Alex said:
Hi, i have a trojan in my system. Norton antivirus detect the trojan in the
file "c:\windows\system32\Crdb214o.dll" but it can't delete the file and
display a message Access denied.
My account is member of the administrators group, i don't know how to enable
to delete the file.
I'm using Windows XP professional version 2002 SP2
Go through these general malware removal steps systematically -
http://www.elephantboycomputers.com/page2.html#Removing_Malware
Include scanning with David Lipman's Multi_AV and follow instructions to
do all scans in Safe Mode.
http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions
http://www.pctipp.ch/downloads/sicherheit/35905/multi_av_scanning_tool.html
- download site
The site is in German but David's tool is in English so don't let that
worry you. Scroll all the way down to almost the bottom of the page and
you'll see a box titled "Infos Zum Download - Multi-AV Scanning Tool".
You'll see "Download von www pctipp.ch" and the live link to download
Multi_AV.
You can also check to see if there are targeted removal steps for your
malware here:
Bleeping Computer removal how-to's -
http://www.bleepingcomputer.com/forums/forum55.html
When all else fails, run HijackThis and post your log in one of the
specialty forums listed at the first link above (not here, please).
Standard caveat: If the procedures look too complex - and there is no
shame in admitting this isn't your cup of tea - take the machine to a
professional computer repair shop (not your local version of
BigComputerStore/GeekSquad). Please be aware that not all local shops
are skilled at removing malware and even if they are, your computer may
be so infested that Windows will need to be clean-installed. Have all
your data backed up before you take the machine into a shop.
Malke