Probable Pushdo Trojan - What can detect it? (& maybe how to remove it?)
Posted on 2013-06-20
Hi. Five days ago I visited a link only to be told that my IP address had been blocked due to it sending out traffic related to the Pushdo trojan. AVG couldn't detect it. Neither could Malwarebytes or TDSSKiller or Windows MRT. I tried restoring to earlier Windows restore points, starting with a month ago. After a long wait, a reboot, and another long wait, Windows told me that it was unable to restore to my selected restore point. I tried 3 more times, each time with a later restore point but with the same result.. long wait, reboot, long wait, and message that Windows couldn't restore to my restore point.
I thought that even though Windows reported that it was unable to restore to an earlier date, that it indeed had restored to an earlier date, because it was missing some Windows updates that I had just added the day prior. So I was (somewhat) hopeful that I was now Pushdo free.
However, the last 2 days, my system has slowed down and really been sluggish (at least the internet).. I think I still have the Pushdo trojan. There is recent news online (within the last month) on this thing, about how hard it is to detect, about how it keeps evolving. (And it adds other Malware.) But nothing I've found gives me a solution for even detecting this latest version or removing it.
Anyone have any ideas on how to really determine if I am infected? More free scans to try?
I'm not too keen on reformatting and reinstalling Windows and everything else unless absolutely necessary, I can't really afford the down time. That's probably a whole day of backing up, installing and restoring (and boredom!). So I'd really appreciate a different solution if there is one!
I'm running XP Pro, using AVG free and running Windows firewall.