Access denied for file and folder

JennyGW

Distinguished
Mar 4, 2013
19
0
18,510
Sorry for the long post.

The system is actually Windows 2003 Server Standard (fully patched and SP'd), but XP is about the same so I used this forum.

I am trying to clear a virus. I can see the .exe file, but when I try and delete it I get "Access Denied".

This usually refers to a file that is being used by a process. I looked at tasklist /m and nothing shows with the file name.

The file and the folder it is in are Hidden and Read Only. I am unable to remove the attributes of either the file or the folder.

I checked permissions on the NTFS drive and I decided to use takeown to make sure the Administrator has ownership. This has not helped.

I have been using the ESET online scanner which successfully finds the file, tells me it has quarantined it, but when I look again it is still there, even after many reboots.

This is the reported line from ESET:-

C:\Documents and Settings\*a users folder*\Application Data\jewsdidit0\zjiujsnjb.exe a variant of Win32/Kryptik.BAJC trojan cleaned by deleting (after the next restart) - quarantined

I tried booting in Safe Mode, Safe with Command Line, Safe with Networking to see if this would unlock the file. No joy.

I can see traffic (using netstat) which should not be there, so I need desperately to solve this problem.

Many thanks in advance for any ideas!

Jenny