I have a Trojan Horse Dialer.11.BU in my C:\WINDOWS\system32\saristar.dll file. I have tried AVG which will not allow me to vault the file and I have also tried TrojanHunter which does not detect the trojan at all. It then came up and said that the trojan was in the C:\DOCUMEN~1\ANDREW~1\Temp\Z6ihr4.exe file. Sorry if I have given the wrong system information however I am trying to rid this from a close friends PC and am not sure of their full system details. Hope I have enough info for some help. PLEASE

Hi Tracey, If you cannot delete the files with windows running, boot in DOS and delete them. M2

Trojans hide in the system restore files. If your friend has either Win nme or Xp, there are system restore files. Disable them and leave them like that until the bug is gone. It would help to know what OS your friend's system is, but here is something to do whatever the OS: Use these in order, in safe mode along with running the AV in safe mode: Trojan Hunter trial version: http://www.misec.net/ Trojan Scan: http://www.windowsecurity.com/trojanscan/ SWATIT: http://swatit.org/download.html reboot, back into safe mode: Tools > Intenet Options> General Tab > Delte files > check the box to delete off line content > click ok > delete cookies > click ok. %TEMP% files: Dble click My Computer icon on desk top > type %TEMP in the address bar > click enter > delete all you can delete. Empty recycle bin. Go to start > Programs > Accessories > System Tools > Run disk clean up, then scan disk, if scan disk tells you there are programs running in the background--ctrl+alt+delete and end-task on everything except sytray and explorer, the run scan disk > then defragmenter. Is your friend running either Spybot or Adaware? If not, consider downloading, updating and running them on a regular basis. They both update regularly (every weeek or less), so keep them updated or they are not effective. Thresher