I just can't get rid of this file.

SpeedZealot369 · Jul 30, 2006

I'm trying to get rid of this file that my virus program keeps on popping up and telling me it's causing problems. The program won't get rid of it, I can't get rid of it, I even went to safemode and it says "this file is being used by another program" when I try deleting it. I'm pretty sure this is what has been causing my pc to skip every other second when watching movies and playing games.

Any suggestions?

-SZ

edited for spelling

Gustavus · Jul 30, 2006

There is a little program called KillBox that I have used several times to remove files Windows wouldn't allow me to delete -- even in safe mode.
You can get it here:

http://www.scancomplete.com/download/killbox/

Hope this helps

SpeedZealot369 · Jul 30, 2006

Cool, trying that out right now.

again, "this file cannot be deleted". And that program looked so promising lol.

Atheus · Jul 30, 2006

You could boot a linux CD, or even just a DOS boot disk, and delete it that way.

SpeedZealot369 · Jul 31, 2006

Originally posted by: Atheus
You could boot a linux CD, or even just a DOS boot disk, and delete it that way.

Please explain...

Oxides · Jul 31, 2006

What is the name of the file?
There is a free program, unlocker, http://ccollomb.free.fr/unlocker/ that you can use to unlock files.

Atheus · Jul 31, 2006

Originally posted by: SpeedZealot369

Originally posted by: Atheus
You could boot a linux CD, or even just a DOS boot disk, and delete it that way.

Click to expand...

Please explain...

If you're not running Windows, Windows can't lock the file right? So run DOS or Linux for 5 minutes, delete the file, and reboot Windows.

You can get DOS disks from bootdisk.com, and you can get a Linux live-CD from knoppix.org or many other places. The Linux CD is a bigger download but can be used for all sorts of useful things apart from system recovery.

Jeff7 · Jul 31, 2006

Originally posted by: SpeedZealot369
Cool, trying that out right now.

again, "this file cannot be deleted". And that program looked so promising lol.

Did you try it with the "End Explorer.exe while killing file" checkbox checked?

Other possibility is that it might be a CoolWebSearch variant, may its authors kindly DIAF and rot in hell. It's an insidious form of spyware that has some impressive stealth and regenerative abilities. In the worst infestation I encountered, CWS employed a registry entry that instructed Windows Explorer to hide the main EXE file responsible for regenerating the -easier to find yet still hidden with a file attribute- file which was what was causing the problems. Manage to delete that file, and it magically reappears.
CWShredder managed to cripple the CWS infection enough to allow me to take out the regenerator file. Or something like that, I don't remember exactly the order. CWShredder wasn't able to remove it completely, but it was definitely helpful in damaging CWS enough for it to be removed. So do give it a shot. If it finds any variants of CWS, post back here on what it finds.

SpeedZealot369 · Jul 31, 2006

Originally posted by: Jeff7

Originally posted by: SpeedZealot369
Cool, trying that out right now.

again, "this file cannot be deleted". And that program looked so promising lol.

Click to expand...

Did you try it with the "End Explorer.exe while killing file" checkbox checked?

Other possibility is that it might be a CoolWebSearch variant, may its authors kindly DIAF and rot in hell. It's an insidious form of spyware that has some impressive stealth and regenerative abilities. In the worst infestation I encountered, CWS employed a registry entry that instructed Windows Explorer to hide the main EXE file responsible for regenerating the -easier to find yet still hidden with a file attribute- file which was what was causing the problems. Manage to delete that file, and it magically reappears.
CWShredder managed to cripple the CWS infection enough to allow me to take out the regenerator file. Or something like that, I don't remember exactly the order. CWShredder wasn't able to remove it completely, but it was definitely helpful in damaging CWS enough for it to be removed. So do give it a shot. If it finds any variants of CWS, post back here on what it finds.

Thanks for the help, didn't find any CWS though.

Originally posted by: Oxides
What is the name of the file?
There is a free program, unlocker, http://ccollomb.free.fr/unlocker/ that you can use to unlock files.

that didn't work either

I think the going through DOS will do it. Also if it helps anyone, it also mentions that this file is the cause or effect (I dont rememebr) of "Win32/Adware.Virtumonde" I can't find that file though. But the main file is called E:\WINDOWS\system32\mljjg.dll

corkyg · Jul 31, 2006

The problem with DOS is that ordinary DOS boot disks can't read NTFS formatted drives. So, you may want to download and create the "Ultimate Boot CD."

UBCD

jadinolf · Jul 31, 2006

Try Move on Boot

http://www.ratatak.com/modules/mydownloads/singlefile.php?cid=5&lid=16

Jeff7 · Jul 31, 2006

Search the registry for mljjg.dll. You might need another registry editor though. Some spyware, not just CWS, will instruct regedit to hide certain entries. Get the trial/lite version of Registrar Registry Manager here. Use it to search the registry if regedit fails.

That filename sounds like it was randomly generated though, so it might be a dummy/bait file.

Search

I just can't get rid of this file.

SpeedZealot369

Platinum Member

Gustavus

Golden Member

SpeedZealot369

Platinum Member

Atheus

Diamond Member

SpeedZealot369

Platinum Member

Oxides

Member

Atheus

Diamond Member

Jeff7

Lifer

SpeedZealot369

Platinum Member

corkyg

Elite Member | Peripherals

jadinolf

Lifer

Jeff7

Lifer

TRENDING THREADS