-
1 Attachment(s)
Hey, I've been getting this message at my start screen for a while and when I run my antivirus program, it can't remove it because neither my account nor my administrator account can access the folder where it is located!? Anyone have any suggestions
Steve Newport
-GFX Gallery (Photoshop AND XaraX)-
-My Gallery-
-<A HREF="http://www.artconspiracy.com/conspiracy_user.asp?id=2144113387" TARGET=_blank>Art Conspiracy
*new* with a mix of my photography/paintings/xara</A>
-
Hey, I've been getting this message at my start screen for a while and when I run my antivirus program, it can't remove it because neither my account nor my administrator account can access the folder where it is located!? Anyone have any suggestions
Steve Newport
-GFX Gallery (Photoshop AND XaraX)-
-My Gallery-
-<A HREF="http://www.artconspiracy.com/conspiracy_user.asp?id=2144113387" TARGET=_blank>Art Conspiracy
*new* with a mix of my photography/paintings/xara</A>
-
No anti-virus program can detect and remove every virus every time, so it's good to run an additional antivirus program to cross check.
Go to www.srnmicro.com and download the 30 day trial of Solo Anti-virus. This small (1.7 meg ) program has saved my bacon more than once, and its very simple interface makes virus removal easy.
Alternatively, go to www.trendmicro.com and use their free virus scan. It will find and remove viruses as well.
( No, I don't work for or have any financial association with either company)
Good Luck,
- Andrew
-
Andrew is right Steve, Apsiv.A is a REAL worm ... and it looks like you are running AVG virus protection on your computer. You might take his advise and go to the trendmicro site. They have added this worm to their DAT file for removal.
-Ed.
-
The problem is that the virus is in the System Restore feature of Windows. This might help. Its from (sorry for the long URL!)
http://crm.my-etrust.com/default.asp...20in%20restore
Virus found in the C:\...\_restore directory
Summary:
I have a virus and cannot delete a file, what do I do?
Resolution:
If you have a virus and the file is unable to be deleted, this behavior occurs because of the System Restore feature in Windows Millennium Edition (Me) and Windows XP.
The System Restore feature protects all folders and files in the _Restore folder on the Windows Me/XP system partition. This folder and all of its subfolders are the data store that the System Restore feature uses to restore your computer's operating system to a previous state from a previous point in time. Although some antivirus programs may have the ability to work with files that have been compressed or stored in .zip or .cab file format, the System Restore feature does not permit these utilities to manipulate these files within the data store. The data store is protected for data integrity purposes, and the System Restore feature is the only method you can use to obtain access to the data store. Because of this, EZ Antivirus or any other antivirus program will be unable to remove the virus from the file or files in the data store. The files in the data store are inactive and can be used only by the System Restore feature. (as quoted from Microsoft knowledge base article 263455)
Please review the information below on how to remove these files from your computer.
For Windows ME or XP systems, deleted files are still in the System Restore folder due to these operating systems' Restore features. When an infected file is deleted, the Restore feature will back up the file for future restoration. The user must manually delete this file in the Restore folder. To do this:
For Windows ME
Right click the My Computer icon on the Desktop and select Properties.
Select the Performance Tab, click the File System button.
Select the Troubleshooting tab, then put a check mark next to 'Disable System Restore.'
Click Apply > Close > Close. When prompted to restart the computer, click Yes. The System Restore utility is then disabled.
Restart your computer in Safe Mode and continue with the scan/clean process. Files under the _Restore folder can now be deleted.
To re-enable System Restore, simply follow steps 1 to 4 this time, removing the check mark next to 'Disable System Restore.'
Restart your system normally.
For Windows XP
Select the Start button, right click the My Computer icon and select Properties.
Select the System Restore tab, and put a check mark next to 'Turn off System Restore on all drives.'
Click Apply > Yes > OK. The System Restore Utility is then disabled.
Continue with the scan/clean process. Files under the _Restore folder can now be deleted.
To re-enable System Restore, simply follow steps 1 to 3, this time, removing the check mark next to 'Turn off System Restore on all drives.'
For further information, please see the Microsoft Knowledge Base article below.
http://support.microsoft.com/default...;EN-US;q263455
After you finish the steps outlined in that document, run another full virus scan.
If this document did not help you answer your question(s), please Click Here to contact a Web Support Representative.
See Also:
How does eTrust EZ Antivirus detect viruses?
How to submit a virus sample
Related Categories:
TOP > eTrust EZ Antivirus (Personal Edition)
-
Richard has posted this before but it is worth mentioning again, Earthlink and some of it's sister companies including Mindspring and others, offers a SPAM Blocker and a Virus Filter for all incoming mail.
Suspect mail is placed in a Suspected SPAM folder and about 98% of the messages are SPAM. There is also a Known SPAM folder containing all messages from known spammers.
When the virus protection feature is enabled, any messages received with viruses have the viruses removed and a small green icon alerts you to this fact.
In additon, there is a folder of Viruses which cannot be removed. You can select all the messages, or any message in the other folders and delete them on the Earthlink server without every having to download them first.
You can also use the Web Mail component as your e-mail client if you wish.
For more information Click here
Gary
Gary Priester
Moderator Person
<a href="http://www.gwpriester.com">
www.gwpriester.com </a>
<a href="http://www.xaraxone.com">
The Xara Xone </a>