How to remove viruses from shadowcopy?

[Belix]

Hi folks
Sophos antivirus is picking up some viruses stuck away in shadowcopy4 on the SBS2003 server. Unfortunately it cannot remove them or move them to quarantine. I've checked under computer management and shadow copies seem to be disabled. I've also tried using wmic at command prompt and typed in shadowcopy, to which is replies No Instance(s).
Is there a way to manually see the shadowcopy folder and delete it? Some other way?
Thanks guys!

[3ddy]

have you tried using another antivirus to scan and clean?

[rustypup]

have you tried using another antivirus to scan and clean?

shadow copy is read only... nothing, aside from disabling, is supposed to delete them..

@Belix: any chance the error message is pointing to a volume copy of your quarantine folder?

[Belix]

does not seem to be, seems to point straight to the shadow copy.
Weird thing, like I say is that shadowcopy is disabled...
The location of the virus is given as \\.\GLOBALROOT\Device\HarddiskVolumeShadowCopy14\Shares\read\Programmes\....
Trying a full system scan to see if I can figure out anything, but can't imagine it would be able to delete the virus files any easier.

Also have notice that the number of the ShadowCopy number keeps changing...it was ShadowCopy4 earlier today.

[Anakha56]

Ah I had this problem some time ago and we seemed to have solved it. However the link with the instructions is at work, I will only be at work at about 18:30...

[Anakha56]

http://www.nerdparadise.com/blogs/omnipotententity/239/

Belix that solved my virus hidden in shadow copies. Good luck!

[Belix]

Will try it tomorrow, thanks mate!

[Anakha56]

Not a problem, hope it works for you .

[Belix]

weird, tried the command vssadmin as per the article, and it comes back "No items found that satisfy the query"...