Can't get rid of Trojan! Help please?

  AngeTheHippy 12:06 18 Jul 2006
Locked

Hi again Chaps,
This morning on powering up, I got a virus alert pop-up from AVG (never let me down in the past..). It seems to replicate itself! Each time I 'heal', it tells me its healed successfully, and put into quarentine. This is happening say every 4 minutes? I've emptied the quarentine 3 times now, with about 5 of these nasties each time, all the same, all from the directX file! I've turned off sys restore, gone into safe mode, (before that d/loaded a bit of s/w suggested in another thread I looked up on PCA - it's called A-Squared security).done full scans with both this s/w and AVG - only AVG detected it. Restarted in normal mode, AVG'd it again, and AGAIN it's detected it!! Can't seem to get rid of the damned thing!

Its a Trojan Horse Downloader.Generic2.FMM. It's in C:Windows\System32\DirectX\calco.exe. So it's called calco.exe. I've tried looking on google for this calco.exe and can't find anything!! I'm pretty worried now, as I can't see how to get rid of it.

Just looked in Object details in AVG vault - this is what it says::

file name:

  ArrGee 12:10 18 Jul 2006

Spybot
click here

Ad Aware
click here

Ewido
click here

All free. Try these first.

  AngeTheHippy 12:10 18 Jul 2006

Just looked in Object Details in AVG vault - this is what it says:

File Name: calco.exe
File path: C:\WINDOWS\System32\DirectXDiscovery: Trojan Horse Downloader: Generic2.FMM
Date of detection: 18/7/2006 11.54.54
Sourse computer: MainPC
Finder: Ange
File Size: 68.05KB (70144 bytes)
Healable: No
Sourse: backup copy
Status: Infected.

So, it seems to be a clever little sod. Please, if anyone knows how I can ditch this, please let me know!!

Thanks a lot,

AngeTheHippy
xx

  AngeTheHippy 12:17 18 Jul 2006

but I don't think it's classed as spyware. I tried adaware, nothing detected. Only AVG seems to detect it so far.

x

  ArrGee 12:17 18 Jul 2006

Calco.exe is linked into calcc.exe. Use this to get rid of it...

click here

  ACOLYTE 12:20 18 Jul 2006

You could try click here there is a free version and it is supposed to be able to remove this,apparently it can remane itself to calcc.dll and this is the file that changes to:calcc.dll as Win32/TrojanDropper.Small.NDQ,all this taken from
click here.


HTH

  AngeTheHippy 14:15 18 Jul 2006

This is it so far.... Used ad-aware, AVG, a-squared security and SUPERantispyware. All in safe mode.

Restarted PC, re restore pointed, and SO FAR - a good 1/2 hour now (remember, this calco.exe seemed to replicate every few minutes..)I haven't had one AVG pop-up.

Don't wanna tempt fate, so won't tick 'resolved' till a bit later.

Mean while, ArrGee & ACOLYTE, thanks very much for your help with this. ***FINGERS CROSSED*** it's done the trick!!

AngeTheHippy
xxxx

  wee eddie 15:30 18 Jul 2006

Downloader may be hiding in your Restoration Folder, you will need to delete your Restore Points as soon as you have gone far enough back to be clear of it.

  AngeTheHippy 22:35 18 Jul 2006

thanks - I've had no reappearance of AVG virus reports that were appearing every couple of minutes, so I guess I've got rid of it! I turned off sys restore then re started in safe mode - did lots of scans (different s/w) and I think it all did the trick!

Thanks all again,

AngeTheHippy
xxxx

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Xiaomi Mi Mix 2 review

See mcbess's iconic style animated for Mercedes-Benz

iPhone X news: Release date, price, new features & specs

Black Friday 2017 : date, sites participants & bonnes affaires