dropper small.5.J in C:\WINDOWS\system32\17odhr0b.exe who can help please?

Discussion in 'malware problems & news' started by regard gerard, Sep 28, 2004.

Thread Status:
Not open for further replies.
  1. regard gerard

    regard gerard Registered Member

    Joined:
    Sep 27, 2004
    Posts:
    4
    G'day

    I have pursued every suggestion I could find.

    I run xp pro
    AVG registers continual popup warnings of the Trojan in the above file, finds it with every read (with system restore on or off) but cant heal or kill it. (file cant be moved into virus vault

    adaware and spybot dont register it

    TDS-3 cant access it to read it as the file is "locked"

    windows task manager cannot access the specified file. "you may not have permission to access the item" (can someone tell me what this means, who sets the permissions where is a permissions list ... what level are we talking about?)

    when I have chased the file down at C:\WINDOWS\system32\17odhr)b.exe
    It won't even allow me to right click it for properties, but persists in throwing up AVG popups.
    Does anyone know what this file is? What it does?
    With mouse over it reads at 54k and as a more recently created file than any other I sampled around it.
    Can I just delete the file?

    any help would be appreciated
     
  2. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    You could try booting into safe mode and then scanning it with TDS-3 and the others. Sometimes that can help.
     
  3. regard gerard

    regard gerard Registered Member

    Joined:
    Sep 27, 2004
    Posts:
    4
    Thanks DeVinco I've just got your note, I wont get a chance to apply the idea for a coupla days. I appreciate the help and will post a result.

    regardSgerard
     
  4. Sweetie(*)(*)

    Sweetie(*)(*) Registered Member

    Joined:
    Aug 10, 2004
    Posts:
    419
    Location:
    Venus
    spybot and adaware do not primarily target trojans, as well most AV scanners do n't have the detection rate that a dedicated anti trojan pro does.
     
  5. regard gerard

    regard gerard Registered Member

    Joined:
    Sep 27, 2004
    Posts:
    4
    Sweetie here's late thanks
    I've been away. put my machine in the hands of professionals (to save remaining hair) they removed my trojan manually in safe mode.
    so far so good
    so what would you recommend as a dedicated trojan pro?

    again thanks
     
  6. Sweetie(*)(*)

    Sweetie(*)(*) Registered Member

    Joined:
    Aug 10, 2004
    Posts:
    419
    Location:
    Venus
    TDS3 [trojan defense suit ] is the best
    Trojan Hunter is also good.
     
  7. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Hi Regard, now that your system is clean you may want to take a look here for further discussion on security and how to make your system that much stronger, and here for more discussions.

    Hope this helps…

    Cheers :D
     
  8. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
    I'm not sure if it's mentioned in the links above but Boclean is an excellent AntiTrojan app. also. It's worked great for me and takes little resources.

    It's not free and there's no trial but they have a 30 day moneyback guarantee.

    http://www.nsclean.com/boclean.html


    snowbound
     
Loading...
Thread Status:
Not open for further replies.