Trojan 124788

  • Thread starter Thread starter PJ
  • Start date Start date
P

PJ

I've had a dialler install with numerous files in various locations. Using
AVG (spybot doesn't seem to see any of it) I've got 14 infected files
identified. I've deleted 12 of them (AVG did it auotmatically) but I'm
stuck with two of them that AVG cnnot get rid of although it can see them.
Both are as follows:

Windows\system32\124788.exe:\12478inst.exe
Windows\system32\124788.exe:\12478.exe

AVG describes then as embedded objects (both diallers) and cannot delete
them..

Any help on the way to go here.
I cannot find them manually at the address given so completely stuck
Regards

PJ
 
From: "PJ" <[email protected]>

| I've had a dialler install with numerous files in various locations. Using
| AVG (spybot doesn't seem to see any of it) I've got 14 infected files
| identified. I've deleted 12 of them (AVG did it auotmatically) but I'm
| stuck with two of them that AVG cnnot get rid of although it can see them.
| Both are as follows:
|
| Windows\system32\124788.exe:\12478inst.exe
| Windows\system32\124788.exe:\12478.exe
|
| AVG describes then as embedded objects (both diallers) and cannot delete
| them..
|
| Any help on the way to go here.
| I cannot find them manually at the address given so completely stuck
| Regards
|
| PJ
|
| --
| to reply take out noads
|





Dump the contents of the IE Temporary Internet Folder cache (TIF)

start --> settings --> control panel --> internet options --> delete files

1) Download the following three items...

Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp

Latest Trend signature files.
http://www.trendmicro.com/download/pattern.asp

Ad-aware SE (free personal version v1.05)
http://www.lavasoftusa.com/

Create a directory.
On drive "C:\"
(e.g., "c:\New Folder")
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")

Download SYSCLEAN.COM and place it in that directory.
Download the Trend Pattern File by obtaining the ZIP file.
For example; lpt488.zip

Extract the contents of the ZIP file and place the contents in the same directory as
SYSCLEAN.COM.

2) Update Ad-aware with the latest definitions.
3) If you are using WinME or WinXP, disable System Restore
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
4) Reboot your PC into Safe Mode and shutdown as many applications as possible.
5) Using both the Trend Sysclean utility and Ad-aware, perform a Full Scan of your
platform and clean/delete any infectors/parasites found.
(a few cycles may be needed)
6) Restart your PC and perform a "final" Full Scan of your platform using both the
Trend Sysclean utility and Adaware
7) If you are using WinME or WinXP,Re-enable System Restore and re-apply any
System Restore preferences, (e.g. HD space to use suggested 400 ~ 600MB),
8) Reboot your PC.
9) If you are using WinME or WinXP, create a new Restore point

* * Please report back your results * *
 
X-No-Archive: yes



Thank you Dave... will do that and let you know by tomorrow

Kind Regards
PJ
 
X-No-Archive: yes


David,
As promised..
Thank you so much for your help. Followed your directions to the letter
and it appears that the rogue dialler has been detected and deleted.(Took
best part of 4 hours from start to finish!!)
I do appreciate your help
Best Regards
PJ
 
From: "PJ" <[email protected]>

| X-No-Archive: yes
|
| David,
| As promised..
| Thank you so much for your help. Followed your directions to the letter
| and it appears that the rogue dialler has been detected and deleted.(Took
| best part of 4 hours from start to finish!!)
| I do appreciate your help
| Best Regards
| PJ
|
| --
| to reply take out noads
|

PJ:

Glad to hear that and thanx for updating the thread.
 
From: "PJ" <[email protected]>

| X-No-Archive: yes
|
| David,
| As promised..
| Thank you so much for your help. Followed your directions to the letter
| and it appears that the rogue dialler has been detected and deleted.(Took
| best part of 4 hours from start to finish!!)
| I do appreciate your help
| Best Regards
| PJ
|
| --
| to reply take out noads
|

PJ:

Glad to hear that and thanx for updating the thread.
Click to expand...

Not enough people come back with feedback. They just take the help and
go.
--

Regards,
Ian Kenefick
Got a virus?
Go to www.ik-cs.com > 'Got a virus?'
 
|
| Not enough people come back with feedback. They just take the help and
| go.
| --
|
| Regards,
| Ian Kenefick
| Got a virus?
| Go to www.ik-cs.com > 'Got a virus?'

Yepper...

That why I try to append something like....

* Please report back your results *

Only with feedback can we discern what works, what doesn't work and how we can improve upon
the instructions that we may provide.

I am a staunch believer in the Quality Control Feedback Loop model.
 
Back
Top