Help with a virus

Pasi Nurminen

Pasi Nurminen

Deity
Joined
Apr 17, 2003
Messages
4,576
Location
Canada
I recently became infected with the virus Backdoor.Coreflood.

I've ran windows update and norton won't remove/repair/quarantine the file. I'm in safe mode, I've tried working in it but it still won't remove the virus.

Any help? :mad:
 
I have a firewall, I know which .dll it is, I tried deleting it manually, but it wouldn't let me. It said it's being used by some process. And yea, thanks for a page I've already visited about ten thousand times. :cry:
 
Pasi Nurminen said:
I have a firewall, I know which .dll it is, I tried deleting it manually, but it wouldn't let me. It said it's being used by some process. And yea, thanks for a page I've already visited about ten thousand times. :cry:
Click to expand...
Then perhaps you could go into Norton and tell it to quarantine that dll without running a scan(It's on my version but I'm not sure if you can do it in regular norton) If that fails than try moving the dll to somewhere else so it can't locate the file. If you could kill the .exe that would probably work too. Finally you could try to find what process it is that is using it and delete it.(although you probably would have already done that) If you have windows xp you could use system restore although I'm not sure that get rid of it.
 
Any ideas what .exe it might use? The .dll is oleaccuq.dll
 
Yea, it just gives me the same message that it's currently in use by some program and denies me.

I have a feeling it might be with Microsoft Money, because windows installer keeps popping up with it whenever I try to do something despite the fact that I deleted it.
 
No, it won't let me rename it either.
 
Perhaps you should contact Norton, this thing seems to be vigorusly resisting attempts to delete it.

If it says that it is being used by a process you would only need to kill the process and you could delete it... but I don't know how you could possibly ID the process. When I got infected by a trojan the process name was the same name as the dll.
 
Thanks, I just backed up important files and then did a system restore, and now all is well. Just have to spend a lotta time reinstalling everything.
 
It's not that bad... =/ Just a pain reinstalling everything afterwards....
 
When I had a similar problem, I was able to remove the .dll file running DOS in safe mode, per advice I got from Symantec (Norton). I know you said you tried some things in safe mode, but did you explicitly try deleting the .dll file?
 
One possibility that came to mind is to read the virus library on either Norton's site, TrendMicro's site, or others'. They will hopefully list what processes the trojan or virus creates - then you could have opened task manager - ended the correct process(es) and deleted the dll file. Since the dll is used by the memory, that is the only solution I can think of. I did that when a friend got a virus once - Trendmicro's virus database told me the virus was harmless. His virus scanner detected it, but the virus's payload (set to hang windows) disallowed for removal via the program. Manual deletion was possible - since I knew then what the file to delete was called, and what processes to end. Did so, and cleaned the computer :)
 
jeannie said:
When I had a similar problem, I was able to remove the .dll file running DOS in safe mode, per advice I got from Symantec (Norton). I know you said you tried some things in safe mode, but did you explicitly try deleting the .dll file?
Click to expand...

Yes, ten characters.
 
You must log in or register to reply here.

Similar threads

K
Slow launch time
Replies
2
Views
336
Walter Hawkwood
Walter Hawkwood
D
Help with putting a custom city state onto a custom map
Replies
2
Views
282
dragononablade
D
J
Heroes bugged but worse...
Replies
0
Views
246
Jaguaro1000
J
B
Civ 3 complete on Windows 10 Enterprise from CD not loading / black screen?
Replies
19
Views
894
SayHayKid
SayHayKid
J
Not sure if this is a mod question or a technical problem...
Replies
4
Views
181
JackHart1967
J
Back
Top Bottom