AVG 7 found 'Trojan horse Dialer. 13.Q located in C:\explorer.cab:\explorer.exe but gives me no options to clear it. Have run AdAware and Spybot both in safe mode and with systen restore points turned off. They do not find it. Housecall does not find it. Spyware Blaster did not stop it. Have run out of ideas. Has anyone got any suggestions on how to get rid of this?
AVG wont delete it cos its in a cab file it can find virus/trojans, inside archives but not delete them so can you search for the cab file click it and see it the file mentioned is there if it is delete it,BE AWARE THAT DELETING THE WRONG FILE WILL STOP WINDOWS WORKING.so dont delete explorer.exe.This is risky so you may wont to wait for someone else to advise.
W32/Sober-C is an internet worm which spreads via file sharing on peer-to-peer networks and by emailing itself to addresses found within files on the computer.
The email subject line and message text are randomly chosen from internal lists and will be in either English or German. The attachment filename is also randomly chosen from an internal list and can have an extension of EXE, SCR, PIF, COM, CMD or BAT. See below for further details.
When first run, the worm copies itself to the Windows system folder as syshostx.exe and two other randomly selected filenames.
W32/Sober-C then creates the following registry entries
Have now managed to get rid of this trojan dialer. Having tried almost every anti virus and scanner known to man the one that found it and deleted it in the end was the one suggested by rômanab. So a huge thank you to rômanab. It was eScan Antivirus by Micro World Technologies. I had to purchase the full version to be able to delete but I consider it £22 well spent. It also found a couple of other things that nothing else had found. The only problem I'm left with now is that having bought this thing do I use it as my main AV prog or do I carry on with AVG 7. Ho hum... solve one problem, create another....