Jump to content

Virus In C:\windows, Wont Let Me Fix


AstroFan

Recommended Posts

In a Norton AntiVirus Pro Edition 2003 scan it said "The file C:\WINDOWS\dxdgns.dll is infected with the Backdoor.Beasty virus." I tried to delete it but it said access denied, and I went to http://securityresponse.symantec.com/avcen...oor.beasty.html and went through the instructions on how to delete the stuff through regedit and none of the stuff I was supposed to delete was even there. I scanned again and its still there and wont let me delete, repair, or quarantine. How do I get rid of this?

I apologize if this is in the wrong forum, I wasnt completely sure which area to post it in.

Link to comment
Share on other sites


To get access to a file, you could become the owner of the file, then you'll have total control over it.

To gain ownership, Right-clik the files and chose Properties. Then click the Security tab, and the advanced settings button. A new windows pops up; chose the ownership tab. You'll have two choices: yourself and the administrators group.

You'll probably be able to delete the file now, if it's not in use.

Link to comment
Share on other sites

I clicked properties but didnt see a security tab. I clicked "Advanced" and a window called Advanced Attributes popped up but there was nothing in there to change ownership, just stuff about whether I wanted to index the file for fast searching. Any idea's?

Link to comment
Share on other sites

I thing you must kill the process of this file or service, and then delete it. The process maybe hidden in process explorer.

How do I figure out what process it is?

And disabling NAV didnt work, it still wouldnt let me manually delete dxdgns.dll.

Link to comment
Share on other sites

Try this:

Start > Run >

regsvr32 /u c:\path\to\dxdgns.dll

Modify C:\path\to\ to point to the location of dxdgns.dll

Then try to delete the file.

It said "failed- access is denied".

If I end a process that I want running, it will start again after I reboot right? So if needed I could end all the processes and then delete the virus?

Link to comment
Share on other sites

Well, I restored to last week and everything seems fine with the processes now although the virus is still there.

"Modifies the default value of the following registry key:

HKEY_CLASSES_ROOT\exefile\shell\open\command

This causes the Trojan to execute every time a .exe file is executed."

Im not great with computers, so will safe mode make it so no .exe files open? If not, how will I remove it? The things Im supposed to remove to make it stop from automatically opening arent even there yet it still says I have a virus.

Link to comment
Share on other sites

When a file is in use and cannot be deleted I use a program called zap.exe to delte the file(s). Download zap.exe from here:

http://helpdesk.kixtart.org/KixUtilsTasks.asp

You will need to open an MS-DOS Session and run zap.exe from the command prompt. Very easy. Start > All Programs > Accessories > Command Prompt.

The DOS Window will look similar to the picture below. Use the same commands I used and the file will be deleted. Your directories will of course be different, so substitute accordingly. BE CAREFUL WITH WHAT YOU DELETE!

zap.JPG

Hope this helps :)

Link to comment
Share on other sites

I downloaded "The Cleaner", as suggested by a friend, to try to get rid of the trojan but it automatically closed while scanning. He suggested I get off IE, but when I did a bunch of screens starting popping up and going to random sites. I went into safe mode and tried to delete the infected file, but it still said access denied. I then started back in normal mode and it seems to be fine for now, but I really have no idea what to do. Last time I used The Cleaner my computer started going crazy. Is this trojan something serious that I should be losing sleep over and worrying about? I'll try using that last program that was suggested, but I really don't want IE going crazy again.

Also, when I start my computer, a runtime error(with the IE icon next to "Error") pops up saying something like Runtime Error 5 at 003C729C. Im always connected to IE because everytime i try to close it, a bunch more popup. Im not sure if thats related or not, so I thought I would see if anybody else knows.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...