Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Remove Trojan Horse downloader.delf.12.an

Posted on 2008-10-02
7
Medium Priority
?
597 Views
Last Modified: 2013-11-22
I need help in removing a trojan horse from a system.

AVG 8 pops up with the following notification when you open anything:

Threat detected!
file name: c:\windows\system32\corpolw.dll
threat name: Trojan horse Downloader.Delf.12.AN

I have attached a copy of the hijack this log


hijackthis--2-.log
0
Comment
Question by:Beaver_Trucks
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 27

Accepted Solution

by:
David-Howard earned 2000 total points
ID: 22625822
Have you run your anti-virus in Safe Mode?
Safe Mode:
http://www.computerhope.com/issues/chsafe.htm
You might also download and run malwarebytes. It's a good utility and it's free.
You can get it from:
www.malwarebytes.org
0
 

Author Comment

by:Beaver_Trucks
ID: 22625853
I have tried safe mode, no dice, it keeps coming back.
0
 
LVL 27

Expert Comment

by:David-Howard
ID: 22626090
Disable System Restore and run your suites in Safe Mode again. If you don't disable System Restore it can reappear.
http://www.pchell.com/virus/systemrestore.shtml
0
Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

 
LVL 27

Expert Comment

by:David-Howard
ID: 22626231
You may also be able to remove this with combofix. The directions and the free tool are at the link below. Please make sure that you follow the directions as they are not the standard click and run type.
Combofix is known to remove a wide varitey of trojans, etc.
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
0
 
LVL 8

Expert Comment

by:eXpeLLeD_4RM_heLL
ID: 22626272
Download Combofix from:
www.bleepingcomputer.com/combofix/how-to-use-combofix
Follow the Steps on how to use ComboFix which is also on the site above
Post the ComboFix Log here once finished
0
 

Author Comment

by:Beaver_Trucks
ID: 22626465
The Malwarebytes Anti-Malware program solved my issue

Thanks very much
0
 
LVL 27

Expert Comment

by:David-Howard
ID: 22626600
Great! You're very welcome.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For those of you actively in the Malware fightling business, we now have available an amazing new tool in the malware wars (first recommended to me by rpggamergirl (http://www.experts-exchange.com/M_3598771.html), the Zone Advisor for the Virus and …
There are many reasons malware will stay around and continue to grow as a business.  The biggest reason is the expanding customer base.  More than 40% of people who are infected with ransomware, pay the ransom.  That makes ransomware a multi-million…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question