|
Posted by MAP on March 13, 2007, 1:39 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> A few days ago, I noticed that my computer was slowing down.
>
> As I have a very decent Virus Scanner (Avast) and a good Spyware
> detector, I didn't suspect any virus intrusion in my computer system.
>
> But when I did a "Windows Task Manager" run, a file showed-up in the
> running processes which was not a program that I had installed.
>
> The file was always "drf1173407703.html", but the digits changed every
> time the file was loaded into memory.. Strange was the fact that
> although it was a HTML file. it appeared in the "Running Processes".
>
> I tried to do a full search of this file, but Windows could only find
> the "drf??????????.html" in my Internet Cache.
>
> I did a clear of the Cache and Internet files, but the file kept
> reappearing.
>
> This time I did a more detailled search and found that the file was a
> HTML file but renamed to an EXE file when downloaded. The originator
> of the file was:
>
> http://216.95.196.22/passthru/th204.exe//drf1173407703.html
>
> CAREFUL: THIS WEBSITE MAY CONTAIN A VIRUS
>
> I have tried everything I could think off, but the file keep
> appearing in my system.
>
> AVAST, my virusscanner and my spyware detector have not reacted to
> this file.
>
> Does anybody know if this is a virus/trojan and most important how to
> remove it?
>
> TIA
Hi Sue, you are correct it is a trojan, this one.
http://www.google.com/search?hl=en&q=win32%2Fdialer.ri+trojan&btnG=Google+Se
arch
you can sumit the file here for a scan
http://www.kaspersky.com/scanforvirus.html
or scan your entire system here
http://www.kaspersky.com/virusscanner
Avast really isn't that good of a scanner, spend a few $ and have peace of
mind get of of these.
http://www.kaspersky.com/trials?chapter=186685140
http://www.nod32usa.com/nod32-antivirus-trial/
--
Mike Pawlak
| 
XML site map