Trojan Horse Dialer - Can't Remove !!!!!!!!!

  buster99 11:55 03 Oct 04
Locked

I keep having problems with Trojan Horse Dialers,
my latest ones (3) are located in C:\_restore\temp.
I've run Avg/A2/Webrooter Spy Sweeper - AVG & A2 identified them as malware but were unable to remove them.
I subsquently attempted to manually remove them but access was denied as source file may be in use.
Each one has an extension of .cpy (copy I presume)
I have zone alarm running so I fail to see how the little bu**ers as getting in.
Anyone that can help, it would be much appreciated.

Txs in anticipation

  georgemac 12:02 03 Oct 04

you need to switch off system restore - control panel - perfomance and maintenance - sustem - system restore tab and tick turn off system restore on all drives

reboot into safe mode - press f8 after post test - and then run avg

reobbot normally, turn system restore back on, create a restore point, and then install spywareblaster

  canard 20:00 03 Oct 04

Process View will "kill" any running app so then you can delete it. Use the dropdown menu for process 1sr highlighting the unwanted proggy.

  stalion 20:04 03 Oct 04

this will remove it scan in safe mode
click here

  Completealias 13:04 04 Oct 04

Sounds like the b**gers are hiding in your system restore points. Run a full system scan 2 make sure u don't have any current infections. Once u've done this make a system restore point. Then run the disk clean up ultity

Right click C drive, Properties, Disk Clean-Up

Click on the more options tab and down the bottom there is an option 2 clean out all but the most recent restore point.

This should get rid of the infected restore points and just leave you with the one you made.

  OwenLotts 13:13 04 Oct 04

They are not "hiding in the restore points". Windows has backed the files up in SR when they were deleted from the system. It can't tell the difference between a virus and a non virus file so it beacks them up the same. AV scanners can detect the files in the SR directory but Windows won't let them delete them. Even though they are there they cannot and are not infecting your system (unless you have other copies of the virus in non SR directories)

Do as georgemac says....

ZoneAlarm won't necessarily stop this sort of thing getting onto your PC. It might stop it connecting out...

  byfordr 13:29 04 Oct 04

Have you tried cwshredder, spybot or even adaware?

click here cwshredder

click here spybot

click here - adaware

HTH

R

This thread is now locked and can not be replied to.

What is Amazon Go and will it come to the UK? The store without checkouts or queues

1995-2015: How technology has changed the world in 20 years

Why ecommerce hasn't taken off on social media

New MacBook Pro 2016 review | MacBook Pro with Touch Bar review: Apple's expensive and powerful…