Cant delete a file (trojan) desperate for help

[Guest]

Hi all..
Ok...i've got a file that my AV picks up as a trojan/virus. None of my AV programs can touch it (I have AVG, Spybot, Ad aware, CWShredder, Stinger and Hijack THis - all fully updated)
I cant delete it myself (access denied message) even in safe mode. Tried running all the AV stuff in safe mode and with network off...still no joy.
The only solution i can find is to go in through DOS....however I have an NTFS HD so DOS wont read it. I can find plenty of programs that allow me to make a DOS boot disk that will READ an NTFS drive but wont let me delete any files (or rather will only let me delete ALL my files).
This file I think is responsible for a massive slow down in performance especially on the internet. (very big ping times etc)

The pc is single user with XP(SP1) home, a wireless network, i have full admin (as far as i know).

Any clues anyone????

 

[Sir_George]

kuju,

Since you state that "none" of your AV programs can touch it and you only
name AVG, what other AV software are you using?

I would suggest an on-line scan at either Panda or Symantec. Panda's on-line
scan is;
http://www.pandasoftware.com/activescan/com/activescan_principal.htm

Symantec's on-line is;
http://security.symantec.com/ssc/er...ie&venid=sym&plfid=23&pkj=FSDIUKQWUKSXARJFUKF

--
Sir_George

Hi all..
Ok...i've got a file that my AV picks up as a trojan/virus. None of my AV

programs can touch it (I have AVG, Spybot, Ad aware, CWShredder, Stinger and
Hijack THis - all fully updated)

I cant delete it myself (access denied message) even in safe mode. Tried

running all the AV stuff in safe mode and with network off...still no joy.

The only solution i can find is to go in through DOS....however I have an

NTFS HD so DOS wont read it. I can find plenty of programs that allow me to
make a DOS boot disk that will READ an NTFS drive but wont let me delete any
files (or rather will only let me delete ALL my files).

This file I think is responsible for a massive slow down in performance

especially on the internet. (very big ping times etc)

 

[Sir_George]

kuju,

In my prior post, nix the link for Symantec and use this one instead;
http://security.symantec.com/ssc/home.asp?j=1&langid=us&venid=sym&plfid=23&pkj=HLHIVDKDNVRQQCZUFMQ

--
Sir_George

Hi all..
Ok...i've got a file that my AV picks up as a trojan/virus. None of my AV

programs can touch it (I have AVG, Spybot, Ad aware, CWShredder, Stinger and
Hijack THis - all fully updated)

I cant delete it myself (access denied message) even in safe mode. Tried

running all the AV stuff in safe mode and with network off...still no joy.

The only solution i can find is to go in through DOS....however I have an

NTFS HD so DOS wont read it. I can find plenty of programs that allow me to
make a DOS boot disk that will READ an NTFS drive but wont let me delete any
files (or rather will only let me delete ALL my files).

This file I think is responsible for a massive slow down in performance

especially on the internet. (very big ping times etc)

 

[Rocket J. Squirrel]

Have you been able to identify the virus? If so, all the major antivirus
software companies' web sites have specific removal instructions.

Rocky

Hi all..
Ok...i've got a file that my AV picks up as a trojan/virus. None of my AV

programs can touch it (I have AVG, Spybot, Ad aware, CWShredder, Stinger and
Hijack THis - all fully updated)

I cant delete it myself (access denied message) even in safe mode. Tried

running all the AV stuff in safe mode and with network off...still no joy.

The only solution i can find is to go in through DOS....however I have an

NTFS HD so DOS wont read it. I can find plenty of programs that allow me to
make a DOS boot disk that will READ an NTFS drive but wont let me delete any
files (or rather will only let me delete ALL my files).

This file I think is responsible for a massive slow down in performance

especially on the internet. (very big ping times etc)

 

[Guest]

Hi all..
Ok...i've got a file that my AV picks up as a trojan/virus. None of my AV programs can touch it (I have AVG, Spybot, Ad aware, CWShredder, Stinger and Hijack THis - all fully updated)
I cant delete it myself (access denied message) even in safe mode. Tried running all the AV stuff in safe mode and with network off...still no joy.
The only solution i can find is to go in through DOS....however I have an NTFS HD so DOS wont read it. I can find plenty of programs that allow me to make a DOS boot disk that will READ an NTFS drive but wont let me delete any files (or rather will only let me delete ALL my files).
This file I think is responsible for a massive slow down in performance especially on the internet. (very big ping times etc)

The pc is single user with XP(SP1) home, a wireless network, i have full admin (as far as i know).

Any clues anyone????

 

[Guest]

I have the same problem. The trojan horse is telnet.exe. Symantec said it is unrepairable but needs to be deleted. How do I find it and delete it?? Is it a malicious virus (I'm assuming it is). Is it one that steals personal data? Can't find any info on it at Symantec website. Any help out there. Thanks

 

[Guest]

Windows XP should be on a FAT32 drive for easily troubleshooting problems. Nonetheless, this problem can still be solved using NTFS. Sounds like your trojan/virus/malware file is running in memory when Windows boots up. When this happens, the file can't be deleted because it's in use. Nasty little things. The program will have to be removed from memory first by going into msconfig (start, run..., msconfig) and clicking on the startup tab (top-right). The program will probably be in there. Just take the checkmark off in the box beside the program. Sometimes these things will load in as a service so don't forget to check there if you can't see it in the start tab.

Don't forget to turn off your system restore if you know you have a virus/malware or trojan. This will destroy all saved restore points. Malware, spyware, Trojans and viruses like to damage the Windows XP system files, causing XP to restore from the last good configuration. What XP doesn't know is that these restore points are virused, damaged, or infected. You can destroy a virus through a virus scan but it'll just come back as soon as you reboot your computer. (gotta love system restore)

I would do the above in safe mode. Less headache. A link could be in the windows registry as well. (start, run, regedit) - search for the filename and delete the link. (keep searching for it until you find them all - usually more than one entry.)

Weapon of last resort: If you need direct disk access to your NTFS drive, download and burn Linspire's Linux Live CD ISO. Linux live will not install on your computer but will run off of the cd drive and provide a look and feel of windows for navigation. (http://www.linspire.com)

This CD is CD bootable! Put the cd in the drive and reboot your computer. Shouldn't take long to load.

When the desktop appears. Do the following if you can't access your hard drive:

1. right-click on the desktop
2. create new
3. device
4. hard disc device
5. click on the device tab
6. select (from the drop-down box) your hard drive
7. click on ok.

The power should now be yours. Go and delete that nasty file.

If your windows system files is damaged, you might have to re-install windows. If instablilty should occur try doing a Windows repair.

 

[S61pilot]

Hi

The only telnet.exe that I know of is a part of MS WIN XP (check this site.
http://www.webopedia.com/TERM/T/Telnet.html

It is a service that allows remote users to log on to the computer or a
server and run commands as if running them directly at the console.
Of course it might have been corrupted by virus.

On my PC I have disabled this service as I don't use remote desktop, I
believe in disabling as many services that I don't use as long as the system
still runs flawless (less services running - less problems).

I have the same problem. The trojan horse is telnet.exe. Symantec said

it is unrepairable but needs to be deleted. How do I find it and delete
it?? Is it a malicious virus (I'm assuming it is). Is it one that steals
personal data? Can't find any info on it at Symantec website. Any help out
there. ThanksAV programs can touch it (I have AVG, Spybot, Ad aware, CWShredder, Stinger
and Hijack THis - all fully updated)an NTFS HD so DOS wont read it. I can find plenty of programs that allow me
to make a DOS boot disk that will READ an NTFS drive but wont let me delete
any files (or rather will only let me delete ALL my files).