Trouble getting rid of a persistent trojan winhdn32.dll

[Wolfala]

Tried Hijack this, tried to manually delete in safe mode since it resides in the sys32 folder, adaware doesn't catch it but trendmicro online scan does and can't delete it.

Ideas?

Wolf

[x0847Marine]

Originally posted by Wolfala
Tried Hijack this, tried to manually delete in safe mode since it resides in the sys32 folder, adaware doesn't catch it but trendmicro online scan does and can't delete it.

Ideas?

Wolf

Suggestions:
http://www.avast.com home version is free and will scan your HD before booting to Windows. You must watch as it does so, it'll ask you to confirm which files, if any, to delete. The free on line scan might work as well.

Set the infected drive up as a slave 1st, then scan it.

Pick up a new HD on the cheap, or use a spare to fresh install winders and try #2

I'm not sure if the Win restore (to a previous date) works for viri, might be worth looking into.

Nuke & pave, but before doing so google 'slipstreaming xp', you can create a bootable Windows install with all your current drivers and all Win updates included... its basically a 1 time install w/o a dozen re-starts.

[ozrocker]

http://forum.networktechs.com/archive/topic.php/t-1819112994.html

Hope this link helps.
                                                                    Good luck!
                                                                        Oz

[Skuzzy]

Try killing it in safe mode.

[Ghosth]

This is where having a dual boot machine is a HUGE help.

Get a bug in XP, boot up into the other side,  run your virus scanner, & your adware killer.  Boot back up into XP and by now it should be so crippled you can finish cleaning it out. Even 2 versions of XP works for this.

Got an old Win98 Start up disk handy? Download a dos virus scanner, boot with the startup disk & run the dos scanner. Then reboot back & double check. Kind of a clunky way of doing the same thing without a second os installed.


IMO AVG still the best FREE virus scanner. The price is right and its not such a resource hog.

[Wolfala]

Well I did the next best thing next to a nuclear holocaust on the HD. I keep a pretty lean C drive with basically nothing but the essentials on it, Acrobat, Nero, ya know - replaceable ****. I had a Norton Ghost image I created with a bare bones boot config with stuff working - so I nuked the drive, restored from the image. And did about 3 months worth of patching since that image, and made another image with the latest goodies.

Never did get rid of that trojan - even in safe mode you cannot delete the little ****er. Never showed up in Hijack this or any scanner - so was probally better to nuke the drive anyway.

Restored in 3 minutes, patched up in 10 - good to go.

Frustrating as **** though.

Wolf

[dmf]

Ok I'll say it again........................ ............................N OD32 ANTIVIRUS

[Silat]

Did you turnoff system restore?

[eh]

This is where having a dual boot machine is a HUGE help.

Wow you guys are wizards. I have a dual boot machine (XP x64 on C:\ and XP Home on D:\) and I really like to have it. The only problem is XP 64 was installed first, and I added a D:\ Drive with XP home 32 bit later. When I need to boot into XP Home, it is extraordinarily slow in starting up... it takes about 3 minutes all told. After that, it behaves normally.

Any ideas on how to speed up the Win 32 bit boot process? or is this slowness the penalty I have to pay for a dual boot system? (64 bit Win is as fast as always).

[eh]

Oh dang. I just hijacked a thread. Didn't mean to. Sorry, all.