Posts
This is a tricky area for some because virus infections can try a number of tricks to prevent removal. Normally scanning will find the infections you have (provided they are in the anti virus database). One of the tricks worth noting is active write protection. In this case, when the virus is active it could be working to make its directory write protected. In this state it is very difficult to remove because when you turn off write protection, it promptly puts it back. The trick makes it very well protected and hard to treat.
The solution is to shut down the PC and slave its hard drive to a CLEAN system with both antivirus and a utility like R-Wipe&Clean. Power up and find the affected directory. Remove its write protection (remember the virus is now asleep because the system isn't running it any more). Now you must make a decision about what to treat and how. What you decide will depend on what you are seeing. The last time I did this, the virus was heavily write protected. The only thing to do was shred the directory it was in along with any files it contained and then repair damage to the system later. Techniques like this are often brutal, but they are better than formatting the drive to get rid of it.
After confirming that the infection is gone, you may then need to repair/reinstall all or part of the operating system to put back any essential files the removal process affected.
If you have any questions after that, please let me know (but try not to write in from an infected system), thanks.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment