April 28th, 2004, 08:19 PM
delete a virus
My firewall detected a downloader da virus but it could not delete it. It said something about access rights. The virus is located in the system volume information folder. I cant get into it even after I changed the folder settings to show hidden folders and system files. Can somebody tell me what to try next.
April 28th, 2004, 08:24 PM
Re-Boot into safe mode and run an antivirus scanner.
By the way did you mean to say antivirus and not firewall.
What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry
April 28th, 2004, 08:26 PM
You more than likely cant delete it because it is probbaly running as a process. Open up task manager and look for processes that dont look normal, end them and then try deleting it. Also see if perhaps symantec has a removal tool for the virus.
(kr5kernel at hotmail dot com)
Linux: Making Penguins Cool Since 1994.
April 28th, 2004, 08:35 PM
Also consider trying to change the name of the virus to ".avi" or something. That's worked for me at times when the process was running, others not, but it's worth a try.
May 8th, 2004, 03:11 AM
i really dont know much about removing viri( right spelling for plural of virus right?) but if you even get stuck you can always reinstall over XP...if i'm not right please let me kno. and if its in the registry try registry first aid...i have a setup utility but i havent used it in a while since i havent gotten hit by anything that serious...or so my Norton Internet Security 2004 Pro has detected
May 8th, 2004, 03:35 AM
Well. You should run an AV program to remove it. The permissions could be that you are not admin, or because it is armored. Install AV then do what other people said which is to reboot into safe mode to annihilate the bugger.
May 8th, 2004, 04:31 PM
the key piece of information here is..
The virus is located in the system volume information folder.
You must turn off system restore first.. of course, any restore points you have will be lost.
But you really have no choice in the matter.
May 8th, 2004, 11:15 PM
To delete something that says its still running in XP, you can open up a dos window, naviagate to the place where the thing you wanna delete is, leave the window open, press ctrl-alt-delete, end process explorer.exe, then in the dos window type del filename.exe.
that will delete the file and wont moan about access rights and stuff
May 9th, 2004, 12:02 AM
Often at work when we do virus removals on customers computers we have a tendancy to remove the hard drive and slave it to another pc then run the virus scan on it, that ensures that nothing is running on it and that it will delete everything that needs to be removed. This is of course only if you have another pc with up to date definitions.
PS. Beware it is possible, not likely, but possible to ruin your windows install if one of the core files is corrupted.
Duct tape.....A whole lot of Duct Tape
Spyware/Adaware problem click