Trojan horse Downloader.Dyfica.AB <====Need Help!!!

#1 02-15-2004, 09:26 AM

Hi
I have the Free Edition of Grisoft's AVG (6.0)
One day a window popped up saying...

AVG Resident Shield

Virus
Trojan horse Downloader.Dyfica.AB

is found in file
c:\System Volume Information\_restore{025B975b-4DEO-899E-8E330F2E4991}\RP139\A0046778.ocx

To remove this virus please run AVG for Windows

I have run AVG about 5 times after DL the update ( a complete scan of everything on my PC) and its detects NOTHING!

is this Virus in something ive deleted? can it still harm my PC? Any tips on how to get rid of it?
Any Suggestions will be Appreciated

P.S That window pops up every 5 minutes or so it doenst just happen once

Gnomercy · #2 02-15-2004, 03:08 PM

Go to c:\System Volume Information\_restore{025B975b-4DEO-899E-8E330F2E4991}\RP139\ on your computer and look for a file named A0046778.ocx. Provided it's not a hidden system file or something like that, if it's no longer there, then it's been deleted. I'd also check your recycle bin to make sure that it's not sitting there waiting to be accidentally restored. Another step I would recommend is checking Symantec's webiste for a removal tool. They may or may not have one, but the best way to be sure it's gone is to run something that was written to remove it.

Gade Terbob · #3 02-17-2004, 08:23 AM

You might also point your browser over to:
Gladiator Security Forum

They have lots of great info on virus, trojan, hijackers.

#4 02-26-2004, 11:18 AM

Hey Guys!!

I had the same trojan and after trying all kinds of solutions I found it!!

Spybot is the answer go to www.Download.com and search for it there!!

admin · #5 02-26-2004, 11:22 AM

AdAware is also very good from Lavasoft.

Gnomercy · #6 02-26-2004, 08:50 PM

I use AdAware from Lavasoft and SpyBot S&D in tandem. I don't trust either one will often find that one will catch something the other didn't.

#7 05-05-2004, 04:37 PM

Download.com has the virus scanner you need to find these virus's, but it does not offer the "cure" nor does it offer to get rid of the virus's unless you PURCHASE their product.

Quote:

Originally Posted by jalla**dk**

Hey Guys!!

I had the same trojan and after trying all kinds of solutions I found it!!

Spybot is the answer go to www.Download.com and search for it there!!

#8 10-02-2004, 10:31 AM

Hello All,

I am new to the site but thought I would give how I often get rid of difficult viruses. If you get a detection notice make note of the virus and location. Restart your computer in DOS mode, with boot disk preferred. Rename the virus infected file so that it can not be loaded by the OS on boot then run virus scan again it should remove it this time. If not use the others post suggestions to delete the file then get Norton’s wipe old version that allows you to wipe free space and run it. Hope this helps someone.

#9 10-26-2004, 05:49 AM

Hi

After trying several methods to rid my computer of the Trojan Horse Downloader menace without success, removal of AVG was suggested.(After all, one can always reinstall). So I went ahead and removed the program

In order to protect the computer in the meantime a battle plan was put in action and Norton Antivirus 2005, Spy Sweeper and AdAware were immediately downloaded. It was also possible to reinstall AVG.

Since then I am free of the Trojan Download message.

#10 02-27-2004, 05:23 AM

Hi-

I have AVG and the same thing happened to me while I tried removing the same Trojan. I discovered that AVG was confused with another anti-virus software program. So, I decided to remove the other program that was confused with AVG. AVG healed the Trojan and placed it into the vault. Therefore, I get no more repeated messages from C:\System Volume Information_Restore.

-Oscar

#11 03-02-2004, 10:05 PM

Quote:

Originally Posted by seeker

Hi-

I have AVG and the same thing happened to me while I tried removing the same Trojan. I discovered that AVG was confused with another anti-virus software program. So, I decided to remove the other program that was confused with AVG. AVG healed the Trojan and placed it into the vault. Therefore, I get no more repeated messages from C:\System Volume Information_Restore.

-Oscar

I have AVG and i tried to move the same Trojan virus into the vault and it would'nt. Does anyone know why? It says File C:\windows\system321\preload.ocx can not be removed

way2real · #12 03-03-2004, 12:27 AM

The same thing happened to me (not sure which virus). A virus was included in a system restore point. I don't remeber exactly how I fixed the problem. It seems like I had to disable system restore, reboot, delete restore points, enable system restore and reboot. Rescans with AVG were clean. I found the solution on Google groups.

#13 03-03-2004, 03:45 PM

Quote:

Originally Posted by way2real

The same thing happened to me (not sure which virus). A virus was included in a system restore point. I don't remeber exactly how I fixed the problem. It seems like I had to disable system restore, reboot, delete restore points, enable system restore and reboot. Rescans with AVG were clean. I found the solution on Google groups.

where do i find system restore?

way2real · #14 03-03-2004, 04:27 PM

Properties for My Computer.

#15 05-05-2004, 04:40 PM

Like many other users, it doesnt work for us. We have ran AVG complete test and it has found NOTHING. Even tried doing it through "safe mode", and it still found nothing.

Quote:

Originally Posted by seeker

Hi-

I have AVG and the same thing happened to me while I tried removing the same Trojan. I discovered that AVG was confused with another anti-virus software program. So, I decided to remove the other program that was confused with AVG. AVG healed the Trojan and placed it into the vault. Therefore, I get no more repeated messages from C:\System Volume Information_Restore.

-Oscar