Re: Protection failure ?
From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 11/19/03
- Next message: Robert Johnson: "Use this patch immediately !"
- Previous message: Mad Max: "Re: Protection failure ?"
- In reply to: Mad Max: "Re: Protection failure ?"
- Next in thread: Mad Max: "Re: Protection failure ?"
- Reply: Mad Max: "Re: Protection failure ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 19 Nov 2003 14:41:21 -0500
MM:
Its a Hidden System directory.
Dave
"Mad Max" <madmax1300REMOVETHIS@REMOVETHISmail.com> wrote in message
news:elANIHtrDHA.2148@TK2MSFTNGP12.phx.gbl...
| David, thank you.
| I had already taken care of the problem, however I did appreciate the URL,
| which I added to my favorites listings. It had just never occurred to me
| that SR would need to be reset. Maybe I should go back and read the URL
| again , since I still cannot understand how my AV and the online checks
| could fail to find the Trojan Horse in my SR.
|
|
| "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
| news:eHbCA4srDHA.556@TK2MSFTNGP11.phx.gbl...
| > MM:
| >
| > Please read the following URL:
| > http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
| >
| > The objective:
| > ------------------
| > - Turn off the System Restore function
| > - Reboot the PC
| > - Using your AV package, perform a full scan of all files on the platform
| and clean/delete
| > infectors found
| > - Turn on the System Restore function
| > - Reboot the PC
| > - Create a new System Restore point.
| >
| > Please report back your results.
| >
| > Dave
| >
| >
| >
| > "Mad Max" <madmax1300REMOVETHIS@REMOVETHISmail.com> wrote in message
| > news:eB$lkssrDHA.4056@TK2MSFTNGP11.phx.gbl...
| > | Greetings All.
| > |
| > | I have a question about a recent problem. I had a few viruses, a home
| page
| > | hi-jacker and a Trojan Horse, or two. All these originated from a Google
| > | search and clicking on a recommended site for XP tutorials. After
| > | eliminating all from my system everything seemed fine , no problems of
| any
| > | type. All virus checks were negative. A few days later, after the
| computer
| > | had sat idle for a while a message popped up on my sign on screen from
| > | Grisoft AV , stating that there was a " Trojan horse
| Downloader.Tooncom.p
| > | found in file C:\system volume Information _ restore" and a series of
| > | numbers followed. I ran a AV check which came back negative. Then went
| > | online and ran online systems checks from Sygate, Panda and Trend Micro.
| All
| > | came back negative. Then went to Spybot S&D & did a check with Hijack
| This,
| > | which came back that my system was clear, with one exception. The
| > | Virus/Trojan Horse was in my System Restore. After going through the
| > | recommend procedures with SR everything is back to normal.
| > | The strange thing is that I never noticed any problems caused with any
| of
| > | the Viruses, Homepage hijackers,or Trojan horses , with the exception of
| > | having to reset my homepage and run the AV etc. The problems were easily
| > | solved.
| > |
| > | Only one question remains. After cleaning Viruses, Trojan Horses ,
| Homepage
| > | Hijackers , etc from an infected system , should System Restore be
| stopped
| > | and a new SR point be made , just as a precautionary measure, and
| included
| > | as another step in cleaning the system ?
| > | Of course there is the question concerning my AVG advising me that I had
| a
| > | Virus, but failing to locate a Virus when used to check the system, and
| none
| > | of the online system checks finding anything either.
| > | The credit goes to Hijack S&D for finding the bugger, and to the person
| > | giving the advice, to clear and reset the SR.
| > | Of course I already knew what the probable solution would be, since the
| > | message first received via the popup from the AV, included "restore" in
| the
| > | report.
| > | So , why did every one of these things fail to find the Trojan Horse?
| > |
| > |
| >
| >
|
|
- Next message: Robert Johnson: "Use this patch immediately !"
- Previous message: Mad Max: "Re: Protection failure ?"
- In reply to: Mad Max: "Re: Protection failure ?"
- Next in thread: Mad Max: "Re: Protection failure ?"
- Reply: Mad Max: "Re: Protection failure ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
