Solved

Remove Trojan Horse downloader.delf.12.an

Posted on 2008-10-02
7
585 Views
Last Modified: 2013-11-22
I need help in removing a trojan horse from a system.

AVG 8 pops up with the following notification when you open anything:

Threat detected!
file name: c:\windows\system32\corpolw.dll
threat name: Trojan horse Downloader.Delf.12.AN

I have attached a copy of the hijack this log


hijackthis--2-.log
0
Comment
Question by:Beaver_Trucks
  • 4
  • 2
7 Comments
 
LVL 27

Accepted Solution

by:
David-Howard earned 500 total points
ID: 22625822
Have you run your anti-virus in Safe Mode?
Safe Mode:
http://www.computerhope.com/issues/chsafe.htm
You might also download and run malwarebytes. It's a good utility and it's free.
You can get it from:
www.malwarebytes.org
0
 

Author Comment

by:Beaver_Trucks
ID: 22625853
I have tried safe mode, no dice, it keeps coming back.
0
 
LVL 27

Expert Comment

by:David-Howard
ID: 22626090
Disable System Restore and run your suites in Safe Mode again. If you don't disable System Restore it can reappear.
http://www.pchell.com/virus/systemrestore.shtml
0
Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 27

Expert Comment

by:David-Howard
ID: 22626231
You may also be able to remove this with combofix. The directions and the free tool are at the link below. Please make sure that you follow the directions as they are not the standard click and run type.
Combofix is known to remove a wide varitey of trojans, etc.
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
0
 
LVL 8

Expert Comment

by:eXpeLLeD_4RM_heLL
ID: 22626272
Download Combofix from:
www.bleepingcomputer.com/combofix/how-to-use-combofix
Follow the Steps on how to use ComboFix which is also on the site above
Post the ComboFix Log here once finished
0
 

Author Comment

by:Beaver_Trucks
ID: 22626465
The Malwarebytes Anti-Malware program solved my issue

Thanks very much
0
 
LVL 27

Expert Comment

by:David-Howard
ID: 22626600
Great! You're very welcome.
0

Featured Post

Active Directory Webinar

We all know we need to protect and secure our privileges, but where to start? Join Experts Exchange and ManageEngine on Tuesday, April 11, 2017 10:00 AM PDT to learn how to track and secure privileged users in Active Directory.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

By the time you finish reading this article, you may have already lost all your money because you don't know the simple steps to securing your BitCoin wallet. BitCoin is an incredible invention. It is a decentralized currency system, which is the…
Operating system developers such as Microsoft (https://www.microsoft.com) and Apple have made incredible strides in virus protection over the past decade. Operating systems come packaged with built in defensive tools such as virus protection and a f…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question