Win32.Dialer_F [trj]

I keep getting effected by this virus. Avast is not allowing me to remove the virus. I have to choose delete on next boot. However it reappears after a while…

Any suggestions?

Regards

L. Tambiah

Hi,

where exactly does avast find this ?
i.e.: exact pathname =foldername(s) and filename of the infected file ?
which WIN do you have ?
if you have Win ME/XP, and the trojan is found in the RESTORE folder, you need to disable system restore, and it will be gone:
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm

Have you done all Windowsupdates ?
have you secured your IE-Browser (disable/restrict activeX/scripting/autodownloads via Internet options → security)

you might also want to scan with:

:wink:

My system restore is off anyway, i am using win xp, and the file is always found in the tempory internet folder which is on drive D on my machine.

well then, empty the T.I.F. folder:

via control panel or IE-Borwser->Extras → Internet options → general → delete files → check Offline files → OK…
do this for ALL users on the machine
pause avast resident shield first

to keep it from reappearing, you need to:

  • update your Win and IE, and secure your IE (see above) or use a different browser (opera, mozilla)
  • exercise some common sense and caution when surfing and don’t klick on everything that pops up

if that won’t resolve it, post a log-file of hijackthis here:
www.lurkhere.com → nicefiles

whta are the results of the other scanners i mentioned above ?
scanning with Spybot, ad-aware and cwshredder migth also help

Download-links and further Info via above link, google, or the board search :wink:

Whocares, Because it is a dialer, Would it not be a good idea to run spybot and ad-aware? They both have a huge dialer database :slight_smile:

i am not what you call a amateur user, i take care to what i click and i have all updates. The problem with the addware you provided me they are foreign. I cant read other languages only english.

I think i have resolved the problem, i managed to get the dialer into the virus chest and then deleted it. So far so good.

Thanks for the help

regards

L. Tambiah

ok, good that you managed it :slight_smile: :slight_smile:

except for YAW, all mentioned programs/sites are available in english (as well)
P.S.:
This
http://www.emsisoft.de/images/usa.gif
little icon usually means, that by clicking it, you get some English info/version :wink:

EDIT: ok, my fault, I mistyped the Link for a-2 :-[