dvldr32.exe (W32/Deloder-A) - Norton and Sophos won't detect?

J

J

Hi

I have a brand new install of XP Pro SP1

Detected the above trojan running today. Quickly DL-ed trial versions of
norton and sophos but neither can detect it although it is listed in the
databases for both.

is this because they are the trial versions? the sophos is supposed to be up
to date as of a few days ago.

Please help! i need to remove this without spending loads of money!


Joel
 
P

Paul

J said:
Hi

I have a brand new install of XP Pro SP1

Detected the above trojan running today. Quickly DL-ed trial versions of
norton and sophos but neither can detect it although it is listed in the
databases for both.

is this because they are the trial versions? the sophos is supposed to be up
to date as of a few days ago.

Please help! i need to remove this without spending loads of money!
It's not a virus, it's a Trojan.

Download a copy of AdAware, update it and run it... it finds and removes
Deloder.

http://lavasoft.element5.com/software/adaware/
 
J

John Coutts

This Virus is spread using port 445 or an IRC Chat channel (port 6667), and
weak security provisions, which of course restricts it to Windows 2000 & XP.
There will likely be other files as well (such as PsExec and VNC disguised
as a copy of explore.exe). After getting rid of it, shut down port 445 by
adding the following non-existent Key.

Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters
Value: SmbDeviceEnabled
Type: DWORD value (REG_DWORD)
Content: 0 (to disable)

J.A. Coutts
Systems Engineer
MantaNet/TravPro
******************* REPLY SEPARATER ********************
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top