?
Solved

C-dilla Removal

Posted on 2004-04-08
6
Medium Priority
?
1,815 Views
Last Modified: 2012-05-04
I recently bought a used computer. When I took it out of the box, I found several older-version software CDs and, over a period of a couple of months, installed 6 or 8 of them on my newer machine. They're all uninstalled now and have been passed on in the box when I resold the older one. However, I do have a memento -- the C-dilla trojan.

Hardly anybody really knows anything useful about C-dilla and there is no fix available for it. It's supposed to be in Add/Remove Programs, but it's not. There is supposed to be an uninstall for it at Intuit, but it's been removed, besides, there are so many different versions, I might never hit the right one. Spybot is supposed to remove it, but it doesn't. I've been to many forums and done tons of searching -- I get hardly any response at all.

Listed below are what I've found on my system:

1) C-Dilla  -- Non-Plug and Play Driver (enabled).

2) CDANTSRV.EXE -- C:\WINDOWS\system32\drivers.

3) CDANT.SYS -- C:\WINDOWS\system32\drivers.

4) CDILLA16.EXE -- C:\Windows.

5) F:DRIVE -- Mysterious 16-bit, 46.9MB partition that contains a folder called TEST, It tests the modem, bios, etc for something, probably illegal software. I didn't load this partition, nor did Windows or eMachines, but guess what sometimes loads a partition when it is installed -- yep, C-dilla.

6) 34 entries in the registry (there could be more that I can't find).

I'd like to avoid formatting at this time so I've made a full data backup, backed up the Registry, and set a new restore point. All I know to do is to start deleting, and take anything I can't delete to the DOS prompt to continue trying. I'm not sure, however, of the order in which the files (including the driver in Device Manager and the Registry entries) should be deleted. Also, should I do any reboots during this process?  
0
Comment
Question by:larryfretwell
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 

Expert Comment

by:benclelland
ID: 10793210
You should be able to remove the files when in safe mode.

I believe that Ad-aware (ww.lavasoft.com) and Search and Destroy (http://www.safer-networking.org/) get rid of this.
0
 

Expert Comment

by:malir
ID: 10793308
try to delete and remove only the C-dilla related files through maual removal , it should only effect the app files that was installed with, in that way appz will be disabled.

this should help you out..
http://www.pestpatrol.com/PestInfo/c/c-dilla.asp
0
 

Author Comment

by:larryfretwell
ID: 10795516
benclelland, malir -- I clicked the link you gave me and searched for C-dilla. Here's what I found:

"Release 4 of Spybot-S&D 1.1 (December 28, 2002). Release 4 improves the removal of C-Dilla (installed as device driver)."

I realize it's old, but that's not the point. I've used Spybot for over 2 years and I guess it's possible that it killed the functioning of the software, but didn't clear all of the files and the driver. Norton SystemWorks notified me that "my partition had been deleted; did I want to put it back?" At the time I thought Windows or eMachines had included it, so I said yes, put it back. Now I'm thinking Spybot might have deleted it. The software has apparently been disabled to some extent because Spybot no longer detects it and I run it twice a week. Pest Patrol has discontinued its detection and removal of C-dilla, but it might have disabled it prior to the discontinuation.

After a new restore point and registry backup, I'm going to find out what will delete... I'll let you guys know what comes of it.  
0
 
LVL 1

Accepted Solution

by:
skyflash_de earned 2000 total points
ID: 11704006

Erm..... C-Dilla is not a trojan.

Yes, someone may have named their trojan C-Dilla, but it ALSO is a legit tool for licensing of applications, for example it is used by 3D studio.

If it is a normal application, its no wonder that no spyware remover removes it. :P
If you remove C-Dilla, the applications will not work anymore that it was used to license.

But, C-Dilla doesnt install on its own, you probably installed it yourself while installing some of the "backup" CDs you found.

Its really easy to uninstall it, just use the uninstaller. And if you deleted the uninstaller, just delete the folder and let RegCleaner run and its all gone.
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 15727276
No comment has been added to this question in more than 21 days, so it is now classified as abandoned..
I will leave the following recommendation for this question in the Cleanup topic area:
Accept: skyflash_de{http:#11704006}

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

Tolomir
EE Cleanup Volunteer
0

Featured Post

Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There is a lot to be said for protecting yourself and your accounts with 2 factor authentication.  I found to my own chagrin, that there is a big downside as well.
With the rising number of cyber attacks in recent years, keeping your personal data safe has become more important than ever. The tips outlined in this article will help you keep your identitfy safe.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question