRT. I tried restoring to earlier Windows restore points, starting with a month ago. After a long wait, a reboot, and another long wait, Windows told me that it was unable to restore to my selected restore point. I tried 3 more times, each time with a later restore point but with the same result.. long wait, reboot, long wait, and message that Windows couldn't restore to my restore point.

I thought that even though Windows reported that it was unable to restore to an earlier date, that it indeed had restored to an earlier date, because it was missing some Windows updates that I had just added the day prior. So I was (somewhat) hopeful that I was now Pushdo free.

However, the last 2 days, my system has slowed down and really been sluggish (at least the internet).. I think I still have the Pushdo trojan.  There is recent news online (within the last month) on this thing, about how hard it is to detect, about how it keeps evolving. (And it adds other Malware.) But nothing I've found gives me a solution for even detecting this latest version or removing it.

Anyone have any ideas on how to really determine if I am infected? More free scans to try?

I'm not too keen on reformatting and reinstalling Windows and everything else unless absolutely necessary, I can't really afford the down time. That's probably a whole day of backing up, installing and restoring (and boredom!). So I'd really appreciate a different solution if there is one!

I'm running XP Pro, using AVG free and running Windows firewall.
0
Comment
Question by:Missus Miss_Sellaneus
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 6

Accepted Solution

by:
Vijay Pratap Singh earned 500 total points
ID: 39264936
Use Symantec Endpoint Protection or Kaspersky Internet Security Trial as it will clean it.

Thanks
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Best Google Chromebook AV solutions 5 121
VPN Tunnel Stops Working Cisco RV130W 18 77
Behavior-based and anomalies detection for Microsoft 3 64
Cisco AnyConnect VPN 4 45
If you use NetMotion Mobility on your PC and plan to upgrade to Windows 10, it may not work unless you take these steps.
I've been an avid user and supporter of Malwarebytes Premium Version 2.x for years. It's an excellent product that runs alongside just about any Anti-Virus application without issues. It seems to have an uncanny ability to pick up many things that A…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question