It's ages (2002) since I last signed in and I'm pleased to renew the contact.
I use AVG antivirus control, free version and it informs me that I have a virus entitled 'Trojan Horse Downloader.Perfiler.A'. It apparently resides in C:\Restore\Temp\A0217916.cpy. AVG cannot heal it or move it into temporary suspension and I cannot delete the file, even though I changed the attributes to archive. Can anyone help please?
Since it's in a folder called "Restore," I assume it's been included in a restore point made either by your computer (WinME?) or by software like GoBack.
You sure don't want to be using a restore point that has a virus packed inside so you need to delete all the restore points.
If it's WinME, go to Control Panel>System>Performance tab>File System Button>Troubleshooting tab and check the box for "Disable System Restore." Click OK, click Yes. Reboot. Then if you want System Restore running, go back and uncheck that box.
If you're using some other backup software, read its help files on instructions on how to delete old restore points.
Thanks Dai and Miz for your help.
I disabled system restore and then ran AVG again. This time it picked up a virus 'Trojan Horse downloader.Small.4.D' in two areas as follows:
C:\windows\temp\bridge.exe and c:\windows\temporary internet files\contentI.E.5\slavodyJ\Bridge~1.exe. Fortunately AVg dealt with them. How are they getting through my firewall (ZoneAlarm)?
I haven't turned system restore back on yet - will that virus still be there do you think?
when you turn restore back on and reboot it will create a restore point,all others will be gone.
you get the virus from something you d/l,they are hidden in the d/l
get in the habit of scanning before opening
Thanks dai and WhitPhil, I have AVG running in the background so the only download I have undertaken recently is 'startup faster 2004', a recommended download. Perhaps my family users are picking up something with their music downloads.
Can you advise me how I can get rid of BI.DLL? When I tried to delete it manually I was informed that Windows was using the file. I wondered whether, if I changed the attribute I could perhaps delete it manually, but that involves accessing the file, which AVG strongly advised against.
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!