Has anyone heard about this (http://vil.nai.com/vil/content/v_100315.htm) ? If so is there a way to get rid of it?
The file won't delete, if i try to open it by double clicking it opens Microsoft Media Player (it appears to have a .mpg extension) if I try to open it with something else it either says access denied or file does not exist.

How the **** am I going to get rid of this file?

Thanks for any help or suggestions

JO

Hmmm....I know I had that virus once and i totaly freaked out
what i did i went to google.com and i searched for the name of virus
and there was a norton link and they will explain how to get rid of it

also try to go to c:\windows\and there should be a filename simmilar to the one in kazaa and delete that

you can try to search for it and delete it manually, if it sais you cant delete it,press CTRL+ALT+DELETE and end the task of the virus and delete them all

When in doubt get yourself a file shredder like eraser. It will plow through anyfile that windows wont let you acsess. Then go into your av program and turn on your inbound scanning. Idont know about the other av progs out there but norton woulda caught that while it was still a .dat file.

Eraser does not plow through anyfile that windows wont let you acsess You cannot delete a file that is still running no matter what program you use within an OS. You cannot do this because the program is in memory and is referenced to that particular HDD sector. If you were to delete the file off of the HDD, the program will undoubtadly 'freeze' and most likely, so will the OS. You must first close the program.

Yes, it is possible to delete a file that is still running by using a shell of another OS, (ie dos).

*Moved from Antionline: How do I?*

If this is an XP/W2K box, grab the install cd and boot to the recovery console. You should be able to dump the file without incident.

--TH13

OK - first of all I appreciate all of the replies and suggestions!!

I didn't find anything in C:\Windows
I have Norton and it didn't find anything.
I tried many, many file deleting softwares and none worked.
I can't boot to dos, although I have administrative rights on this pc, I do not have the password for the actual Administrator account.
Which is why I couldn't boot to the recovery console.

SO, it's looking like I'm just stuck with it, although I'm not giving up just yet!! :mad:

Again I appreciate all of your suggestions. :D


P.S. Sorry I posted in the wrong forum :(

have you tried browsing to it in DOS and deleting it? I know with my XP box I have trouble deleting some files either becuase of the file name or XP seems to always thing mpgs are "in use". Browse to the Dir in DOS, and try to erase the file from there. If the file name is really long, and you do not know how to trunkate (sorry about spelling) it, type Dir /X This will tell you the correct formatting for the file name to delete it.

I had a similar problem booting into DOS from XP, but what i found seemed to say that there is no preset function for doing it; you have to make an "MS DOS Startup Disk" (i did that by selecting the floppy drive, choosing format, and selecting "Create MS DOS Startup Disk." Using the disk i could then boot into dos (sort of). that might help you, although i don't know about these administrator problems... i don't see how that problem would exist if you were booting from the disk. Try making the startup disk, restarting XP with the disk in the drive and then finding and deleting the file you want to get rid of.

First, If you have admin rights go make sure you have rights to the file, if the file is owned by another admin you must take ownership and then set the permissions. If the file is currently running it may be executing at boot time, reboot to 'safe mode with prompt' (Hit F8 before Windows loads) then delete file from DOS prompt. (I don't believe an NT kernel will let you delete a process in use by the OS even from a DOS shell, but I may be wrong)

If the file IS a virus there are probably other files and/or registry keys which will have to be located and removed.

-Maestr0

Sorry I forgot to mention I'm using Win2K, but I could get to it from the command prompt but couldn't delete it. I'm making a boot disk now so I can try to boot to dos...

JO

This may sound a bit obvious, but have you checked your processes?
If not, I would suggest that you first go into your task manager (ctrl-alt-del) and press the "processes" tab. Do a thorough search for the name of the specified file, or any file resembling that name.

If you do not see it, you can sort the processes by memory usage, or by cpu usage and see if any rouge files are eating up your resources that you do not recognize.

If you still fail to see the specified process, I would recommend getting this free tool from foundstone security: Vision 1.0 (http://www.foundstone.com/resources/termsofuse.htm?file=visionsetup.exe) This program allows you to see pretty much everything going on within your system. You should be able to locate and disable the process allowing you to safely delete the file.

I agree with VanEck
i did the same thing with my virus
no need to boot to dos
check the proceses and end the ones you think are the virus
then you can go and delete the virus

the other way around if you did not end the task you couldn't delete it because it was still in use
try that

Did I not just say that... in more words or less? :confused:

what file did you download from kazaa to start with i dont want to get that file and have the same problem.
i allready had one that was acting funny "wolf3d(full version) becarefull if you down load that one

I thought I was downloading the movie "The Exorcist" kind of ironic - I guess it loaded a demon on to my machine.

Anyway, I got rid of the file. What I finally did was, someone had told me about PandaSoftware (http://www.pandasoftware.com), where you can download a very small app and it scans your pc for viruses - and what do you know, it found one, after I had run Norton and McAfee and neither of them caught it. The only problem is it deleted the virus without giving me any information about it, so now I don't even know what it was. It also found three other files that it tagged as "suspicious" the app allows you to send those files to PandaSoftware and they will test them and if they are viruses and there is a fix for them they will send it to you in 24 hours.

Anyhow, after that I went back and deleted the directory it was in and that was it!! It deleted it. WOOHOO!! :D

So I thank everyone here who made comments and suggestions, no matter what worked and what didn't I definitely learned something it all.

Also if any of you are affiliated or know someone that is affiliated with PandaSoftware I thank them too!

thanks for the info about panda soft its checking my computer right now i hope it works

dont try 2 remove it from command promt , its stell inder the same OS , try del it from m$-dos , if its not workin , try 2 download some AV , i think that norton AV may help ...

I don't know if it is the same thing but I have had files where if you click them kazaa freezes and you can't delete them from kazaa. What I did to get rid of them was just go to my computer then goto program files>kazaa>mysharedfolder and delete the file from there.
That worked for me but I don't think I had a virus.
Good luck
edit
oops, didn't know there was a second page
my bad

Here's a 'stupid trick'. MOST virus' are written in 32bit mode.

If you start up in Safe mode (16 bit)....it is not active; and can be deleted

It's worked for me over and over again.

Yes, I had a situation where I booted to dos or in safe mode and was able to get rid of strange files. But this is a network pc and to do either one of those you must log on to the Administrator profile and we no longer have the ability to do that.