Hi there!
Can anyone tell me how I can terminate this trojan???
I have got Avast home version, Spyboot and Destroy and I have just installed Ewido, Ad-aware and Synate firewalls.
In my computer I have got Windows 2000 professional!
So for I haven`t had much luck with all these programmes and trojan is stille there!
Thanks a lot!
Bye
C
- What was the virus name, what was the filename, where was it found
example (C:\windows\system32\infected-filename.xxx)?
For files in use that may be being protected by windows, try the schedule boot-time scan in avast’s menu (or try the ‘Schedule Boot-Time Scan’ using RejZoR’s AEC avast! External Control Tool
Hi!
The virus create a temporary file in the following folder C:/winnt/system32/. Even I destroy it, every time I switch on the computer it seems the virus create a new temporary file with a very similar name to the prevoius one. The name of this tempoarary file is dle_ _ _.tmp where the three last characters can change and can be numbers (most of the time) or sometimes letters.
Anyway thank you very much for the suggestion! As soon as I get home I will try to use schedule boot-time scan in avast’s menu!
I hope it will work!
Thanks
C
I suspect this may be a rbot worm variant: hard to tell, but a HijackThis! on another forum with the same avast! virus name seemed to be an infection by this worm.
It would be worth running the rdriv.sys removal tool just to be sure the worm isn’t hiding itself with a rootkit, which it sometimes does.
Running the rootkit removal tool won’t hurt. I can’t say for sure that you have the rootkit, but it is a possibility.
http://forum.avast.com/index.php?topic=16788.msg142660#msg142660
Run the tool before the avast! scan and then try another scan with ewido which might now see something.
hi there!
It seems I have eliminated this virus with the schedule boot scan of Avast in collaboration with Ewido and Ad-aware (both programmes have found some malware). Anyway I will keep on eye on it in case it will be back.
Thank you very much for your help!
Bye
C