Roings:library, what is it, how do I get rid of it?

Posted on 2004-11-17
Medium Priority
Last Modified: 2013-11-16
I am running XP, Norton Internet Security, Adaware, Spybot, Stinger and a couple of others I can't remember right now.  Every time I scan with Spybot I get Roings:library at C:\windows\system32\objsafe.tlb.  It deletes ok but the next time I scan it is there again.  Is this anything to worry about and if so how do I keep it from coming back?
Question by:rider164
LVL 65

Accepted Solution

SheharyaarSaahil earned 1000 total points
ID: 12608050
Hello rider164 =)

Can you find this file on the hard drive yourself, what if you delete it from safemode ??
Does it return back ??

Expert Comment

ID: 12609174
This can  be a problem.

Look at http://computercops.biz/print-1-43040.html
for removal advice.

hope this helps


Expert Comment

ID: 12618135
The file objsafe.tlb is a type library, specifically for Visual Basic controls. See this link:


So what you seem to be seeing is a symptom, not the problem. Now, Roings appears to be a nasty hijacker and should be removed ASAP like graemeboro says above.
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

LVL 88

Expert Comment

ID: 12621094
Before running spybot turn your System Restore off (control panel, System). If this is turn on your system will reload the old config and your malware is back.

Author Comment

ID: 12638739
I searched for the file and deleted it in safe mode, problem gone.  Thanks
LVL 65

Expert Comment

ID: 12638807

Featured Post

What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware - Defeated! Client opened the wrong email and was attacked by Ransomware. I was able to use file recovery utilities to find shadow copies of the encrypted files and make a complete recovery.
The Internet has made sending and receiving information online a breeze. But there is also the threat of unauthorized viewing, data tampering, and phoney messages. Surprisingly, a lot of business owners do not fully understand how to use security t…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question