Re: Virus can't be removed!
- From: "David H. Lipman" <DLipman~nospam~@Verizon.Net>
- Date: Sun, 22 Oct 2006 20:14:13 -0400
From: "Chuck Davis" <newsgroup at anthemwebs dot com>
| Trying to remove viruses and other junk from a Club member's computer. I
| have executed just about every virus, malware, adware removal program that I
| can find.
| The member bought the computer years ago, but never activated the Norton
| products. Never updated Windows, never... oh! never mind!
|
| To prevent access to the Internet by the malware programs, I downloaded and
| installed the COMODO Firewall.
| Ad-aware removed 51 malware programs.
|
| Downloaded and installed AVG Anti-virus which found 65 viruses and healed
| 63, but cannot heal or quarantine this item.
| Trendmicro's online scan gets to the file and aborts.
|
| It is found at: c:\WINDOWS\SYSTEM32\hlpl.dll
|
| I have attempted to simply delete it. The response is that "Access denied...
| may be 'Read Only""
| I start up in Safe Mode, same results. Then I attempted to turn off the Read
| Only access to the SYSTEM32 folder, seemed to work for a few files, but the
| stopped at that particular .dll file with the "Access denied..." message.
| I have started in Safe Mode With Command Prompt. Still can't delete the
| file!
|
| At this point, I installed Service Pack 2 and the 65 critical updates since
| SP2 was issued. Installed IE7. Ran Windows Live OneCare which found several
| additional viruses, but couldn't resolve this issue.
|
| All of this for a $20 donation that the member will donate to the club!
|
| Any thoughts? How can I delete the .dll?
|
There are anti virus News Groups specifically for this type of discussion.
microsoft.public.security.virus
alt.comp.virus
alt.comp.anti-virus
c:\WINDOWS\SYSTEM32\hlpl.dll may be a Conhook Trojan and can be difficult to remove.
I want you to know, OneCare is just plain junk. It has the worst catch rate in the anti
virus industry. Additionally it is contraindicated to have TWO fully installed anti virus
products obn a PC. In this case, AVG and OneCare.
If you are going to use and anti virus application, AVG is better than OneCare and OneCare
should be removed. However, if you *must* use a free AV application then I suggest AntiVir
which is better than AVG.
The person should PAY for anti virus and Kaspersky or NOD32 are suggested.
I don't know what anti malware utilities you have used
Please download, install and update the following software...
* SuperAntiSpyware
http://www.superantispyware.com/superantispywarefreevspro.html
After the software is updated, I suggest scanning the system in Safe Mode.
* Download MULTI_AV.EXE from the URL --
http://www.ik-cs.com/programs/virtools/Multi_AV.exe
To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close
Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }
NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to allow it to download the needed AV vendor related files.
C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal Mode.
This way all the components can be downloaded from each AV vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.
You can choose to go to each menu item and just download the needed files or you can
download the files and perform a scan in Normal Mode. Once you have downloaded the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
during boot] and re-run the menu again and choose which scanner you want to run in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.
When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
file. http://www.ik-cs.com/multi-av.htm
Additional Instructions:
http://pcdid.com/Multi_AV.htm
* * * Please report back your results * * *
--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm
.
- References:
- Virus can't be removed!
- From: Chuck Davis
- Virus can't be removed!
- Prev by Date: Re: Virus can't be removed!
- Next by Date: Re: Defragging the page file?
- Previous by thread: Re: Virus can't be removed!
- Next by thread: Re: Virus can't be removed!
- Index(es):
Relevant Pages
|
