Trojan horse dialer

jennyjo_2

Trojan horse dialer.15.AX

AVG anti-virus found the above on friday and deleted it, today it has found it again, why has it come back and now I'm using AVG how has it got in, can I stop it returning,

please help I'm a bit of a tech newbie but a quick learner

-TangleFoot-

Well, first thing to do would be to check whether Windows Firewall/ICF is enabled. Secondly, disable System Restore. Assuming that nothing else is amiss, that should be all that is necessary to allow your anti-virus software to remove this little annoyance without it springing up again; some viruses and their ilk hide a copy of themselves in System Restore as backup.

jennyjo_2

it does say file path: C:\System Volume Information\_restore{348F7407-C88E-4815-8..

if that's any help

jennyjo_2

the windows firewall is enabled already, won't disabling system restore be a problem though if I need to use it??

-TangleFoot-

Disabling System Restore will delete any restore points made, yes, but I have found that its propensity to harbour viruses makes it somewhat less useful than it could otherwise be.

bokkie7975

disable system restore , run avg, then enable system restore again.
when you disable system restore all previous restore files are deleted, a new one is made when you re-enable it.
you wont be able to restore back further than the new file, but shouldn't be too much of a loss.

Rex_Mundi

virii

Don't mean to be picky, but the plural of virus is viruses. Most definately not virii.

jennyjo_2

thanks for help so far, sorry if I sem a little slow taking it in.

Also I've just run Spyware Doctor and it is showing 277 infections but saying that to remove them I have to purchase the full programme from them

-TangleFoot-

Rex_Mundi wrote:

Don't mean to be picky, but the plural of virus is viruses. Most definately not virii.

By gum, you're right!

---

jennyjo wrote:

I have to purchase the full programme from them

You'll be better off with a freeware alternative then.

Take your pick

I heartily recommend either Spybot Search & Destroy or Microsoft AntiSpyware. SpywareBlaster is also an excellent tool with which to complement any do-it-yourself security package.

Paul_Varjak

My AVG anti-virus detected a trojan dialler yesterday and the same trojan dialler appeared again today in the system restore files. I used AVG to delete both of them, so I do not think it is necesary to delete system restores (but I may be wrong).

I was actually browsing MSE when AVG detected these files - the only time I have ever had a warning from AVG! The dialler was called ACONTI.EXE which I determined (by using Google) is an Adult Content dialler!

I think one problem with using the Microsoft firewall is that it can only stop unwanted incoming internet connections - it does not stop outgoing ones - which is what trojan dialler rely on! Better to get a better firewall that does do this - I use ZoneAlarm. So, if your anti-virus does not recognise a rogue dialler as a virus, the firewall with outgoing connection protection should trap it!

As for your query on spyware detection/removal, Microsoft has a beta product that both detects and removes spyware - and it is free!

Fran

jennyjo wrote:

Trojan horse dialer.15.AX

AVG anti-virus found the above on friday and deleted it, today it has found it again, why has it come back and now I'm using AVG how has it got in, can I stop it returning,

please help I'm a bit of a tech newbie but a quick learner

Have you had a look at FAQ's which is a sticky at the top of this board?

AVG won't stop a virus or trojan getting in, it will detect it and remove it. A firewall prevents it getting there in the first place by alerting you when it spots something suspect. Also they can get in through email attachments that you open.