Turn off and then turn on your system restore
First, see if you have another PC or somewhere where there is a good copy of _restore.exe
run AVG and remove the file from the vault from within the AVG program shut down and restart in DOS mode ( or safe mode and run MS Dos prompt) CD to this Volume directory and delete the file using del _restore.exe
Any screw-ups just reinstall windows, its easier that way as long as the virus can be eliminated, thats the main thing!
Access is denied to this folder by default. To fix:
Right click on My Computer Select properties Select System restore Check turn off system restore Apply and reboot computer
This will delete all restore points including viruses backed up there. Remeber to turn system restore back on.
All Trojan horses are hidden files so you would need to go to the Files Option (click the View tab)at Control Panel and uncheck both the *Hide file extension for known file types & *Hide protected operating system files (Recommended)-boxes, then OK yourself out. You will then need to restart your computer and and go into Safe Mode by holding the F8 key down -(kind of at the beginning of bootup). When you're at the DeskTop screen go to Start/ Search/ For Files and Folders and type up the NAME OF THE FILE & EXT (not PSW.Briss.C) but the actual name of the file, which would have shown up on your Anti-Virus software. You can delete this file from here, also make sure to empty your Recycle Bin.
I have had 4 trojan horses on my C drive and kinda figured out the above method a week ago. I deleted the Temp file (as these keep putting the same files back into your system) from the Restore folder after unchecking the hidden files boxes, then went to SafeMode to delete what virus files that were still there. My computer is now absolutely FREE of these pests!
P.S. I also have AVG 6.0 (the free one) & also the Ad-aware 6 and I use them every day as my kids love to play games from the Internet.
I have Windows XP. This worked for me.
Open Control Panel Tools Folder Options View Uncheck "Hide protected operating system files" OK Start Search Files and Folders Enter all or part of trojan file. Search Right click file when found Delete Empty Recycle Bin
Your virus scanner may not be able to access the folder because it does not have permission to do so. See this article for info on how to gain access to the System Volume Information folder:
http://support.microsoft.com/default.aspx?scid=KB;en-us;q309531
try this - If the virus is in the system volume information Download AVG from Grisoft.com, it is free. AVG will not pick it up straight away though. Follow the steps in this page and run AVG complete test. AVG should have picked up your virus this time. (You have the option in AVG to run a custom scan where you can set it to scan the system volume information only).
I am running Windows XP Pro (build 2600) w/SP2 and on this system I am running Avast Antivirus 4.5 Home Edition, ( I alternate between this and Avast Professional when I reformat which is 2x a year) this is an exceptional program as well as it's brother Avast Professional 4.5, upon a daily scan the Home version found this: C:\System Volume Information\_restore{992476EB-89EC-4BBA-ACF9-063EFCB49378}\RP35\A0003426.exe Avast 4.5 Home Edition found and deleted this file, however to be sure I went ahead and did the following: Restart/Safe Mode/Administrator/Desktop/Start/Control Panel/Tools/View/Uncheck both 'hide extensions for known file types' and 'hide protected Operating System files (recommended)' click 'apply' then select 'ok' move towards start/search/all files and folders/*A0003426.exe search yielded nothing after Avast had initially deleted the file in 'normal' startup. I ran Avast Antivirus while in safemode and it came back after scanning the SVI Folder with clean results. Replaced the checkmarks back into the "hide extensions for known file types" and "hide protected Operating System files (recommended)", applied and ok'd, restarted and re-entered normal start-up. Scince I was still bored I re-scanned in normal mode and again Avast found nothing. Well the bottom line is that I didn't have to do much other than carry out this exercise for when I may need to do so again and really have to work. Avast did most if not all the work for me from the get-go.
Answer
You can remove this virus by following these steps .
1 Download and intall the Malwarebytes on your computer .
2 Update your Malwarebytes .
3 Scan your computer for all the malwares in your computer .
4 Remove all the malwares , found while scanning with the malwarebytes .
5 Restart your computer .
This will remove this virus from your computer .
Answer
I have spyware detector 2009. It is rated 5 star. I have had a lot of bad viruses, but this program will get rid of anything. It cost 40 bucks.
No hay comentarios:
Publicar un comentario