Dropper Delf 3 L problem ... possibly solved?

Hello,

I've spent the last few days reading, reading and reading. Today I followed the instructions posted by Major Attitude ... including spending close to 2 hours on the Sun site trying to install Java from the site ... only to discover that this was, apparently, impossible for me to do ... and then having to wait some 3+ hours while the "stand alone" version downloaded via my pathetic dialup [I live in the country ... no high speed in my area yet! : ( ] ...

I had downloaded and run all of the recommended programs ... I had downloaded and installed Spyware Blaster and after coming out of safe mode and re-establishing Windows Recovery [I had turned it off as instructed] had re-enabled the protection. So ... when at 6:30 pm ... like clockwork, AVG gave me the "Virus" warning I was convinced that it was, indeed, hiding somewhere on my system.

Having read the threads about this Dropper Delf 3 trojan on these forums, I checked and to my surprise I did have a Win Comm program on my machine ... and when removing, confirmed that it wasn't something I had knowingly installed.

I removed it successfully, turned off Windows Recovery, rebooted, turned Recovery back on and ran a Hijack This scan ... and I have that log file should anyone think it needs to be seen.

Of course, I won't know if this latest action actually removed the trojan until tomorrow evening at 6:30 pm ... but is there anything else I should check/search?

Thanks for any comments/help.

Mary

 

Hello Mary,

does AVG tell you exactly what file is infected?
try to find it and remove it manually

go here and look for trojan removel tools
http://majorgeeks.com/downloads29.html

but if AVG takes care of the problem leave system restore off for a couple of reboots
untill you are certain the Dropper Delf 3 L is gone. . . .
if it still returns let us know

and is there no way to get DSL through your telephone Long distance Provider?
I know Sprint offers it. . ask you phone company

 

Hi Jarcher,

As for my "long distance carrier" ... I'm Canadian ... and our Long Distance Carrier is "Ma Bell" ... and because of where in the country I am, there is no access to DSL. Wireless might be possible very soon ... at which point ... the phone company will probably also make itself available ... but so far ... nothing! : ( There isn't any cable out here either ... but that's okay ... Canadian TV isn't worth the cost of cable! [We do have a subscription to DTV however ...]

At any rate ... the only file that AVG identifies is C:\temp\instal~1 ...

It couldn't "heal" it ... so I moved it to the Virus Vault ... and then deleted it from the Vault.

However, that's exactly how this little baby presents itself ... it launches itself, creates the c:\temp directory ... and puts the little instal~1.exe file in it and then tries to do something which my system blocks it from doing. That's okay ... it's just annoying.

I'm running PestPatrol [updated daily] ... AVG [updated daily] ... as well as Spyware Blaster and I have Spybot S&D [also updated daily] ...

Today I spent the better part of the day working through the "Basic Spyware, Trojan and Virus Removal" procedure ... all in Safe Mode with Networking ... and I had also downloaded and run the various programs that Major Attitude suggested. In safe mode, I did find and remove things that hadn't been found on previous "normal mode" scans.

I can attach the latest HijackThis log file if that would be of any help.

Oh ... and where on earth do I find the startup list that shows what programs are necessary on startup ... so I can trim that as well?

Thanks

Mary

 

if you have already done everything in the sticky's
READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal

http://forums.majorgeeks.com/showthread.php?t=35407
(make sure you did all the online scans as well)
NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

http://forums.majorgeeks.com/showthread.php?t=38752

if you are still having problems
then do post a log