Hi,

I need help with a Backdoor.Trojan virus. My Norton AntiVirus will not quarantine or delete the files. It is in this form c:/documents and settings. I have Windows XP and it says the Compressed File Installer_george_test.exe within c:\download and settings. I have ran McAfree, Norton, Trojan and none of them can remove the infected files. Can anyone help me? Thanks for looking.

Have you done a search for that file to manually delete it? Have you emptied your temp internet files and disabled "system restore" by using MY Computer>right click>Properties>System Restore>Turn Off System Restore? After your system is clean go back and turn System Restore back on, but set the soder to 2% instead og the default 10% if your hard drive is 30G or larger.

I tried to find it manually and I can not. I don't know where to search besides at start. I turned off system restore and re-ran Trojan Hunter, and Trojan Remover. Trojan Hunter gave me the following report:
unable to unpack upx-packed file C:\Documents and Settings\Cassie\local Settings\Temporary Internet Files\Content\IE5\184VTTS1\dialer\[1].exe then I also got unable to unpack upx-packed file C:\Program Files\Trojan Remover\unp.exe
I am really confused here. Thank you.

Have you deleted your temporary internet files by using Tools>Internet Options>Delete Files?

Did that too! I even ran it in safe mode and ran the Trojan programs again, now is says their are no viruses but the Backdoor.Trojan file is still there

Perhaps it is a spyware dialer that was detected. Do you use Adaware and SpyBot? If not go to http://www.wilders.org/ and get them. Then see if they will take care of this problem. Also get Spywareblaster, it protects against Active X.

Hi.

If this is a dialer Spybot should fix it.
If not a dialer and really a backdoor trojan,send an email to Trojan Hunter's developer.
There should be a link in the TH program under "About" tab in the TH console.
I submitted a suspicious file when I trialled Trojan Hunter.
Or you could go to the Trojan Hunter support forum.

For faster file searches there is a free program that is excellent.
Google search for "AgentRansack".

Hope this helps,
JB.

I have this virus, too and am having the same problems. I will be monitoring this thread for a fix. Or, should I find one, I will let you know!

Mark

I had the virus too. I am running Nort Corprate Edition 8.0. It quarentined and then I was able to tell norton to delete.

If you are not able to then here are a

couple of things you can try.

First find the file go into properties and make sure you have full access under the security tab. Then try and delete.

Second try cutting and pasting the file to your desktop and then try and delete it.

Third start into safe mode and delete.

And lastly if none of that works startup your pc in repair mode and delete it from the command prompt the old fashion way.

Hope this helps