Re: Trojan

From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 10/09/04 

Date: Sat, 9 Oct 2004 17:20:30 -0400

1) Download the following three items...

         Trend Sysclean Package
         http://www.trendmicro.com/download/dcs.asp

         Latest Trend signature files.
         http://www.trendmicro.com/download/pattern.asp

         Adaware SE (personal free version)
         http://www.lavasoftusa.com/

Create a directory.
On drive "C:\"
(e.g., "c:\New Folder")
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")

Download sysclean.com and place it in that directory.
Dowload the signature files (pattern files) by obtaining the ZIP file.
For example; lpt192.zip

Extract the contents of the ZIP file and place the contents in the same directory as
sysclean.com.

2) Update Adware with the latest definitions.
3) If you are using WinME or WinXP, disable System Restore
            http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
4) Reboot your PC into Safe Mode
5) Using both the Trend Sysclean utility and Adaware, perform a Full Scan of your
        platform and clean/delete any infectors/parasites found.
6) Restart your PC and perform a "final" Full Scan of your platform using both the
        Trend Sysclean utility and Adaware
7) If you are using WinME or WinXP,Re-enable System Restore and re-apply any
            System Restore preferences, (e.g. HD space to use suggested 400 ~ 600MB),
8) Reboot your PC.
9) If you are using WinME or WinXP, create a new Restore point
10) Please report back your results

Dave

"Jiff" <anonymous@discussions.microsoft.com> wrote in message
news:126401c4ae42$06a24970$a501280a@phx.gbl...
| I appear to be infected by the following trojan
| Downloader.Perfiler.D in file
| C:\System Volume Information\_restore{B8524D68-A5FC-4FA0-
| A79E-24F7A10DBE32}\RP40\A0022319.dll
|
| I have run AVG, Pest Patrol, McAfee and others but none
| can find it.
|
| Is this dangerous? How do I get rid of it?
|
| Please help!

Relevant Pages

  • Re: Service Pack 4 Install Failure
    ... (e.g., "c:\New Folder") ... Download sysclean.com and place it in that directory. ... If you are using WinME or WinXP, disable System Restore ...
    (microsoft.public.win2000.general)
  • Re: mcafee32.exe
    ... Dump the contents of the IE Temporary Internet Folder cache ... Download SYSCLEAN.COM and place it in that directory. ... If you are using WinME or WinXP, disable System Restore ...
    (microsoft.public.security.virus)
  • RE: PC Shut-Off when I scan for Virus with any Software
    ... Dump the contents of the IE Temporary Internet Folder cache ... Download SYSCLEAN.COM and place it in that directory. ... If you are using WinME or WinXP, disable System Restore ...
    (microsoft.public.security.virus)
  • Re: Problems getting into web sites and links
    ... (e.g., "c:\New Folder") ... Download sysclean.com and place it in that directory. ... If you are using WinME or WinXP, disable System Restore ...
    (microsoft.public.security.virus)
  • Re: Call home ?
    ... (e.g., "c:\New Folder") ... Download sysclean.com and place it in that directory. ... If you are using WinME or WinXP, disable System Restore ...
    (microsoft.public.windowsxp.security_admin)