Solved

C-dilla Removal

Posted on 2004-04-08
6
1,808 Views
Last Modified: 2012-05-04
I recently bought a used computer. When I took it out of the box, I found several older-version software CDs and, over a period of a couple of months, installed 6 or 8 of them on my newer machine. They're all uninstalled now and have been passed on in the box when I resold the older one. However, I do have a memento -- the C-dilla trojan.

Hardly anybody really knows anything useful about C-dilla and there is no fix available for it. It's supposed to be in Add/Remove Programs, but it's not. There is supposed to be an uninstall for it at Intuit, but it's been removed, besides, there are so many different versions, I might never hit the right one. Spybot is supposed to remove it, but it doesn't. I've been to many forums and done tons of searching -- I get hardly any response at all.

Listed below are what I've found on my system:

1) C-Dilla  -- Non-Plug and Play Driver (enabled).

2) CDANTSRV.EXE -- C:\WINDOWS\system32\drivers.

3) CDANT.SYS -- C:\WINDOWS\system32\drivers.

4) CDILLA16.EXE -- C:\Windows.

5) F:DRIVE -- Mysterious 16-bit, 46.9MB partition that contains a folder called TEST, It tests the modem, bios, etc for something, probably illegal software. I didn't load this partition, nor did Windows or eMachines, but guess what sometimes loads a partition when it is installed -- yep, C-dilla.

6) 34 entries in the registry (there could be more that I can't find).

I'd like to avoid formatting at this time so I've made a full data backup, backed up the Registry, and set a new restore point. All I know to do is to start deleting, and take anything I can't delete to the DOS prompt to continue trying. I'm not sure, however, of the order in which the files (including the driver in Device Manager and the Registry entries) should be deleted. Also, should I do any reboots during this process?  
0
Comment
Question by:larryfretwell
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 

Expert Comment

by:benclelland
ID: 10793210
You should be able to remove the files when in safe mode.

I believe that Ad-aware (ww.lavasoft.com) and Search and Destroy (http://www.safer-networking.org/) get rid of this.
0
 

Expert Comment

by:malir
ID: 10793308
try to delete and remove only the C-dilla related files through maual removal , it should only effect the app files that was installed with, in that way appz will be disabled.

this should help you out..
http://www.pestpatrol.com/PestInfo/c/c-dilla.asp
0
 

Author Comment

by:larryfretwell
ID: 10795516
benclelland, malir -- I clicked the link you gave me and searched for C-dilla. Here's what I found:

"Release 4 of Spybot-S&D 1.1 (December 28, 2002). Release 4 improves the removal of C-Dilla (installed as device driver)."

I realize it's old, but that's not the point. I've used Spybot for over 2 years and I guess it's possible that it killed the functioning of the software, but didn't clear all of the files and the driver. Norton SystemWorks notified me that "my partition had been deleted; did I want to put it back?" At the time I thought Windows or eMachines had included it, so I said yes, put it back. Now I'm thinking Spybot might have deleted it. The software has apparently been disabled to some extent because Spybot no longer detects it and I run it twice a week. Pest Patrol has discontinued its detection and removal of C-dilla, but it might have disabled it prior to the discontinuation.

After a new restore point and registry backup, I'm going to find out what will delete... I'll let you guys know what comes of it.  
0
 
LVL 1

Accepted Solution

by:
skyflash_de earned 500 total points
ID: 11704006

Erm..... C-Dilla is not a trojan.

Yes, someone may have named their trojan C-Dilla, but it ALSO is a legit tool for licensing of applications, for example it is used by 3D studio.

If it is a normal application, its no wonder that no spyware remover removes it. :P
If you remove C-Dilla, the applications will not work anymore that it was used to license.

But, C-Dilla doesnt install on its own, you probably installed it yourself while installing some of the "backup" CDs you found.

Its really easy to uninstall it, just use the uninstaller. And if you deleted the uninstaller, just delete the folder and let RegCleaner run and its all gone.
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 15727276
No comment has been added to this question in more than 21 days, so it is now classified as abandoned..
I will leave the following recommendation for this question in the Cleanup topic area:
Accept: skyflash_de{http:#11704006}

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

Tolomir
EE Cleanup Volunteer
0

Featured Post

Transaction Monitoring Vs. Real User Monitoring

Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
Liquid Web and Plesk discuss how to simplify server management with a single tool  in their webinar.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Suggested Courses

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question