Re: Want advice on Virus Removal

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Ron Martell (ron_at_onlinehelp.bc.ca)
Date: 06/18/04 

Date: Fri, 18 Jun 2004 21:35:41 GMT

"wdsnews" <wdsnews.0440@oregoncity.com> wrote:

>I've tried several anti-virus programs in an attempt to remove viruses from
>my customers' computers. Norton, TrendMicro, PestPatrol, Stinger,
>PC-cillon, all seem unable to remove the viruses they detect. I've seen
>many customers lately, with many different infections. Even Safemode does
>not allow them to be removed.
>
>All of the antivirus programs detect different new pests. They tell me what
>the infection is. They tell me what files are infected. But neither they
>nor I can delete the files. I can find the files on the harddrive. I can
>find entries in the registry. But they won't delete.
>
>I've tried shutting down running processes, but many of the suspect
>processes are considered "critical" by the OS and won't shutdown. I've
>spent most of my time in Safemode, but the files remain locked.
>
>Usually we decide to wait for an antivirus update that can handle the virus
>and sometimes that works. But in two cases we decided to format and
>re-install, which seems like a totally unacceptable solution considering the
>patch situation.
>
>So... now this expert, that I call myself, with over 20 years experience,
>feels like a total novice. I would feel very thankful to everyone who can
>give some advice. Thank you so much.
>

What are some of the specific viruses that are doing this?

And where are these viruses located?

If these viruses are located in the
\System Volume Information\_Restore folder then they are encapsulated
and cannot possibly do anything unless System Restore is used to set
the computer back to a prior date.

To clean up the _Restore folder us Disk Cleanup in the Accessories -
System Tools menu. Go to the More Options tab and click on the Clean
up button in the System Restore (bottom) section. That will eliminate
all but the most recent System Restore point and at least most of the
infected files in the _Restore folder should be gone. If not then use
System Restore to create a new restore point and then use Disk Cleanup
again.

Good luck

Ron Martell Duncan B.C. Canada 

-- 
Microsoft MVP
On-Line Help Computer Service
http://onlinehelp.bc.ca
"The reason computer chips are so small is computers don't eat much."

Relevant Pages

  • Re: E-Mail Viruses
    ... The unfortunate reality and one of the most major side effects of viruses is ... the virus that infected User A will send itself to User B ... The final question I have is why you had to do system restore. ...
    (microsoft.public.security.virus)
  • Re: Help!!! Cannot remove viruses from Uncles Computer!!!
    ... Download SYSCLEAN.COM and place it in that directory. ... Re-enable System Restore and re-apply any System Restore preferences, ... | I use AVG 7.0 and when I scan my Uncle Mario's ... | computer with BOTH Ad-aware SE Personal and AVG I remove about 17-30 viruses ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Help! Slow comp. Tried everything
    ... I've tried to defragment, get rid of viruses, and try a ... system restore, but none of that works either. ...
    (microsoft.public.windowsxp.help_and_support)
  • Re: Cant re-enable system restore.
    ... I know there are not any spyware or viruses on ... > Hi Dave, ... > and when you try to enable it, (turn it back on via the System Restore ...
    (microsoft.public.windowsxp.general)
  • Re: downloader
    ... System restore is often the "Achilles Heel" when it comes to removing ... the sort of infections you have, as viruses etc tend to install in ...
    (microsoft.public.windowsxp.general)