Can not remove Backdoor.Lastras

[MichaelDay]

This morning, when I come in the office, I notice that theSymantec AntiVirus detected there is a Backdoor.Lastras virus in the system. I try to follow Symantec removal instruction, and the LowVersionSupport key is not in the registry.
Below is the log file:
Scan type: Realtime Protection Scan
Event: Virus Found!
Virus name: Backdoor.Lastras
File: C:\WINNT\system32\msvswc.exe
Location: C:\WINNT\system32
Computer: EXCHANGE
User: SYSTEM
Action taken: Clean failed : Quarantine failed : Access denied
Date found: Thursday, March 04, 2004 6:30:18 PM

How do I remove this virus?

 

[karmic]

did you try a full system scan or manual removal in safe mode?

~ K.I.S.S - Don't make it any more complex than it has to be ~

 

[SESaskDFC]

Howdy:

What operating system??

Murray

 

[MichaelDay]

Murray
My OS is Windows 2000 Server.

 

[SESaskDFC]

Michael:

When you went into the Registry, did you navigate to the exact areas indicated by Norton to check for the addition??

Murray

 

[MichaelDay]

I follow the removal instruction from Symantec:

http://securityresponse.symantec.com/avcenter/venc/data/backdoor.lastras.html

However, I can don't see the "LowVersionSupport"="%System%\<dropped file name>" in either

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices

My question is, can I safely remove these two files:
C:\WINNT\system32\msvswc.exe
C:\WINNT\system32\Rasinf.exe

In SafeMode windows?

 

[SESaskDFC]

As per Symantec...

4: Run a full system scan and delete all the files detected as Backdoor.Lastras

As those are being identified, get rid of them as told !!

Murray

 

[MichaelDay]

I trie dto delete those tow files on Window Normal mode, but I got Access Denied

Should I put Windows in Safemode then delete it?