Results 1 to 4 of 4

Thread: Can get ride of Backdoor.Win32.Sinowal.gcu

  1. #1
    esandle Guest

    Default Can get ride of Backdoor.Win32.Sinowal.gcu

    Hello,

    I cannot get rid of this trojan horse/worm Backdoor.Win32.Sinowal.gcu
    ZA says the the virus is located in \Device\Harddisk3\DR3, \Device\Harddisk2\DR2, and \Device\Harddisk1\DR1



    Product Info:
    ZA Internet Security Ste. ver 9.1.008
    Driver ver 9.1.008
    AV/AS engine ver 8.0.2.42, DAT file version 10102622880
    AntiSpam ver 6.0.0.2385

    System and O/S Info:
    Intel processor
    Windows 7 64-bit
    2GB RAM

    I have tried researching the Internet, Microsoft, and ZA sites. Can anyone guide me on this one?

    Thx!

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,291

    Default Re: Can get ride of Backdoor.Win32.Sinowal.gcu

    Hi!
    this is a very difficult and dangerous pest to remove, variants of this malware also install rootkits.

    Follow ALL steps suggested here:
    http://forums.zonealarm.com/showthread.php?t=70448

    Cheers,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    esandle Guest

    Default Re: Can get ride of Backdoor.Win32.Sinowal.gcu

    Hi Fax,

    Thank you for the suggestion. I gave it a try and I still have the trojan horse on three of my drives. Should I try to fix the boot record using "bootsect.exe" or the MBR fix software from Microsoft? I believe the trojan horse has affected my boot record and the AZ cannot fix this. Do you agree?

    Regards,
    Elliot

  4. #4
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,291

    Default Re: Can get ride of Backdoor.Win32.Sinowal.gcu

    Hello,
    please follow all steps as suggested. This include the analysis of the system by malware experts at spywarehammer or bleepingvomputer.

    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •