Please help!

I am trying to do a favor for my brother-in-law who knows nothing about computers. He obviously was infected with a virus. I downloaded Avast 4.6 home edition to try to remove it. I discovered that over 100 files were infected. I was able to either repair, move, or delete some of them. I am now left with 47. Some are adware and some are trojans. Avast will not allow me to move these files to the chest or repair them. An error appears stating something about the file being in use. So, I tried to delete them and I either receive the same error or the log shows that they will be deleted at next startup. I then restart the computer and rerun Avast, all 47 files are still detected and still infected. These files are all located at C:_RESTORE\TEMP\ or C:_RESTORE\ARCHIVE. I have also tried to just manually delete these files from the computer, but I cannot do that either. I would really appreciate any help.

Thanks,
BluEyedDee

Disable system restore and reboot, this should clear the restore points.

Win XP-ME - How to disable System Restore

Once you have disabled system restore, reboot, that should automatically delete the contents of the _Restore folders. Scan your PC again and if clear enable system restore.

Thanks! I was able to clear all but 4 of the files. The files that are left are all located at C:_RESTORE\ARCHIVE. The files are FS132.CAB, FS134.CAB, FS136.CAB, and FS137.CAB. Any suggestions on what to do about these?

Thanks,
BluEyedDee

Disabling system restore and rebooting should have got rid of them all.

I’m not sure if booting into safe mode and trying to delete them manualy would work.

Disabling system restore and rebooting got rid of all of the ones that were in C:_RESTORE\TEMP but not the ones in C:_RESTORE\ARCHIVE. I tried booting into safe mode and manually deleting them, but I receive the same “access is denied” error message.

I’m at a loss, one I don’t use winME and the expected result was to clear all restore points including the archive sub folders contents.

Was your system still disabled when you booted into safe mode? some times it is re-enabled.

There are some programs that can delete stubborn files outside of windows, MoveOnBoot which also can delete on next boot.

Try Unlocker (http://ccollomb.free.fr/unlocker/) or Delete FXP (http://www.jrtwine.com/).
See more info: http://forum.avast.com/index.php?topic=15680.0

You could use the “Advanced File Remover” feature in RejZoR’s avast! External Control available from http://www.excessive-software.tk/

Or, the following command line sintax:

DEL \.\letter:\path\filename
DEL “\.\letter:\path\file name”

For instance:
DEL \.\c:\somedir\aux

Thanks for all of the suggestions, but unfortunately none worked. I tried each one and I keep receiving the same error “access denied.” I would really appreciate any other suggestions.

Thanks

Did you try running the command lines booting into Safe Mode?

After trying all of the suggestions, I decided to enable system restore, reboot, then disable system restore again. This time ALL restore files were cleared! Thanks for all of your help!

Glad we could help, welcome to the forums.