Re: "TROJAN" in System Volume Information folder
From: lazaruslong (lazaruslong_at_discussions.microsoft.com)
Date: 10/30/05
- Next message: Carey Frisch [MVP]: "Re: Password hashes"
- Previous message: TaurArian [MVP]: "Re: Connection to Secure Internet sites"
- Maybe in reply to: lazaruslong: ""TROJAN" in System Volume Information folder"
- Next in thread: David H. Lipman: "Re: "TROJAN" in System Volume Information folder"
- Reply: David H. Lipman: "Re: "TROJAN" in System Volume Information folder"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 29 Oct 2005 15:29:01 -0700
Thank you David; but I DID follow that procedure...four times. I also
followed the procedures you prescribed for getting rid of the NETSKY virus to
someone in this newsgroup 11/15/04, i.e. ran Sysclean and Stinger. Both to
no avail. Both report "access denied" to numerous files. Sysclean's log
reports it found 8 viruses but also reports it FAILED to clean the 8. And
Earthlink's SPYAUDIT program STILL reports the "Trojan DP" mentioned.
Any other possibilities?
-- lazaruslong "David H. Lipman" wrote: > From: "lazaruslong" <lazaruslong@discussions.microsoft.com> > > < snip > > > | > | AVG’s TECH SUPPORT REPLY: > | > | Dear Sir/Madam, > | > | Thank you for your email. > | According to your information the file is stored in System Volume > | information folder. Also according to the file name it really is a virus > | itself and not a correct file that has been infected. > | Files placed in the System_volume_information folder are source files for > | the system restore function that is available in Windows XP operating system. > | Files that were healed were moved in their original INFECTED state into this > | folder and it is necessary to DELETE them by following these steps: > | > | 1) Close all open programs. Then right-click My Computer on the Windows > | desktop > | 2) Click on Properties > | 3) Click on the System Restore tab > | 4) Check Turn off System Restore on all drives > | 5) Restart the system > | 6) Go through the first four steps again and uncheck the item mentioned in > | step 4. > | > | Also please note that if the file is stored in this location it is not > | possible for you to manipulate it. It is denied by your operating system. The > | only way to remove the virus is described in the procedure above. > | > | OUR ORIGINAL REQUEST FOR AVG TECH SUPPORT: > | > > > AVG's email reply is correct. Dump the contents of the System Restore Cache as prescribed. > > Reboot the PC and then re-enable the System Restore Cache. > > This will remove any latent infectors stored in the cache. > > http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm > > -- > Dave > http://www.claymania.com/removal-trojan-adware.html > http://www.ik-cs.com/got-a-virus.htm > > >
- Next message: Carey Frisch [MVP]: "Re: Password hashes"
- Previous message: TaurArian [MVP]: "Re: Connection to Secure Internet sites"
- Maybe in reply to: lazaruslong: ""TROJAN" in System Volume Information folder"
- Next in thread: David H. Lipman: "Re: "TROJAN" in System Volume Information folder"
- Reply: David H. Lipman: "Re: "TROJAN" in System Volume Information folder"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
