1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

I've picked up a virus!!

Discussion in 'Business Applications' started by trevorjaydee, Apr 13, 2004.

Thread Status:
Not open for further replies.
Advertisement
  1. trevorjaydee

    trevorjaydee Thread Starter

    Joined:
    Jul 8, 2002
    Messages:
    24
    It's ages (2002) since I last signed in and I'm pleased to renew the contact.
    I use AVG antivirus control, free version and it informs me that I have a virus entitled 'Trojan Horse Downloader.Perfiler.A'. It apparently resides in C:\Restore\Temp\A0217916.cpy. AVG cannot heal it or move it into temporary suspension and I cannot delete the file, even though I changed the attributes to archive. Can anyone help please?

    Thanks, Trevor Durbidge. :eek:
     
  2. dai

    dai

    Joined:
    Mar 6, 2003
    Messages:
    11,198
    you have to turn off sytem restore to clean it out and then turn it back on again
     
  3. Miz

    Miz

    Joined:
    Jul 1, 2002
    Messages:
    2,146
    Since it's in a folder called "Restore," I assume it's been included in a restore point made either by your computer (WinME?) or by software like GoBack.

    You sure don't want to be using a restore point that has a virus packed inside so you need to delete all the restore points.

    If it's WinME, go to Control Panel>System>Performance tab>File System Button>Troubleshooting tab and check the box for "Disable System Restore." Click OK, click Yes. Reboot. Then if you want System Restore running, go back and uncheck that box.

    If you're using some other backup software, read its help files on instructions on how to delete old restore points.
     
  4. trevorjaydee

    trevorjaydee Thread Starter

    Joined:
    Jul 8, 2002
    Messages:
    24
    Thanks Dai and Miz for your help.
    I disabled system restore and then ran AVG again. This time it picked up a virus 'Trojan Horse downloader.Small.4.D' in two areas as follows:
    C:\windows\temp\bridge.exe and c:\windows\temporary internet files\contentI.E.5\slavodyJ\Bridge~1.exe. Fortunately AVg dealt with them. How are they getting through my firewall (ZoneAlarm)?
    I haven't turned system restore back on yet - will that virus still be there do you think?

    Many thanks again, Trev.
     
  5. dai

    dai

    Joined:
    Mar 6, 2003
    Messages:
    11,198
    when you turn restore back on and reboot it will create a restore point,all others will be gone.
    you get the virus from something you d/l,they are hidden in the d/l
    get in the habit of scanning before opening
     
  6. WhitPhil

    WhitPhil Gone but never forgotten Trusted Advisor

    Joined:
    Oct 4, 2000
    Messages:
    8,684
    Firewalls do not stop viruses and they can get infect your pc in ways other than via downloads.

    What you want to do is start running your AV in the background continuously. You want to detect a virus before the fact, not after it is already inside and "potentially" doing damage to your files.
     
  7. trevorjaydee

    trevorjaydee Thread Starter

    Joined:
    Jul 8, 2002
    Messages:
    24
    Thanks dai and WhitPhil, I have AVG running in the background so the only download I have undertaken recently is 'startup faster 2004', a recommended download. Perhaps my family users are picking up something with their music downloads.

    Thanks again, Trev.
     
  8. trevorjaydee

    trevorjaydee Thread Starter

    Joined:
    Jul 8, 2002
    Messages:
    24
    I can't believe it! After following your respective advice I ran AVG as soon as I started up again and found the following:

    C:\WINDOWS\BI.DLL Trojan horse PSW.Bispy.A
    C:\WINDOWS\BIPREP.EXE repaired
    C:\WINDOWS\TEMP\BI.DLL repaired
    C:\WINDOWS\TEMP\BIPREP.EXE repaired
    C:\WINDOWS\TEMP\BRIDGE.EXE repaired
    C:\WINDOWS\Temporary Internet Files\CONTENT.IE5\OP23S5U7\BRIDGE~1.EXE repaired

    Can you advise me how I can get rid of BI.DLL? When I tried to delete it manually I was informed that Windows was using the file. I wondered whether, if I changed the attribute I could perhaps delete it manually, but that involves accessing the file, which AVG strongly advised against.

    Hope that you can help :mad:

    Regards, Trev.
     
  9. trevorjaydee

    trevorjaydee Thread Starter

    Joined:
    Jul 8, 2002
    Messages:
    24
    Hello everyone, I have just taken my ignorance in both hands and deleted the infected file from DOS. Everything now seems to be OK! Many thanks to those who have assisted me. Regards, Trev.
     
  10. xdanx

    xdanx

    Joined:
    Aug 15, 2003
    Messages:
    83
    thanks for this thread trevor... ive had the same problem with infected files in restore... but now i can deal with them thanks!!!
     
  11. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/219998

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice