Trojan Horse Dialer - Can't Remove !!!!!!!!!

  buster99 11:55 03 Oct 2004

I keep having problems with Trojan Horse Dialers,
my latest ones (3) are located in C:\_restore\temp.
I've run Avg/A2/Webrooter Spy Sweeper - AVG & A2 identified them as malware but were unable to remove them.
I subsquently attempted to manually remove them but access was denied as source file may be in use.
Each one has an extension of .cpy (copy I presume)
I have zone alarm running so I fail to see how the little bu**ers as getting in.
Anyone that can help, it would be much appreciated.

Txs in anticipation

  georgemac 12:02 03 Oct 2004

you need to switch off system restore - control panel - perfomance and maintenance - sustem - system restore tab and tick turn off system restore on all drives

reboot into safe mode - press f8 after post test - and then run avg

reobbot normally, turn system restore back on, create a restore point, and then install spywareblaster

  canard 20:00 03 Oct 2004

Process View will "kill" any running app so then you can delete it. Use the dropdown menu for process 1sr highlighting the unwanted proggy.

  stalion 20:04 03 Oct 2004

this will remove it scan in safe mode
click here

  Completealias 13:04 04 Oct 2004

Sounds like the b**gers are hiding in your system restore points. Run a full system scan 2 make sure u don't have any current infections. Once u've done this make a system restore point. Then run the disk clean up ultity

Right click C drive, Properties, Disk Clean-Up

Click on the more options tab and down the bottom there is an option 2 clean out all but the most recent restore point.

This should get rid of the infected restore points and just leave you with the one you made.

  OwenLotts 13:13 04 Oct 2004

They are not "hiding in the restore points". Windows has backed the files up in SR when they were deleted from the system. It can't tell the difference between a virus and a non virus file so it beacks them up the same. AV scanners can detect the files in the SR directory but Windows won't let them delete them. Even though they are there they cannot and are not infecting your system (unless you have other copies of the virus in non SR directories)

Do as georgemac says....

ZoneAlarm won't necessarily stop this sort of thing getting onto your PC. It might stop it connecting out...

  byfordr 13:29 04 Oct 2004

Have you tried cwshredder, spybot or even adaware?

click here cwshredder

click here spybot

click here - adaware



This thread is now locked and can not be replied to.

Elsewhere on IDG sites

iPhone X review

Political cartoons in 2017: Chris Riddell, Rebecca Hendin and Dave Brown on what it’s like to…

The best iPhone for 2017

Tennis : comment regarder la finale de la Coupe Davis 2017 ?