CorsaLad
Member
Registered: 25th Sep 01
User status: Offline
|
HI,
McAffee detected a virus, but said it could not delete or quarnatine the file. Whenever I try ctrl alt delete it says "Task manage has been disabled by your administrator."
I think I have found the suspect file "syst.exe", but if I try and delete it, I get the message "Cannot delete syst: Access is denied. Make sure that the file is not full or write protected and that the file is currently not in use."
HELP!
|
topshot_2k
Banned
Registered: 1st Dec 03
Location: Northampton Drives: Pug GTi-6
User status: Offline
|
restart in safe mode then delete it/scan again etc
you running XP home?
|
ssj_kakarot
Member
Registered: 29th Apr 03
Location: hartlepool
User status: Offline
|
boot into safe mode and try and run your virus program from there.
to boot into safe mode its usually f8 when your computer is loading up.
|
CorsaLad
Member
Registered: 25th Sep 01
User status: Offline
|
yeah xp home. what does safe mode do?
|
_Allan_
Member
Registered: 24th Mar 04
User status: Offline
|
I'd try safe mode first then try to delete it or follow these steps:
http://www.sophos.com/security/analyses/trojmonbota.html
|
CorsaLad
Member
Registered: 25th Sep 01
User status: Offline
|
thanks for the help!
_Allan_ - not too confident on playing around the with the registry :-S
|
topshot_2k
Banned
Registered: 1st Dec 03
Location: Northampton Drives: Pug GTi-6
User status: Offline
|
safe mode starts XP with the minimum of driver/settings etc. it stop many programs running inc viruses etc. just press F8 at the boot screen then hit safe mode
|
_Allan_
Member
Registered: 24th Mar 04
User status: Offline
|
quote:
Originally posted by CorsaLad
thanks for the help!
_Allan_ - not too confident on playing around the with the registry :-S
Just follow the notes step by step and double check everything your doing. You just have to be careful. You can even save a copy of the registry before you start if you wish.
|
