Results 1 to 2 of 2

Thread: potentially serious virus problem

  1. #1
    johnsprogram Guest

    Default potentially serious virus problem

    I'm really having a problem getting rid of a newly discovered virus.The virus is a Trojan-Clicker.Win32.Delf.ik, and it's in "c:\windows\system32\ipxpromnr.dll"I tried to delete it in several ways, but it just doesn't want to delete.My zonealarm internet suite is fully up to date with the latest virus and spyware list, plus updated my security for my Windows OS.The infected file was created at December 9, 2007, 7:53:53 AM, and the size is 81.5 KB (83,456 bytes.)
    I think the virus is responcible for
    causing slowdowns and freezing after restart. Only once, I had some permission problems accessing any executables after the virus was identified.

    Operating System:Windows XP Home Edition
    Software Version:7.0
    Product Name:ZoneAlarm Internet Security Suite

  2. #2
    findley Guest

    Default Re: potentially serious virus problem


    <blockquote><hr>johnsprogram wrote:
    I'm really having a problem getting rid of a newly discovered virus.The virus is a Trojan-Clicker.Win32.Delf.ik, and it's in &quot;c:\windows\system32\ipxpromnr.dll&quot;I tried to delete it in several ways, but it just doesn't want to delete.My zonealarm internet suite is fully up to date with the latest virus and spyware list, plus updated my security for my Windows OS.The infected file was created at December 9, 2007, 7:53:53 AM, and the size is 81.5 KB (83,456 bytes.)
    I think the virus is responcible for
    causing slowdowns and freezing after restart. Only once, I had some permission problems accessing any executables after the virus was identified.

    Operating System:
    Windows XP Home Edition
    Software Version:
    7.0
    Product Name:
    ZoneAlarm Internet Security Suite

    <hr></blockquote>

    This family of Trojans redirects victim machines to specified websites or other Internet resources. Clickers either send the necessary commands to the browser or replace system files where standard Internet urls are stored (e.g. the 'hosts' file in MS Windows).

    Clickers are used:<ul>[*]To raise the hit-count of a specific site for advertising purposes[*]To organize a DoS attack on a specified server or site[*]To lead the victim to an infected resource where the machine will be attacked by other malware (viruses or Trojans)[/list]




    Removing one file is never the answer for malware, you need to remove it all: files and registry entries.
    Deleting one file doesn't remove the trojan clicker.

    To remove this trojan clicker:

    Download and run Hijackthis from www.trendmicro.com (just run it and save logs, do not make any changes)

    Read www.bleepingcomputer.com guidelines for posting Hijackthis logs at this link:

    http://www.bleepingcomputer.com/forums/topic34773.html

    Register at www.bleepingcomputer.com (free) and post your Hijackthis log
    in the HJT forum and let the bleepingcomouter experts work with you to remove this trojan clicker.

    One other thing, best to work with one expert at a time, rather than shopping around for solutions.
    That can lead to more problems down the road.




    Regards,

    Findley













Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •