I Get warning that trojan has infected system but how do I find it and remove it

[5wolves]

I Get warning that trojan has infected system but how do I find it and remove it.

the trojan that keep getting warnings about, has the name of  " backdoor soundcheck ",
it has been caught and quarantined in the webroot spysweeper several times, have deleted it, carried out a re - scan, but it reappears at some point later, how can I be rid of the thing for good.

Another aspect of this, is that the avast warning window gives the trojan another name,
which is,  WIN32.Sdbot-3267 [ Trj ],   File name is -  c :\windows\system32\rdrive.sys

but it seems I am unable to do anything about stopping this trojan or getting rid of it permanently.

the various options in the avast program do not seem to work ; ie,

delete, move to chest take no action etc, these do not deal with it.

is there a solution ? .      
 

[DavidR]

There is no standardisation in the naming of malware so it isn't unusual for it to have a different name, I assume that it relates to the same infected file name ?

Since this is in a system folder, removal will be more complex as it could be protected by windows and ultimately system restore. You should disable system restoer and reboot and don't enable system restore until this infection is gone.

Do you mean rdriv.sys and not rdrive.sys ?
If so, check out this post rdriv.sys Removal. Note that Ewido is now called AVG anti-spyware.

[Spiritsongs]

   Hi "5" :

      Looks like a question you should ask on the SpySweeper
      Support Forums at :

      http://www.castlecops.com/f163-Spysweeper.html .

      "Trojans" are best dealt with using an antiSPYWARE
        program, not an antiVIRUS program. Perhaps you should
       install the "Free" version of "SUPERantispyware" from
       www.superantispyware.com and use it to see if it will
       successfully "deal" with the problem !?