Hi, hope somebody can help me here, can't fully get rid of 'AntiVir PersonalEdition Premium' out of the system so I can install kapersky. Managed to get rid of everything with the exception of 3 files ..

mfc71u.dll
msvcr71.dll
shlext.dll

when I try to delete them, I get the following pop-up ..
Cannot delete ..' Access is denied.
Make sure the disk is not full or write-protected and that the file is not currently in use' = :damn:
Can anyone supply the 'recipe' to get rid of them as I don't want them to clash with Kapersky.

Actually, what you've more acurately described is not an anti-virus problem, but a virus problem. That program is a virus itself, and it is notoriously difficult to eliminate.

Sigh .. have had a lot of :damn: moments lately and it's had a lot of fun screwing around with Internet Explorer and also plonked 7,000 files into 'My Documents'. Now finally found the problem, does anyone have the solution ? Please .. Please .. Pretty Please.

Have they themselves have a solution?

After all it's there product!

I had Norton 2005 which left stuff behind so I went to there site and found a full remover tool which got rid of the rest.

What made you want to delete antvir?I have been quite happy with it.

I went to the Antivir site and it just shows the products they have for trial/sale; the contact links state non-technical stuff only.
I had Norton on a previous Computer and it was a doddle to get rid of; just went to their web-site and downloaded their removal tool.
This outfit is a different story

Do those files actually stop you from doing anything? Just install your new AV.

What made you want to delete antvir?I have been quite happy with it.

It didn't prevent a nasty from a BitTorrent attaching itself to the system and won't let go. Everytime I go online, have to go into Tools_Internet Options_Privacy and move the slider up from the bottom = a ghost ? Not to mention trying to get rid of a bucket load of files etc. It's all starting to wear a bit thin now. If these sort of things were going on in your House, you'd be calling the Poltergeist extractor in to do an exorcism !

Do those files actually stop you from doing anything? Just install your new AV.

They might clash with a new anti-virus program and these [virus] files are in the AntiVir Personal Edition folder in Program Files.

Do those files actually stop you from doing anything? Just install your new AV.
They might clash with a new anti-virus program and these [virus] files are in the AntiVir Personal Edition folder in Program Files.What the problem is, when you turn your system on, a running process is using those files, preventing them from being deleted. So how you would fix that is to find the running process that is in control, which may be a trial and error thing.

Trying to think of a way for you to do this without screwing with your registry (And possibly screwing up everything), and I am thinking msconfig is the easiest way to do that.

Pull up a run box from the start menu and type msconfig in it. It will bring up a window that will show you everything that is run on your system on startup (the last tab over). From there, you can selectively disable software that starts up, then reboot your system and see if the files in question are free to be deleted.

As mentioned above, if a virus has taken over these files, then it may be even difficult to do this since a common tactic of viruses is to run two copies of itself. If one copy sees that the other copy has been stopped, it will start up that copy again. Same goes vice versa. If you need to run an AV scan to check for this, use a free online scanner to avoid having to load a duplicate AV product at the same time - http://housecall.trendmicro.com/ - This way you can have an alternate program check for bugs.

Remember - when selectively disabling programs in msconfig, you can use google to find out what they do. Then again, the easy way to take care of the problem is to disable everything and then delete the files.

One other thing that comes to mind is that the files could be locked by a 'service'. If that is the case, you can pull up the services menu by typing services.msc into a run command box. Remember that Google is again your friend in determining what services do what.

A suspicious service by the way will typically not tell you anything about itself. Those are the first you should check, but remember that all services that you use do not always give you description.

Let me know how the battle goes. At the very least, you will begin to get a deeper understanding of your system.

-S

Thanks for the advice Subman1 and thanks to the others. It's been a crash course on learning about dlls and the main problem seems to lie with Internet Explorer and add-on's; there was 4 files lumped in there [the main culprit being geebb.dll] and, like you state, they don't identify themselves. Another one that repeatedly rears it's ugly head is virtumonde.dll when Computer is scanned. Things are improving and will persevere and you are right about learning more on what makes a Computer tick.
Thanks everyone :up:

Well by my knowing, if you want to keep your computer protected from viruses..just use ZoneAlarm. It's what I use, it gives good protection for me. You got to pay for it though.

http://www.zonealarm.com/store/content/home.jsp

Thanks for the advice Subman1 and thanks to the others. It's been a crash course on learning about dlls and the main problem seems to lie with Internet Explorer and add-on's; there was 4 files lumped in there [the main culprit being geebb.dll] and, like you state, they don't identify themselves. Another one that repeatedly rears it's ugly head is virtumonde.dll when Computer is scanned. Things are improving and will persevere and you are right about learning more on what makes a Computer tick.
Thanks everyone :up:I should point out - make sure you aren't deleting any system files - that could be a tragic error. I believe at least one file above may fall in that catagory.

-S

shlext.dll file information

The process Shell Extensions (http://www.google.com/search?q=%22Shell%20Extensions%22) or ShlExt.dll (http://www.google.com/search?q=%22ShlExt.dll%22) or SonicPDFShellExt.dll (http://www.google.com/search?q=%22SonicPDFShellExt.dll%22) belongs to the software Sonic RecordNow! (http://www.google.com/search?q=%22Sonic%20RecordNow%21%22) or AntiVir PersonalEdition (http://www.google.com/search?q=%22AntiVir%20PersonalEdition%22) or Sonic PDF (http://www.google.com/search?q=%22Sonic%20PDF%22) or Avira AntiVir PersonalEdition (http://www.google.com/search?q=%22Avira%20AntiVir%20PersonalEdition%22) or ShlExt (http://www.google.com/search?q=%22ShlExt%22) by Sonic Solutions (http://www.sonic.com/) (www.sonic.com) or H+BEDV Datentechnik GmbH (http://www.free-av.com/) (www.free-av.com) or Investintech.com Inc (http://www.google.com/search?q=%22Investintech.com%20Inc%22) or Avira GmbH (http://www.google.com/search?q=%22Avira%20GmbH%22).
Description: File shlext.dll is located in a subfolder of "C:\Program Files". Known file sizes on Windows XP are 69672 bytes (76% of all occurrence), 176128 bytes, 61480 bytes, 73728 bytes, 86016 bytes, 65576 bytes, 77824 bytes.
A .dll file (Dynamic Link Library) is a special type of Windows program containing functions that other programs can call. This .dll file can be injected to all running processes and can change or manipulate their behavior. The program has no visible window. The service has no detailed description. It can change the behavior of other programs or manipulate other programs. shlext.dll is not a Windows core file. shlext.dll is able to monitor applications. Therefore the technical security rating is 63% dangerous, however also read the users reviews.

Important: Some malware camouflage themselves as shlext.dll, particularly if they are located in c:\windows or c:\windows\system32 folder. Thus check the shlext.dll process on your pc whether it is pest. We recommend Security Task Manager (http://www.neuber.com/taskmanager/index.html?ref=file.net) for verifying your computer's security. It is one of the Top Download Picks of 2005 of The Washington Post and PC World.





mfc71u.dll file information

The process MFCDLL Shared Library - Retail Version (http://www.google.com/search?q=%22MFCDLL%20Shared%20Library%20-%20Retail%20Version%22) belongs to the software Microsoft® Visual Studio .NET (http://www.google.com/search?q=%22Microsoft%C2%AE%20Visual%20Studio%20.N ET%22) by Microsoft Corporation (http://www.microsoft.com/) (www.microsoft.com).
Description: mfc71u.dll is located in a subfolder of "C:\Program Files". The file size on Windows XP is 1047552 bytes.
A .dll file (Dynamic Link Library) is a special type of Windows program containing functions that other programs can call. This .dll file can be injected to all running processes and can change or manipulate their behavior. The program has no visible window. The program can be uninstalled in the Control Panel. The service has no detailed description. It can change the behavior of other programs or manipulate other programs. mfc71u.dll is not a Windows system file. mfc71u.dll is able to connect to Internet, record inputs. Therefore the technical security rating is 50% dangerous.

Important: Some malware camouflage themselves as mfc71u.dll, particularly if they are located in c:\windows or c:\windows\system32 folder. Thus check the mfc71u.dll process on your pc whether it is pest. We recommend Security Task Manager (http://www.neuber.com/taskmanager/index.html?ref=file.net) for verifying your computer's security. It is one of the Top Download Picks of 2005 of The Washington Post and PC World.


msvcr71.dll description

Description

msvcr71.dll is a module containing standard C library functions such as printf, memcpy, and cos. It is a part of the Microsoft C Runtime Library.

The short answer is - there is a high likelyhood of you screwing up your computer at this point in time. WARNING! :D

-S

It's okay, I Googled all 3 dll files and got that information so left them be and installed a registered Kapersky 7 after creating a back-up. Everything running better; also Googled virtumonde.dll and an outfit by the name of 'Spy Hunter' informed me they were up to the job of blasting it, done a scan, didn't find it but found 3 zlob Trojans and 14 other nasty files and will remove them if I registered and paid them money.
Problem I've noticed here is it's hard to tell who the good/bad guys are in regards to Spyware i.e. I was getting a pop-up stating I could have malicious files on my Computer, click here etc. this was taking me to a web-site by the name of 'storage protector' which turns out to be a nasty site :nope:
So some of these so called Spyware companies are actually infecting instead of fixing, how evil is that ? :nope:

been reading this thread ''nosy twat i am''' have you tried spybot search and destroy yet? its actually quite good... and also run a good reg cleaner ie: regvac

Yes, tried Spybot and it finds virtumonde stuff all the time and doesn't nag me for $20 so a big :up: to them ! Haven't tried the other; gonna see if Kapersky and Spybot 'get on with each other' and see what happens :D
Not trying anymore 'free system scans' which turn out to be 'free system scams'

I use Hijack This to find out if anything is taking over my system.

Yes, tried Spybot and it finds virtumonde stuff all the time and doesn't nag me for $20 so a big :up: to them ! Haven't tried the other; gonna see if Kapersky and Spybot 'get on with each other' and see what happens :D
Not trying anymore 'free system scans' which turn out to be 'free system scams'


Zonealarm Internet Security comes with Kaspersky antivirus attached, and works fine with Spybot, as far as I can tell. :up:

In about 12 months of usage, Virtually nothing got past the firewall, and the 3 trojans / viruses that did (due to sloppy downloading practices:oops: ), were snapped up immediately.