cannot delete virus infected dll

G

Guest

Recently I got a message from Norton Antivirus that "rgYrg.dll" is infected
with Downloader.Trojan virus. Norton was not able either to quarantine or
delete this dll. When I tried to delete this dll manually, I was also not
able to do it either in regular or safe mode. I was getting a message "Access
is denied the source file may be in use
 
S

Steve Parry [MVP]

elvigor fumbled, fiddled and fingered:
Recently I got a message from Norton Antivirus that "rgYrg.dll" is
infected with Downloader.Trojan virus. Norton was not able either to
quarantine or delete this dll. When I tried to delete this dll
manually, I was also not able to do it either in regular or safe
mode. I was getting a message "Access is denied the source file may
be in use
Click to expand...

info and directions here

http://securityresponse.symantec.com/avcenter/venc/data/downloader.trojan.html
 
G

Guest

You know, Steve, the first thing I did was to go to symantec website and I
found the info that you linked me to. But the instructions did not work. The
infected dll was not repaired, quarantined or deleted in safe mode, the
registry keys do not have any values that refer to this "rgYrg.dll" file.

Any other real suggestion (withhout the insults?)
 
S

Steve Parry [MVP]

elvigor fumbled, fiddled and fingered:
You know, Steve, the first thing I did was to go to symantec website
and I found the info that you linked me to. But the instructions did
not work. The infected dll was not repaired, quarantined or deleted
in safe mode, the registry keys do not have any values that refer to
this "rgYrg.dll" file.

Any other real suggestion (withhout the insults?)
Click to expand...

I was'nt being insulting! I was attempting to offer advise.
 
L

lforbes

Hi,
The infected dll was not repaired, quarantined or deleted in safe
mode, the registry keys do not have any values that refer to this
"rgYrg.dll" file.
Click to expand...

Sometimes safemode doesn’t kick out a process that start at a Users
Logon. Start in Safe Mode. Go to the task manager and kill all the
processes that You don’t recognize as System Files. Depending on the
OS (I am assuming it is 2K) it will or will not list User or System.
You can figure out what are System Files by going to
AdminTools-Services. Look at all the ones started. They aren’t exactly
the same names as the services themselves but you can figure it out.

The ones I have on XP that are System are:
SVCHOST (more than one)
WINLOGON
SMSS
CSRSS
SERVICES
LSASS
Spoolsv
nvsvc32
System
System Idle Process
alg.exe
explorer.exe

If you kill the service that it is related too it will let you delete
it.

Cheers,

Lara
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Cannot delete <Filename>.dll error on a virus infected file 4
downloader.trojan in DLL file 4
Virus infected DLL file 1
Removal of EXE file currently running that is infected with a Virus 3
Trojan.Proscks, I can't clean, quarantine, or delete 4
dll file infected with virus! 3
W32.Welchia.Worm 7
possible virus please help 2

Top