Note: This article was originally written on reich-consulting.net. Reich Web Consulting has narrowed its focus to the web and no longer offers tech support services, so we’ve moved all of our tech support content off-site. We hope you find this article useful. It is provided as-is, and we will no longer provide support on this topic.

I’m in the process of patching up a particularly nasty virus called Agent2.AGCV. Part of the virus resides in a file called C:\windows\system32\kbdsock.dll. What I noticed is that when the deleted the file or allowed AVG to clean it, it would reappear after the next reboot.

Prevent the actual virus file from loading by booting up to a Windows installation CD and entering the Recovery Console. Copy another DLL file over kbdsock.dll and reboot. The file you just copied will be loaded instead of the virus.

Reich Web Consulting

Written by

Purveyor of fine web creations. Former tech support geniuses. Occasional spouter of opinions on topics of politics and ethics.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade