One last, disturbing issue

sseeker

sseeker

Ok, so i had a big problem and postet it in the Windows forum here, where route44 did a really great job and helped me. While i got everything up running i discovered just one problem.
There is one trojan, who got itself into the file

"C:\Windows\System32\RPCC.DLL".

Everytime i try to delete it (even in safe made) windows says, it can't delete it, because a process is using it. So how can i get rid of this little bastard? And could it be, that this is a file, used to run windows?

mfg
sseeker
 
Download the Pocket Killbox program from here. Extract it but don't run it yet.

Boot into safe mode, under your normal user name (not the administrator account). See how HERE.

Run the killbox file. When it loads type the full path to the file you would like to delete in the field and check the delete file on reboot button. press the Delete File button (looks like a red circle with a white X). It will prompt you to reboot, select no until you have finished inputting the files you want to delete, only then allow it to reboot and hopefully your files will now be deleted.

This is the filepath you need to enter:

C:\WINDOWS\system32\rpcc.dll

Then go and read the Viruses/spyware/malware, preliminary removal instructions. Follow all the instructions exactly, then post fresh HJT, ComboFix, and AVG Antispyware logs as attachments into this thread. Also post here the results of the AVG Antirootkit scan.

Regards :)
 

Similar threads

H
Running macro to open a WordPerfect12 document causes WP to close
Replies
0
Views
314
Hikermann
H
S
Problem with computer installation
Replies
0
Views
340
Smilady
S
Z
Diablo 3 disconnects: dcom error 10016
Replies
0
Views
297
zew1o
Z

Latest posts

Back