ClamWin moved a file to quarantine.
The problem I have is that I cannot delete it. The file was renamed to infected.FlashUtil10a.exe and carries the Adobe Flash Icon.
Trying to delete it with windows explorer (XP SP3) gets a "Access is denied" message. Either "Delete" or "Shift Delete".
The same occurs if I try from the command prompt.
Is ClamWin somehow holding it open?
There have been other files moved to quarantine in the past and I could delete them OK.
As it happens, I believe it is a false positive. I submitted it to https://virusscan.jotti.org/ and it found nothing.

Thanks
pt

Hello,
Strange that a file cannot be deleted from Quarantine. Perhaps there is a pending process that still keeps the file hanging somehow. Have a check on Windows Task Manager to see if there are unexpected processes running; one of those could be the reason why the quarantined file is on hold so you'll just have to kill the process temporarily and remove the file.

Regards,
Antonio

Antonio is right. There is probably an associated malware process that has hooked the malware in quarantine. If you can find what process it is, then delete the process and you can delete the quarantined file. Unfortunately, it may be a hidden process. Sometimes you can get control if you restart in Windows Safe Mode (no networking), but that usually only works on the cheaply written malware. It won't work on the good stuff.

Here's what I would do. Get the free version of Malwarebytes' antimalware program and run a quick scan. You can use its File Assassin tool (found under the More Tools tab) to delete ANY file (be careful!), but you need to find/delete that process also. If Malwarebytes doesn't find the process/folder, try F-Secure's free Blacklight antirootkit program. Just install it to your desktop, and run it. It will give you the option to rename any hidden stuff (processes/files) it finds. It will then restart, and you can check the Blacklight log to see where the renamed file is. Once it has been renamed, it is no longer hidden, and you have control over it to delete it then.

Plan C is Panda's high-tech online scan. Let's don't talk about plan R yet (reformat and reinstall)!

Regards,

Hello All,

Thanks for extra info Bob. I found an app called Process Lasso (free for personal use) which is useful to balance CPU usage when having multiple tasks open. The GUI is showing all running processes (don't know if it is 'smart' enough to show also something hidden by malware) and you can choose to kill a process from there.

Hope this helps,
Antonio

Thanks, Antonio. Process Lasso looks like it does some things that should have been built into Windows. That OS sure is friendly to malware! Malware processes frequently hide in one of the numerous Windows "helpers" like svchost.exe. There can be so many of them on a PC that it is tedious to find malware there, and you may kill something important before you do.

Regards,

So far no good!
Malwarebytes' antimalware program found nothing, F-Secure's free Blacklight antirootkit program found nothing, Panda's high-tech online scan found a bunch of tracking cookies in the folder path of when FireFox was installed. Also a Sasan in a System Restore, which took a bunch of time to learn how to get into "System Volume Information".
I've searched the registry for the file name, but no.
I tried, just for fun, giving myself the same access rights to the file via cacls that I did for the System Volume Information.
Everything appears to be running normally, apart from this file being stuck in Quarantine.
I'll give Lasso a go next. After that I might just delete the file with File Assain, and see what happens.

I'm not up for plan R yet (reformat and reinstall)!
Thanks guys, appreciate your help.

all the pocesses found by Lasso appeared to be OK.
So I fainally gave up and deleted (after several attempts and a couple of reboots) with File Assain.

Very strange.
I guess the next few days will reveal if I've broken something.

Thanks again guys.
Cheers
pt

thanks for sharing such information!

Thank you for the information. I got the same problem too and was wondering what to do about it. A friend suggested this forum. I'll use all the tips that I found here. Thanks!

Why are you trying to delete a file which has been moved to quarantine. Once a virus infected file has been moved to the quarantine,Your antivirus will take care of it,And you dont need to manually delete it.
https://www.litmatelas.com/Topics.asp?kpid=7 simmons matelas