• Welcome to BirdForum, the internet's largest birding community with thousands of members from all over the world. The forums are dedicated to wild birds, birding, binoculars and equipment and all that goes with it.

    Please register for an account to take part in the discussions in the forum, post your pictures in the gallery and more.
ZEISS DTI thermal imaging cameras. For more discoveries at night, and during the day.

HELP! Removing infected file. (1 Viewer)

Andrew

Andrew

wibble wibble
I discovered I had a virus and struggled to get an update from AVG as my download was being controlled by the virus. Managed it in the end and it was a Trojan called Downloader something or other. AVG dectected it but could not remove an infected file called C:\_restore\temp\A0271357.cpy. I tried to delete it manually through file manager but access was denied. I even tried renaming it and that did not work either.

How can I delete a write protected or a read only file?
 
Sounds like a problem I had a few months ago.

As it happens, I know from one of your previous posts that you are not running Windows XP - which I am - so I don't know if you can restore an old setting from before the day you got infected.

It was the only thing that worked for me.

If you can't do that, then I've got no idea, but from personal and grateful experience, I know there'll be plenty along soon enough to give you more help.

All the best, matey!
 
You can switch of restore - and then alter the permissions so you can go in and delete the files.

But you also have to make adjustments to Registry and (I think) sys.ini

I don't know what anti-virus software you use, but you should be able to e-mail them for instructions. Symantec certainly have a set of instructions for what to do in these circumstances.
 
Hi Andrew,

Turn off System Restore, reboot into Safe Mode (press F5 as the PC boots) and scan with your A/V. When it finishes, re-enable System Restore and reboot as normal.

Andy.
 
Andrew Rowlands said:
Hi Andrew,

Turn off System Restore, reboot into Safe Mode (press F5 as the PC boots) and scan with your A/V. When it finishes, re-enable System Restore and reboot as normal.

Andy.
Click to expand...
How can I switch System restore on and off?
 
Tim Allwood said:
can u not quarantine it and disable access.


...and stay off those dodgy sites!
Click to expand...
It sends them to the Virus Vault but can not remove them as they are write protected files. The file name of the infected file changes all the time. Usually just one or two.

I am giving the dodgy sites a wide berth now!!! ;)
 
I guess you need to know which downloader virus you're dealing with. From a quick look at the web it seems there are several. Once you know, Googling will probably throw up some advice on how to get rid of it.

The latest one seems to be Downloader-LM which appeared last month. McAfee hasn't got much on it yet and I couldn't find anything on the normally excellent Symantec site:
http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=126429
 
Andrew said:
Would it be too drastic to attempt a reformat of the computer and install everything again?
Click to expand...

YES!

To diable System Restore, right-click My Computer choose Properties, click Performance, File System then Troubleshooting....it's at the bottom, if you're using ME.

Andy.
 
Andrew Rowlands said:
Hi Andrew,

Turn off System Restore, reboot into Safe Mode (press F5 as the PC boots) and scan with your A/V. When it finishes, re-enable System Restore and reboot as normal.

Andy.
Click to expand...
YESSS!!!

Many Thanks Andrew (Rowlands)! I rebooted into safe mode and ran AVG with nothign showing up then rebooted into normal mode and ran AVG again. Thankfully nothing showed up again.

If you ever find yourself lost in Devon get in touch with me and I shall give you a guided tour!!! Plus a bottle of vino to take home!

(Glad to see you back Satrow, wondered where you got to. PS : I failed to get the Mealy Redpolls).
 
Glad you got it sorted,Andrew.

I'd also like to thank Andrew Rowlands and several others who generously share their computer knowledge...I've benefited from it on a couple of occasions and really appreciate their efforts.
 
HELP

I am somewhat behind the times with all the internet stuff and viruses, Trojan Horses, etc. But I did download AVG anitvirus and got loads of viruses detected. I don't know what all the names of them were, but I know "klez", or something like that was involved. AVG "healed" a great majority of them. The ones it could not "heal" I put in the "virus vault".

Can I safely delete these files that are in the "vault"? The computer seems to be working fine now (and much faster). Should I just leave them in the "vault" for a while? Before I ran the AVG my computer was working, but ........slow.......... And at times it would seem to "glitch up" a little bit. I believe there are a couple of hundred in the "vault"! I know I should have done something earlier! But I did not want to really mess things up. I did download Spybot and Ad-aware (but when I got into them, they looked so intimidating, I was afraid I would really "screw up things badly" if I tried to use them). Any advice would be appreciated, but be gentle!
 
Last edited:
I deleted all the stuff from the Virus Vault as I did not want any trace of a virus in my computer and Spybot is quite simple really. Give it five minutes and you will basically see there are simple procedures. I just do a Scan then Immunize and look in stored spywatre and delete them.

One problem though I have a Spyware thingy in my computer called 'DSO Exploit' that Spybot fails to delete. It finds it in the scan then fixes it but in every other scan it keeps showing up.
 
Larry Lade said:
HELP
Can I safely delete these files that are in the "vault"?

I did download Spybot and Ad-aware (but I went I got into them, they looked so intimidating, I was afraid I would really "screw up things badly" if I tried to use them). Any advice would be appreciated, but be gentle!
Click to expand...

Hi Larry,

Delete the suckers!

I wrote a piece on Spybot in http://www.birdforum.net/showthread.php?t=19879 the first third of post#3.
The prog may have changed a little since then, follow it as well as you can, ask if you get stuck. Difficult to screw up with either prog, I think.

Andy.
 
Warning! This thread is more than 20 years ago old.
It's likely that no further discussion is required, in which case we recommend starting a new thread. If however you feel your response is required you can still do so.

Similar threads

wolfbirder
Trying to sweep up in Southern Israel 21-26 February 2020
2 3 4
Replies
78
Views
13K
wolfbirder
wolfbirder
wolfbirder
Category:Israel
Replies
0
Views
2K
wolfbirder
wolfbirder
Troubador
Interviews with Optics Repairers: Tony Kay of Optrep
Replies
9
Views
15K
WJC
WJC
opisska
Georgia/Armenia 25.4-7.5.2019
Replies
9
Views
3K
wolfbirder
wolfbirder
Steve Arlow
RansomWare
Replies
1
Views
1K
Steve Arlow
Steve Arlow

Users who are viewing this thread

Total: 2 (members: 0, guests: 2)
Back
Top