Trojan infected file problem - need advice!

I can't clean/quarantine the following trojan infected file.

Its found in Windows/system32/ntxlls32.dll

PC-cillan identifies it, whilst Trojan remover doesn't!

I can't manually delete it (as windows won't allow it) and it seems to be running within explorer.exe, although I can't see it using process explorer (www.sysinternals.com).

Any help appreciated.

Regards

Geeza

 

dont know what os your using but have you tried safe mode if that dont work download this
Dellater

this baby will nuke any file with a reboot

 

No luck!

General - thanks, but no luck with your suggestions.

Tried both - file reappears upon reboot...

Noticed it likes to copy itself to system restore files, so have disabled it.

Even re-installed PC-cilllan to see if its playing up, but nope.

Gonna dl AVG and see what that says about things...

Cheers
Geeza

 

try The Cleaner (found on main page).

 

hmm, a system32 file? do you use kazaa? i had a virus in the system32 folder, called system32.exe. and it consumed every megabyte of ram and everyone mhz of processor, so everything was EXCRUCIATINGLY slow. does this happen to you?

 

do a search for that dll. sometimes a dll is placed in several places that way you canot get rid of it.

 

Trojan

@ Kodo - tried the cleaner, doesn't recognize file as a trojan
@ Mr Painless - yes it came from looking for a hack in Kazaa. Pc-cillian quarantined it to no avail!
@ done a search for the dll - definately only in one place, although it does copy itself to the system restore files which I have disabled.

I have tried 2 x trojan removers & 1 x additional anti-virus prog. None of them identify the 'rogue' dll.

Thanks for the ideas - keep em' rolling in !

Regards

Geeza

 

Try this one, it's free:

http://www.emsisoft.com/en/software/free/

See the download link at the bottom of the page.

 

Hi Geeza
sorry id forgotten about this thread
anyway just to check when you used Dellater you set up the shortcut and everything properly sorry to ask but if it didnt die then something must be recreating it
so try running Dellater again but reboot into safe mode and see if its still there

also have you looked in msconfig start-up tab for anything that you dont recognize or looks a bit fishy

 

I think...

you should right click the file, choose properties, click on the version tab and post the info of what you find

 

Trojan? What Trojan???!!

First of all a big THANK YOU! for all the help offered

Finally got rid of the offending file by going into safe mode and deleting 3 similarly named/sized files, one being a .exe.

I haven't noticed any problems with my system, so can think myself quite lucky!

Once again cheers!

Regards

Geeza