Computer help: Can't Delete a DLL file
Can't Delete a DLL file
by jonfrohnen - 4/29/09 8:24 AMHi Everyone,
I have a DLL file that NOD32 is identifying as a trojan. The location is as follow: C:\WINDOWS\system32\smfglfcs.dll
I'm on a PC with Windows XP...I've tried spybot search and destroy, unlocker, cyberscrub, errorfix, a-squared, NOD32, Trojan Remover, file assasin...and of course have tried booting in Safe Mode and trying to delete it. I've tried manually removing via CMD with no luck. Am I missing something? Anyone have any ideas? Thanks in advance for your help! Jon
(NT) What happens if you try to delete it?
by Kees Bakker
- 4/29/09 8:32 AM
In reply to: Can't Delete a DLL file by jonfrohnen
Reply
by jonfrohnen - 4/29/09 8:36 AM In reply to: (NT) What happens if you try to delete it? by Kees Bakker
Windows indicates that it is not able to delete it...I am unfortunately at my office away from my home computer so I can't type the exact wording. All of the programs I mentioned that I tried suggest that they will delete the file upon reboot but they do not succeed...
And what about the Recovery Console?
by R. Proffitt - 4/29/09 10:13 AM
In reply to: Can't Delete a DLL file by jonfrohnen
I know it's a little rough on those that didn't use the command line but it does offer a way to delete or rename said file.
More at http://www.derkeiler.com/Newsgroups/microsoft.public.platformsdk.security/2006-12/msg00007.html which covers the ownership and ACL issue.
Bob
Thanks
by jonfrohnen - 4/29/09 12:32 PM In reply to: And what about the Recovery Console? by R. Proffitt
I'm going to track down my boot disk and try this evening! J
Here is more info
by jonfrohnen - 4/30/09 10:46 AM In reply to: Thanks by jonfrohnenStill can't get rid of it...PC Doctor sent me the following, it seems as though I am out of luck?:
The problem that you are experiencing appears to be caused by a new variant of a known malware threat.
Our Malware Research Center is currently aware of this issue and are working on resolving the problem shortly. We are currently updating Virtumonde regularly however because there are so many random files out there relating to Virtumonde it is very difficult for us at the moment to resolve this permenantly.
At the moment no other Antispyware or AntiVirus software out there can detect all of current Virtumonde files. Virtumonde is sometimes also known as Trojan.Vundo or Conhook.
Please make sure to keep Smart Updating as the problem will be fixed very shortly with a newly created signature that will be downloaded via the Smart Update. If you require further assistance on this specific request, please reply to this email.
Kind Regards,
David Musumeci
Customer Support Representative
PC Tools Customer Support Services
Re: recovery console
by Kees Bakker - 4/30/09 11:42 AM
In reply to: Here is more info by jonfrohnen
I agree with Bob that it should be possible with the recovery console. What exactly do you do? What happens? Why doesn't it work?
Of course, a clean install of Windows is the brute-force solution, but that shouldn't be necessary for just deleting a file. Did you try it from a Linux Live CD?
Or does it come back after you succesfully delete it? Then that's another problem.
Kees
Although Recovery Console Should Allow You To Remove Single
by Grif Thomas - 4/30/09 11:52 AM
In reply to: Can't Delete a DLL file by jonfrohnen
...files, if you haven't done so already, please try this.. Download, install, then update the free program below.. Once that's done, then restart your computer into Safe Mode.. Run a full system scan using the tool while in Safe Mode..
Malwarebytes Antimalware
After finding and deleting the file, restart the computer into "normal" Windows and see if the file is gone..
If it's not, then you'll need to use the Windows XP Recovery Console from the XP disc per the instructions previously given by the others.
Hope this helps.
Grif
Found a way to delete a .dll in use!
by SteveGeek - 6/2/09 12:31 PM In reply to: Can't Delete a DLL file by jonfrohnenI had a laptop (my nephews) that was loaded up with MalWare, SpyWare and Viruses! Most of the common utilities like MalWareBytes, Spybot, SpyWare Doctor and Unlocker (to name a few) cleaned up the majority of the mess. However, I had one .dll that was left in the System32 directory that was always in use and bound to the Winlogin.exe program. That was the root of my problem and I couldn't delete it no matter what program I used.
The fix I found was - Don't boot into Windows since the .dll is now part of the operating system but boot into Linux instead! I used Paragon's NTFS for Linux Express (free) to boot and gained access to all my files through Linux. The .dll was no longer in use and easily deleted!
http://www.paragon-software.com/home/ntfs-linux-per/features.html
Hope this helps! Steve
| Forum legend: | |
 |
Locked thread |
 |
Moderator |
 |
CNET staff |
 |
Samsung staff |
 |
Norton Authorized Support team |
 |
AVG staff |
 |
Windows Outreach team |
 |
Dell staff |
 |
Intel staff |
