Can't Get Rid of Virus!!!File NOT Accesible

  • Thread starter Thread starter david k.
  • Start date Start date
D

david k.

I downloaded a virus called w32.pinfi - (Norton also had
a list of other names for it.Win32.Parite.a [KAV],
W32/Pate.a [McAfee], Win32.Pinfi.A [CA], PE_PARITE.A
[Trend], W32/Parite-A [Sophos], Win32/Parite.A [RAV])
Norton AV found it but could not quarantine, delete, or
repair it. I have been trying everything to get rid of it
for 6 hours but I cannot not make the file accesible to
me, so that i can delete it. I have gone through
properties - security - advanced like one of the
microsoft pages recommended, Both for the file and
folder. I followed the instructions. It should be
following the rules on the parent file, but it isn't, I
should have the right to delete. I have Window's XP. The
file is in:
c:\documents and settings\brandon\local
settings\temp\brj183.tmp
the virus is in the brj183.tmp file... Is there anyway I
can delete this file. Please help, thank you so much
dave
 
I downloaded a virus called w32.pinfi - (Norton also had
a list of other names for it.Win32.Parite.a [KAV],
W32/Pate.a [McAfee], Win32.Pinfi.A [CA], PE_PARITE.A
[Trend], W32/Parite-A [Sophos], Win32/Parite.A [RAV])
Norton AV found it but could not quarantine, delete, or
repair it. I have been trying everything to get rid of it
for 6 hours but I cannot not make the file accesible to
me, so that i can delete it. I have gone through
properties - security - advanced like one of the
microsoft pages recommended, Both for the file and
folder. I followed the instructions. It should be
following the rules on the parent file, but it isn't, I
should have the right to delete. I have Window's XP. The
file is in:
c:\documents and settings\brandon\local
settings\temp\brj183.tmp
the virus is in the brj183.tmp file... Is there anyway I
can delete this file. Please help, thank you so much
dave

This polymorphic virus attaches to explorer.exe and stays alive by existing
in memory instead of being embodied in an actual file. Have you disabled
System Restore and restarted in Safe Mode yet as described here:

http://securityresponse.symantec.com/avcenter/venc/data/w32.pinfi.html

Until you restart in Safe Mode, the virus will remain active and resistant
to cleaning. While in Safe Mode, you need to manually do the registry edit
that is also described in that article.

To start the system in Safe Mode, press F8 after POST and before Windows
starts to load. In Safe Mode, you must log on with an account that is a
member of the administrative group.

TIP: Since the file infects SCR and EXE files, change your screensaver to
NONE until you have this repaired. Right click the desktop, choose
Properties. Click the Screensaver tab. Select NONE in the box for selected
screensaver and then click OK.
 
Back
Top