Win32:Gaobot-2435[Trj] ***Trojan Horse Identified - Help Required ***

Hi,

I hope I have done the right thing and look to those that know what their doing for some sound advice.

I currently use Avast, I ran a full system Scan this evening and it detected the following Trojan Horse;

Win32:Gaobot-2435[Trj]

The Original Path is

C:|System Volume Information|_restore ............

Avast has identified it and has directed me to 'move to chest' which I have done; my concerns are,

1. has moving it to the Avast Chest dealt with the issue;
2. does the virus reman on my PC;
3. I am networked to a lap top, will it infect this;
4. Should I delete it or just remove to the Avast chest, and finally
5. I ran a scan about 2 weeks ago and the virus was not identified, having moved it to the chest it shows the virus as being delivered 10.01.2008 - I have however recently opened old un-opened email, could this be the cause?..

Any help that anyone could offer is VERY much appreciated, and thanks very much in advance.

Harrison

 

Answers:

1. Yes - the chest causes the files' usage to be disabled and prevents them from causing any harm.
2. Yes, but in the chest (see answer to #1)
3. It was possible but now it is in the chest you should be safe. Run your anti-virus software on the laptop too.
4. The chest is a good place to leave it until you are certain that it's removal is not causing your machine an issue. This is great if your AV discovers a false positive and places it in the chest. Then you are able to restore it if required.
5. It is certainly possible

If you are still conncered that your computer is infected, please follow the advice given in Post #2 and start a new thread in the Malware Forum posting up the requested logs as indicated. An Authorized Malware Fighter will then take a look for you.

 

Lev,

many thanks for your response, at least I know all is safe now. Much Appreciated.

Tim,

sorry, how would I 'You can toggle system restore to remove any bad restore points' ......

Thanks again.

Harrison