Trojan called Dialer.Q2

Discussion in 'malware problems & news' started by Tartan Giant, Jun 23, 2004.

Thread Status:
Not open for further replies.
  1. Tartan Giant

    Tartan Giant Registered Member

    Joined:
    Jun 23, 2004
    Posts:
    2
    Location:
    England
    Hello everybody,

    First Post, and it's one requesting some help!

    I have a Trojan called Win32/Dialer.Q2 apparently running on my system.

    The AV software I always use is NOD32 (version 1.793 [20040622]) but it does not "clean" this infiltration.

    Please can you help by listing the steps..... one by one......... as to how I should go about blowing this thing away.

    The 'copy' of the culprit is below.


    Many thanks, in advance, for your help.

    Cheers

    TG


    Time Module Object Name Virus Action User Info
    23/06/2004 18:18:35 AMON file C:\System Volume Information\_restore{9B5E268F-7B85-477A-B836-F406A6F53F3A}\RP613\A0093457.exe Win32/Dialer.Q2 trojan error while cleaning - operation unavailable for this type of object NT AUTHORITY\SYSTEM
     
    Tartan Giant, Jun 23, 2004
    #1
  2. Mr Hrmm

    Mr Hrmm Guest

    Hi,
    Try disabling system restore and rebooting and turning system restore back on to create a new system restore point. That should get rid of the old system restore points and delete the nastie at the same time.

    After you've rebooted do a new scan.
     
    Mr Hrmm, Jun 23, 2004
    #2
  3. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    C:\System Volume Information\ is where XP stores restore points. Go Start, Run, type services.msc and hit enter. Find System Restore Service and disable it. Reboot and rescan with your AV to make sure it is gone. If it is gone, then enable the System Restore Service once again. Hope that helps.

    Nick
     
    nick s, Jun 23, 2004
    #3
  4. Mr Hrmm

    Mr Hrmm Guest

    @nick s
    Could you try to avoid saying the same things that have already been posted? Makes those posts seem kinda invisible. I know I could have explained how to do it or even include a link.

    You could have just filled in what my post lacked.
    Thank you.

    @Tartan Giant I hope your system is clean now :)
     
    Mr Hrmm, Jun 23, 2004
    #4
  5. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    Sorry. If I had seen your post before I submitted mine, I would not have submitted it.

    Nick
     
    nick s, Jun 23, 2004
    #5
  6. Mr Hrmm

    Mr Hrmm Guest

    No worries :)
    I honestly thought you saw it LOL
    But that explains it then.
     
    Mr Hrmm, Jun 23, 2004
    #6
  7. Tartan Giant

    Tartan Giant Registered Member

    Joined:
    Jun 23, 2004
    Posts:
    2
    Location:
    England
    Hi Guys,

    Many thanks for the rapid and positive replies. I have done as suggested and it appears the PC has dropped the Trojan........... pheww.

    On passing, does NOD32 not at least tell you there's been an infiltration of a Trojan? It seems pretty clever, and I rely on it exclusively for the AV side of things........ along with the free version of Zone Alarm and Adaware.

    Your expertise is much appreciated.

    Thanks

    TG
     
    Tartan Giant, Jun 23, 2004
    #7
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...