BleepingComputer.com: removal of trojan-downloader.delf.gck

Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Forum Guidelines

Posted Image Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.

Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help


Posted Image Unfortunately, with the amount of logs we receive per day, the average response time is 5 days. I want to assure you, though, that your topic will be looked at and responded to. So please be patient.


Posted Image DO NOT RUN ComboFix unless requested to.


Posted Image Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log.


Posted Image When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc.


Posted Image Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

removal of trojan-downloader.delf.gck

#1 User is offline   gregb204 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 5
  • Joined: 01-November 09

Posted 01 November 2009 - 05:57 PM

Hi,

Been trying to remove this and another for long time. It is only found by advanced system protector so can show log files from this.

Tried alot of antispyware removers and they do not see it. have bitdefender internet security for av and firewall. I think one found spyware could be from bitdefender at least has bd.exe on end of file. malware.klone.d see log of asp. uploaded.

have the rootrepeal scan. tried the hjt and was blocked. My vista home premium is os. ie 8. runs good so not sure how comp is effected by this or is it false positive by one site.

thanks for help .

greg

Attached File(s)


#2 User is offline   gregb204 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 5
  • Joined: 01-November 09

Posted 02 November 2009 - 06:37 PM

wanted add that I ran spy bot and super anti spyware to no help. do have new problem after started combofix I stopped it since came up with error saying avast installed . but this was no usual avast which I havent used in over a yr. this was nirsoft with Nircmd.cfxxe in listed after it said avast. I have not used any nirsoft products but did go to site. After stopping the process in task mgr it caused my desktop to go black in background .can still see icons. but not able to rt click to change the color back to blue. see them but after clicking it just stays black . So not sure on this but didnt run combofix since error . also I now know not for Vista use . And do not run unless asked to run combofix. Never got to run but that is good. not sure if nirCmd.cfxxe is removed but can check on it.

thanks again if can help on this new problem.

#3 User is offline   Blade 

  • Strong in the Bleepforce
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Site Admin
  • Posts: 9,575
  • Joined: 20-January 09
  • Gender:Male
  • Location:US

Posted 07 November 2009 - 10:57 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE
Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!

#4 User is offline   gregb204 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 5
  • Joined: 01-November 09

Posted 11 November 2009 - 08:00 AM

Removed the above already but have one that waiting on reply today from the aps site. if can not help me I will get back to you.

Also I never got an email that you replied so just checked on today. I will update my problem if no help today from asp.

thanks for replying...

greg

#5 User is offline   gregb204 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 5
  • Joined: 01-November 09

Posted 23 November 2009 - 07:25 AM

thanks for forum . I finally removed the 11 reg files left over from fake av program by uninstalling my av bitdef and rebooting then using file assassin to manually remove the files . It worked and now no problems.

wanted to pass on in case some else was haveing issues like this.

#6 User is offline   Orange Blossom 

  • OBleepin Investigator
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Moderator
  • Posts: 29,400
  • Joined: 14-July 06
  • Gender:Not Telling
  • Location:Bloomington, IN

Posted 26 November 2009 - 09:12 PM

Hello

Thank you for posting back. I'm glad that your computer problems have been fixed. Since this issue seems to be resolved, this thread will now be closed.

In case you experience any problems with the computer, please start a new topic.

Happy computing,

Orange Blossom :(
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom
An ounce of prevention is worth a pound of cure
SuperAntiSpyware, SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users