force dll to unload and allow dll file to be deleted

force dll to unload and allow dll file to be deleted: Posted by Josh on November 28th, 2005; I have a pc that is infected with a portion of the Trojan.Vundo virus.
Symantec will locate a specific dll file but can not delete it because it is
in use by the Windows system. I've tried the Vundo Removal Tool from
Symantec that is supposed to stop the process, but it claims to not find the
Vundo virus on my system. This dll runs whether I'm in normal or safe mode.
How do I force unload a dll from running in order that the dll file can be
deleted?; Posted by David Candy on November 28th, 2005; You can rename running programs. On reboot whatever uses it won't be able to find it.

--
--------------------------------------------------------------------------------------------------
Read David defending the concept of violence.
http://margokingston.typepad.com/har...e_ga.html#more
=================================================
"Josh" <Josh@discussions.microsoft.com> wrote in message news:96E92BEB-F23B-473B-B9BB-D07DFACB9CE7@microsoft.com...
>I have a pc that is infected with a portion of the Trojan.Vundo virus.
> Symantec will locate a specific dll file but can not delete it because it is
> in use by the Windows system. I've tried the Vundo Removal Tool from
> Symantec that is supposed to stop the process, but it claims to not find the
> Vundo virus on my system. This dll runs whether I'm in normal or safe mode.
> How do I force unload a dll from running in order that the dll file can be
> deleted?; Posted by Josh on November 28th, 2005; I'll have to try that next time, but I found another way to kill it. I
removed all permissions to the dll from the security tab on the properties of
the file, and deleted it after a reboot when the file didn't have a chance to
load since Windows no longer had permissions for it.

"David Candy" wrote:

> You can rename running programs. On reboot whatever uses it won't be able to find it.
>
> --
> --------------------------------------------------------------------------------------------------
> Read David defending the concept of violence.
> http://margokingston.typepad.com/har...e_ga.html#more
> =================================================
> "Josh" <Josh@discussions.microsoft.com> wrote in message news:96E92BEB-F23B-473B-B9BB-D07DFACB9CE7@microsoft.com...
> >I have a pc that is infected with a portion of the Trojan.Vundo virus.
> > Symantec will locate a specific dll file but can not delete it because it is
> > in use by the Windows system. I've tried the Vundo Removal Tool from
> > Symantec that is supposed to stop the process, but it claims to not find the
> > Vundo virus on my system. This dll runs whether I'm in normal or safe mode.
> > How do I force unload a dll from running in order that the dll file can be
> > deleted?
>; Posted by Yves Leclerc on November 28th, 2005; Do the delete in "Safe Mode". This usually does not load extra DLLs.

On 28/11/2005 "Josh" <Josh@discussions.microsoft.com> wrote:
>I have a pc that is infected with a portion of the Trojan.Vundo virus.
>Symantec will locate a specific dll file but can not delete it because it is
>in use by the Windows system. I've tried the Vundo Removal Tool from
>Symantec that is supposed to stop the process, but it claims to not find the
>Vundo virus on my system. This dll runs whether I'm in normal or safe mode.
>How do I force unload a dll from running in order that the dll file can be
>deleted?

--
---

Y.; Posted by David H. Lipman on November 28th, 2005; From: "Josh" <Josh@discussions.microsoft.com>

| I have a pc that is infected with a portion of the Trojan.Vundo virus.
| Symantec will locate a specific dll file but can not delete it because it is
| in use by the Windows system. I've tried the Vundo Removal Tool from
| Symantec that is supposed to stop the process, but it claims to not find the
| Vundo virus on my system. This dll runs whether I'm in normal or safe mode.
| How do I force unload a dll from running in order that the dll file can be
| deleted?

There are anti virus News Groups specifically for this type of discussion.

microsoft.public.security.virus
alt.comp.virus
alt.comp.anti-virus

The following tool will remove the WinFixer 2005 and Trojan Vundo infection.

Download WinFixerFix.exe from the URL --
http://www.ik-cs.com/programs/virtools/WinFixerFix.exe

Execute; WinFixerFix.exe { Note: You must accept the default of C:\McAfee }
Choose; Unzip
Choose; Close

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to enable WGET.EXE to download the needed McAfee related files.

Execute; c:\mcafee\clean.bat
{ or Double-click on 'Clean Link' in c:\mcafee }

A final report in HTML format called C:\mcafee\ScanReport.HTML will be generated. At the
end of the scan, it will be displayed in your browser (Opera, FireFox or Internet Explorer).
It is suggested that you move the report out of c:\mcafee before performing another scan.
It would be a good idea to scan in Safe Mode and in Normal Mode and save a copy of the HTML
report for each session.

* * * Please report back your results * * *

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

Similar Posts

Deleted file names (Help and Support) by The Wizard of Odd
0 kb file, can't be deleted (Help and Support) by arthur
Can I force 'eudora.ini' file to stay in memory ? (Microsoft Windows) by Franklin
Can I force 'eudora.ini' file to stay in memory ? (Performance/Maintainence) by Franklin
RE: Deleted file: How to retrieve (Microsoft Windows) by lukeles