NotebookForums.com › Forums › General Notebook Discussions › Notebook Forums - General › can someone help w/ trojan prob?
New Posts  All Forums:Forum Nav:

can someone help w/ trojan prob?

post #1 of 12
7/10/06 at 10:50pm
Thread Starter 
One of my friend's laptops is currently infected with a trojan. " TrojanDownloader.Delf.346 ."

I've run trojan hunter and mcaffee and spybot s/d in both safe mode and norm mode. Iv also run registry mechanic.

It seems that there is a file left over that the programs cant remove, and i can't move manually either cuz its being used by a process. I went to services.msc and disabled all. (except 2, which are critical services which i cant stop)

still, I cant delete the file. its C:\windows\system32\logl32.dll

Any help would be grealty appreciated.

thanks in advance
Reply
Reply
post #2 of 12
7/10/06 at 10:55pm
Google TrojanDownloader....sometimes leads to answers about specific virus, trojans, etc.
Reply
Reply
post #3 of 12
7/11/06 at 12:40am
Quote:
Originally Posted by ImOnAPlain51
Google TrojanDownloader....sometimes leads to answers about specific virus, trojans, etc.
and ways to manually remove all parts of them. I should also point out that if possible it is best to boot into safe mode to keep these programs from starting up in the first place and then run Adaware/Spybot/whatever.
Reply
Reply
post #4 of 12
7/11/06 at 1:49am
try renaming the file then reboot. After that you should be able to delete it.
Reply
Reply
post #5 of 12
7/11/06 at 2:30am
Thread Starter 
unable to rename the file because it is in use.

oddest thing is, the file is still in use even during safe mode. Unable to move/delete/quaranteen/scan during safemode for that particular file.

this ones being a pain...
Reply
Reply
post #6 of 12
7/11/06 at 3:30am
maybe try something like knoppix and boot from your cd and then find the file and delete it, as it will not be in any sort of use... just make sure it's not a vital file...
Reply
Reply
post #7 of 12
7/11/06 at 4:19am
Did you try safe mode with command prompt?
Reply
Reply
post #8 of 12
7/11/06 at 6:26pm
download ewido, free for 30 days, and give it a shot. it was able to remove some stubborn trojans for me that other progs completely missed.

http://www.ewido.net/en/
Reply
Reply
post #9 of 12
7/12/06 at 2:21pm
I have experienced this type of issue before and it can be quite the undertaking to resolve.

What it sounds like is the attribute of the file is set to "Read Only" which would not allow you to either delete or rename it. This is a way for the malware writer to ensure that the file remains on the system.

To change the attribute of the file requires a good knowledge of working in a DOS environment as well as an understanding of command-line prompts. You will also need a copy of a "Windows" disk and not the the recovery disks that are shipped/created with new computers.
Reply
Reply
post #10 of 12
7/12/06 at 2:34pm
Quote:
Originally Posted by irishrover
I have experienced this type of issue before and it can be quite the undertaking to resolve.

What it sounds like is the attribute of the file is set to "Read Only" which would not allow you to either delete or rename it. This is a way for the malware writer to ensure that the file remains on the system.

To change the attribute of the file requires a good knowledge of working in a DOS environment as well as an understanding of command-line prompts. You will also need a copy of a "Windows" disk and not the the recovery disks that are shipped/created with new computers.
Unlocker, a freeware utility (Google it), allows you to delete, rename, etc. files that are magically in use.

Love that program. Try it out.
Reply
Reply
post #11 of 12
7/12/06 at 3:02pm
Yes i agree with jumbie. Unlocker.. It can shut down any process that that file is being used by.

Also there is something else called KillBox. It force deletes any file, try those
Reply
Reply
post #12 of 12
7/12/06 at 8:31pm
could also try booting to command prompt and renaming the file that way.
Reply
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Notebook Forums - General
NotebookForums.com › Forums › General Notebook Discussions › Notebook Forums - General › can someone help w/ trojan prob?