| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 49421 | 2004-09-18 13:03:00 | Unkillable virus | george12 (7) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 273500 | 2004-09-18 13:03:00 | My Windows 2000 Advanced Server SP4 PC has a virus I (or NAV 2001 fully updated) cannot remove. The file has exclusive permissions from a strange new user, but NO other users have even read access to it! The file is exactly 16KB, 65536 bytes, and of course I don't have read access so I don't know what it is. Norton Antivirus finds it as soon as I browse to the folder but can't delete it as it does not have permission. What can I do? Cheers George |
george12 (7) | ||
| 273501 | 2004-09-18 13:20:00 | NAV 2001 is getting a bit long in the tooth. If this is a business server George, get a newer product on to it (NOD32 is the best i've come acoss, I've put my money on it recently). If it not critical AVG free may do. Get over to Tren Micro House Call (http://housecall.trendmicro.com/) and give it a scan with a newer product. You might have to block some ports if it's re-infecting over the network plus go through all the PC's connnected to it (is this your web server?). Cheers Murray P |
Murray P (44) | ||
| 273502 | 2004-09-18 13:31:00 | it may be memory resident boot into safe mode, then have another go at deleting it |
45South (4769) | ||
| 273503 | 2004-09-18 19:05:00 | George, Poor mans interim; Run up a boot platform knoppix/dos what ever, give yourself rw access to the drive . drag and drop or c/p the offender to a New Folder, move New Folder to Floppy-C/d whatever . New folder acts like virus vault . if it dosent reboot you can put it back, if it regenerates you can possibly track from where . This wont remove all the reg and configuration entries Ect, but it should put a stop to is missbehaviour . D . , |
drb1 (4492) | ||
| 273504 | 2004-09-19 02:18:00 | New problem: Liveupdate It had screwed itself, so I followed Symantec's advice and deleted the config file. It runs now but doesn't know NAV is installed! [Product0] LANGUAGE=English MONIKER={DE907F20-A4A0-11d2-A985-00104B70545A} PRODUCT=LiveUpdate PRODUCTNAME=LiveUpdate SEQ.LIVEUPDATESEQ=20000815 VERSION=1.62 I think I need to make/find one of these entries for Norton Antivirus. Help! |
george12 (7) | ||
| 273505 | 2004-09-19 02:25:00 | George, Is that 16 kb file still there? D. |
drb1 (4492) | ||
| 273506 | 2004-09-19 02:26:00 | Success! I copied the config files from my XP Pro machine and unleashed 5.5MB of program updates and virus definitions. Rebooting now. Thanks for the help. |
george12 (7) | ||
| 1 | |||||