I've picked up a virus!!

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

trevorjaydee

Thread Starter
Joined
Jul 8, 2002
Messages
24
It's ages (2002) since I last signed in and I'm pleased to renew the contact.
I use AVG antivirus control, free version and it informs me that I have a virus entitled 'Trojan Horse Downloader.Perfiler.A'. It apparently resides in C:\Restore\Temp\A0217916.cpy. AVG cannot heal it or move it into temporary suspension and I cannot delete the file, even though I changed the attributes to archive. Can anyone help please?

Thanks, Trevor Durbidge. :eek:
 

dai

Joined
Mar 6, 2003
Messages
11,198
you have to turn off sytem restore to clean it out and then turn it back on again
 

Miz

Joined
Jul 1, 2002
Messages
2,146
Since it's in a folder called "Restore," I assume it's been included in a restore point made either by your computer (WinME?) or by software like GoBack.

You sure don't want to be using a restore point that has a virus packed inside so you need to delete all the restore points.

If it's WinME, go to Control Panel>System>Performance tab>File System Button>Troubleshooting tab and check the box for "Disable System Restore." Click OK, click Yes. Reboot. Then if you want System Restore running, go back and uncheck that box.

If you're using some other backup software, read its help files on instructions on how to delete old restore points.
 

trevorjaydee

Thread Starter
Joined
Jul 8, 2002
Messages
24
Thanks Dai and Miz for your help.
I disabled system restore and then ran AVG again. This time it picked up a virus 'Trojan Horse downloader.Small.4.D' in two areas as follows:
C:\windows\temp\bridge.exe and c:\windows\temporary internet files\contentI.E.5\slavodyJ\Bridge~1.exe. Fortunately AVg dealt with them. How are they getting through my firewall (ZoneAlarm)?
I haven't turned system restore back on yet - will that virus still be there do you think?

Many thanks again, Trev.
 

dai

Joined
Mar 6, 2003
Messages
11,198
when you turn restore back on and reboot it will create a restore point,all others will be gone.
you get the virus from something you d/l,they are hidden in the d/l
get in the habit of scanning before opening
 

WhitPhil

Gone but never forgotten
Trusted Advisor
Joined
Oct 4, 2000
Messages
8,684
Firewalls do not stop viruses and they can get infect your pc in ways other than via downloads.

What you want to do is start running your AV in the background continuously. You want to detect a virus before the fact, not after it is already inside and "potentially" doing damage to your files.
 

trevorjaydee

Thread Starter
Joined
Jul 8, 2002
Messages
24
Thanks dai and WhitPhil, I have AVG running in the background so the only download I have undertaken recently is 'startup faster 2004', a recommended download. Perhaps my family users are picking up something with their music downloads.

Thanks again, Trev.
 

trevorjaydee

Thread Starter
Joined
Jul 8, 2002
Messages
24
I can't believe it! After following your respective advice I ran AVG as soon as I started up again and found the following:

C:\WINDOWS\BI.DLL Trojan horse PSW.Bispy.A
C:\WINDOWS\BIPREP.EXE repaired
C:\WINDOWS\TEMP\BI.DLL repaired
C:\WINDOWS\TEMP\BIPREP.EXE repaired
C:\WINDOWS\TEMP\BRIDGE.EXE repaired
C:\WINDOWS\Temporary Internet Files\CONTENT.IE5\OP23S5U7\BRIDGE~1.EXE repaired

Can you advise me how I can get rid of BI.DLL? When I tried to delete it manually I was informed that Windows was using the file. I wondered whether, if I changed the attribute I could perhaps delete it manually, but that involves accessing the file, which AVG strongly advised against.

Hope that you can help :mad:

Regards, Trev.
 

trevorjaydee

Thread Starter
Joined
Jul 8, 2002
Messages
24
Hello everyone, I have just taken my ignorance in both hands and deleted the infected file from DOS. Everything now seems to be OK! Many thanks to those who have assisted me. Regards, Trev.
 
Joined
Aug 15, 2003
Messages
83
thanks for this thread trevor... ive had the same problem with infected files in restore... but now i can deal with them thanks!!!
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top