Trojan problem

Archived from groups: microsoft.public.windowsme.general (More info?)

I have a problem removing a couple of Trojans from my system when I use Avast
AV in a thorough scan. It tells me that files in
C:\_restore\archive\FS44.cab\A003894.cpy and ...\FS47.cab\A004125.cpy have
trojans but can't fix, remove, quarantine them.

Can I remove these files manually and reinstall clean versions? If not, what
else should I do to delete the Trojans?

James
8 answers Last reply
More about trojan problem
  1. Archived from groups: microsoft.public.windowsme.general (More info?)

    These infections cannot harm you where they are - they are in the System
    Restore archive.
    The only way they can harm your system is if you restore the system to a
    time during which it was infected - and eventually the infected restore
    points will be removed by FIFO.

    If you're concerned that you may inadvertently use an infected restore
    point, reset System Restore to clear all old points, and create a new on -
    do NOT attempt manual editing of the archive!!

    To Reset System Restore -
    System | Performance | File System | Troubleshooting and check
    "Disable System Restore",
    Apply and IMMEDIATELY reboot.
    This will flush you restore folder and erase all checkpoints, then,
    System | Performance | File System | Troubleshooting and uncheck
    "Disable System Restore",
    Apply and again IMMEDIATELY reboot.
    This should now automatically create a new checkpoint immediately following
    the restart.
    Finally adjust the space allocated to the restore folder,
    System | Performance | File System | Hard Disk and adjust the restore slider
    to your preferred setting.

    Most people find that a setting of 200-300MB is sufficient to hold 10-15
    days worth of restore points, unless you are doing a lot of
    installs/uninstalls, or installing large applications (such as Office).


    --
    Noel Paton (MS-MVP 2002-2005, Windows)

    Nil Carborundum Illegitemi
    http://www.btinternet.com/~winnoel/millsrpch.htm

    http://tinyurl.com/6oztj

    Please read http://dts-l.org/goodpost.htm on how to post messages to NG's

    "J. Ascher" <JAscher@discussions.microsoft.com> wrote in message
    news:8584BE9E-217A-40A6-A764-54F876B94727@microsoft.com...
    >I have a problem removing a couple of Trojans from my system when I use
    >Avast
    > AV in a thorough scan. It tells me that files in
    > C:\_restore\archive\FS44.cab\A003894.cpy and ...\FS47.cab\A004125.cpy have
    > trojans but can't fix, remove, quarantine them.
    >
    > Can I remove these files manually and reinstall clean versions? If not,
    > what
    > else should I do to delete the Trojans?
    >
    > James
  2. Archived from groups: microsoft.public.windowsme.general (More info?)

    Noel is correct.

    Also you might want to run an online scan (it's
    independent of your system) to see if anything else is
    lurking. It's safe, free and offers peace of mind as not
    all AV programs find the same nasties.

    Follow these instructions:

    Go to this link http://www.ravantivirus.com/ . In the
    upper left portion of
    the screen, under MENU, you will see "Scan online". Click
    on it.

    On the next page in the RAV Outbreak Security Service
    (orange text) box, at the bottom,
    there's line "To continue without subscribing click here.
    Click there, no need to
    enter anything in the yellow field and no need to hit the
    continue button.

    On the next page you will be in the scanner. It should
    update the latest virus definitions
    automatically. Be patient, it will take some time (~15
    min. on my slow connection) to update.

    After the update is complete (It will say "Update
    finished. Ready to scan." when it's done),
    check the Autoclean box (right below the Scan My PC
    button).

    Then press the "Scan My PC" button and you're off. Again,
    be patient, this will take some time,
    30 minutes on my slow machine.

    HTH

    KB
    >-----Original Message-----
    >These infections cannot harm you where they are - they
    are in the System
    >Restore archive.
    >The only way they can harm your system is if you restore
    the system to a
    >time during which it was infected - and eventually the
    infected restore
    >points will be removed by FIFO.
    >
    >If you're concerned that you may inadvertently use an
    infected restore
    >point, reset System Restore to clear all old points, and
    create a new on -
    >do NOT attempt manual editing of the archive!!
    >
    >To Reset System Restore -
    >System | Performance | File System | Troubleshooting and
    check
    >"Disable System Restore",
    >Apply and IMMEDIATELY reboot.
    >This will flush you restore folder and erase all
    checkpoints, then,
    >System | Performance | File System | Troubleshooting and
    uncheck
    >"Disable System Restore",
    >Apply and again IMMEDIATELY reboot.
    >This should now automatically create a new checkpoint
    immediately following
    >the restart.
    >Finally adjust the space allocated to the restore folder,
    >System | Performance | File System | Hard Disk and adjust
    the restore slider
    >to your preferred setting.
    >
    >Most people find that a setting of 200-300MB is
    sufficient to hold 10-15
    >days worth of restore points, unless you are doing a lot
    of
    >installs/uninstalls, or installing large applications
    (such as Office).
    >
    >
    >
    >
    >--
    >Noel Paton (MS-MVP 2002-2005, Windows)
    >
    >Nil Carborundum Illegitemi
    >http://www.btinternet.com/~winnoel/millsrpch.htm
    >
    >http://tinyurl.com/6oztj
    >
    >Please read http://dts-l.org/goodpost.htm on how to post
    messages to NG's
    >
    >"J. Ascher" <JAscher@discussions.microsoft.com> wrote in
    message
    >news:8584BE9E-217A-40A6-A764-54F876B94727@microsoft.com...
    >>I have a problem removing a couple of Trojans from my
    system when I use
    >>Avast
    >> AV in a thorough scan. It tells me that files in
    >> C:\_restore\archive\FS44.cab\A003894.cpy
    and ...\FS47.cab\A004125.cpy have
    >> trojans but can't fix, remove, quarantine them.
    >>
    >> Can I remove these files manually and reinstall clean
    versions? If not,
    >> what
    >> else should I do to delete the Trojans?
    >>
    >> James
    >
    >
    >.
    >
  3. Archived from groups: microsoft.public.windowsme.general (More info?)

    "J. Ascher" <JAscher@discussions.microsoft.com> wrote

    >I have a problem removing a couple of Trojans from my system when I use
    >Avast
    > AV in a thorough scan. It tells me that files in
    > C:\_restore\archive\FS44.cab\A003894.cpy and ...\FS47.cab\A004125.cpy have
    > trojans but can't fix, remove, quarantine them.
    >
    > Can I remove these files manually and reinstall clean versions? If not,
    > what
    > else should I do to delete the Trojans?
    >
    > James

    Delete your restore points as it seems they are hanging out in there. If
    that doesn´t work, boot up to DOS and delete them there.

    Alias
  4. Archived from groups: microsoft.public.windowsme.general (More info?)

    Your information is very good. I tried to download a trial version of RAV AV,
    but it told me due to MS' acquition of its intellectual property rights, the
    download section is closed. RAV is scaling down and eliminating its AV
    business.

    James

    "KB" wrote:

    > Noel is correct.
    >
    > Also you might want to run an online scan (it's
    > independent of your system) to see if anything else is
    > lurking. It's safe, free and offers peace of mind as not
    > all AV programs find the same nasties.
    >
    > Follow these instructions:
    >
    > Go to this link http://www.ravantivirus.com/ . In the
    > upper left portion of
    > the screen, under MENU, you will see "Scan online". Click
    > on it.
    >
    > On the next page in the RAV Outbreak Security Service
    > (orange text) box, at the bottom,
    > there's line "To continue without subscribing click here.
    > Click there, no need to
    > enter anything in the yellow field and no need to hit the
    > continue button.
    >
    > On the next page you will be in the scanner. It should
    > update the latest virus definitions
    > automatically. Be patient, it will take some time (~15
    > min. on my slow connection) to update.
    >
    > After the update is complete (It will say "Update
    > finished. Ready to scan." when it's done),
    > check the Autoclean box (right below the Scan My PC
    > button).
    >
    > Then press the "Scan My PC" button and you're off. Again,
    > be patient, this will take some time,
    > 30 minutes on my slow machine.
    >
    > HTH
    >
    > KB
    > >-----Original Message-----
    > >These infections cannot harm you where they are - they
    > are in the System
    > >Restore archive.
    > >The only way they can harm your system is if you restore
    > the system to a
    > >time during which it was infected - and eventually the
    > infected restore
    > >points will be removed by FIFO.
    > >
    > >If you're concerned that you may inadvertently use an
    > infected restore
    > >point, reset System Restore to clear all old points, and
    > create a new on -
    > >do NOT attempt manual editing of the archive!!
    > >
    > >To Reset System Restore -
    > >System | Performance | File System | Troubleshooting and
    > check
    > >"Disable System Restore",
    > >Apply and IMMEDIATELY reboot.
    > >This will flush you restore folder and erase all
    > checkpoints, then,
    > >System | Performance | File System | Troubleshooting and
    > uncheck
    > >"Disable System Restore",
    > >Apply and again IMMEDIATELY reboot.
    > >This should now automatically create a new checkpoint
    > immediately following
    > >the restart.
    > >Finally adjust the space allocated to the restore folder,
    > >System | Performance | File System | Hard Disk and adjust
    > the restore slider
    > >to your preferred setting.
    > >
    > >Most people find that a setting of 200-300MB is
    > sufficient to hold 10-15
    > >days worth of restore points, unless you are doing a lot
    > of
    > >installs/uninstalls, or installing large applications
    > (such as Office).
    > >
    > >
    > >
    > >
    > >--
    > >Noel Paton (MS-MVP 2002-2005, Windows)
    > >
    > >Nil Carborundum Illegitemi
    > >http://www.btinternet.com/~winnoel/millsrpch.htm
    > >
    > >http://tinyurl.com/6oztj
    > >
    > >Please read http://dts-l.org/goodpost.htm on how to post
    > messages to NG's
    > >
    > >"J. Ascher" <JAscher@discussions.microsoft.com> wrote in
    > message
    > >news:8584BE9E-217A-40A6-A764-54F876B94727@microsoft.com...
    > >>I have a problem removing a couple of Trojans from my
    > system when I use
    > >>Avast
    > >> AV in a thorough scan. It tells me that files in
    > >> C:\_restore\archive\FS44.cab\A003894.cpy
    > and ...\FS47.cab\A004125.cpy have
    > >> trojans but can't fix, remove, quarantine them.
    > >>
    > >> Can I remove these files manually and reinstall clean
    > versions? If not,
    > >> what
    > >> else should I do to delete the Trojans?
    > >>
    > >> James
    > >
    > >
    > >.
    > >
    >
  5. Archived from groups: microsoft.public.windowsme.general (More info?)

    But you don't need the trial version to do an online
    scan. It is run without installing anything on your
    system. That's what makes it great. If your system is
    compromised or your AV is crippled you can scan without
    using your system. Anytime my personal AV finds anything,
    it's off to RAV for me.

    I suspect you went to RAV and poked around a bit and
    didn't find what I was pointing you to. I've heard
    similar responses from other users, which is why I created
    the instructions in such generic 'easy to follow' detail.

    Try printing my instructions and follow them to the letter
    and I think you'll be in good shape ;).

    Please let me know if it works out for you.

    KB
    >-----Original Message-----
    >Your information is very good. I tried to download a
    trial version of RAV AV,
    >but it told me due to MS' acquition of its intellectual
    property rights, the
    >download section is closed. RAV is scaling down and
    eliminating its AV
    >business.
    >
    >James
    >
    >"KB" wrote:
    >
    >> Noel is correct.
    >>
    >> Also you might want to run an online scan (it's
    >> independent of your system) to see if anything else is
    >> lurking. It's safe, free and offers peace of mind as
    not
    >> all AV programs find the same nasties.
    >>
    >> Follow these instructions:
    >>
    >> Go to this link http://www.ravantivirus.com/ . In the
    >> upper left portion of
    >> the screen, under MENU, you will see "Scan online".
    Click
    >> on it.
    >>
    >> On the next page in the RAV Outbreak Security Service
    >> (orange text) box, at the bottom,
    >> there's line "To continue without subscribing click
    here.
    >> Click there, no need to
    >> enter anything in the yellow field and no need to hit
    the
    >> continue button.
    >>
    >> On the next page you will be in the scanner. It should
    >> update the latest virus definitions
    >> automatically. Be patient, it will take some time (~15
    >> min. on my slow connection) to update.
    >>
    >> After the update is complete (It will say "Update
    >> finished. Ready to scan." when it's done),
    >> check the Autoclean box (right below the Scan My PC
    >> button).
    >>
    >> Then press the "Scan My PC" button and you're off.
    Again,
    >> be patient, this will take some time,
    >> 30 minutes on my slow machine.
    >>
    >> HTH
    >>
    >> KB
    >> >-----Original Message-----
    >> >These infections cannot harm you where they are - they
    >> are in the System
    >> >Restore archive.
    >> >The only way they can harm your system is if you
    restore
    >> the system to a
    >> >time during which it was infected - and eventually the
    >> infected restore
    >> >points will be removed by FIFO.
    >> >
    >> >If you're concerned that you may inadvertently use an
    >> infected restore
    >> >point, reset System Restore to clear all old points,
    and
    >> create a new on -
    >> >do NOT attempt manual editing of the archive!!
    >> >
    >> >To Reset System Restore -
    >> >System | Performance | File System | Troubleshooting
    and
    >> check
    >> >"Disable System Restore",
    >> >Apply and IMMEDIATELY reboot.
    >> >This will flush you restore folder and erase all
    >> checkpoints, then,
    >> >System | Performance | File System | Troubleshooting
    and
    >> uncheck
    >> >"Disable System Restore",
    >> >Apply and again IMMEDIATELY reboot.
    >> >This should now automatically create a new checkpoint
    >> immediately following
    >> >the restart.
    >> >Finally adjust the space allocated to the restore
    folder,
    >> >System | Performance | File System | Hard Disk and
    adjust
    >> the restore slider
    >> >to your preferred setting.
    >> >
    >> >Most people find that a setting of 200-300MB is
    >> sufficient to hold 10-15
    >> >days worth of restore points, unless you are doing a
    lot
    >> of
    >> >installs/uninstalls, or installing large applications
    >> (such as Office).
    >> >
    >> >
    >> >
    >> >
    >> >--
    >> >Noel Paton (MS-MVP 2002-2005, Windows)
    >> >
    >> >Nil Carborundum Illegitemi
    >> >http://www.btinternet.com/~winnoel/millsrpch.htm
    >> >
    >> >http://tinyurl.com/6oztj
    >> >
    >> >Please read http://dts-l.org/goodpost.htm on how to
    post
    >> messages to NG's
    >> >
    >> >"J. Ascher" <JAscher@discussions.microsoft.com> wrote
    in
    >> message
    >> >news:8584BE9E-217A-40A6-A764-
    54F876B94727@microsoft.com...
    >> >>I have a problem removing a couple of Trojans from my
    >> system when I use
    >> >>Avast
    >> >> AV in a thorough scan. It tells me that files in
    >> >> C:\_restore\archive\FS44.cab\A003894.cpy
    >> and ...\FS47.cab\A004125.cpy have
    >> >> trojans but can't fix, remove, quarantine them.
    >> >>
    >> >> Can I remove these files manually and reinstall
    clean
    >> versions? If not,
    >> >> what
    >> >> else should I do to delete the Trojans?
    >> >>
    >> >> James
    >> >
    >> >
    >> >.
    >> >
    >>
    >.
    >
  6. Archived from groups: microsoft.public.windowsme.general (More info?)

    Thanks, I did find the online scan. However, I wanted to see if there were a
    trial version of the software.

    James

    "KB" wrote:

    > But you don't need the trial version to do an online
    > scan. It is run without installing anything on your
    > system. That's what makes it great. If your system is
    > compromised or your AV is crippled you can scan without
    > using your system. Anytime my personal AV finds anything,
    > it's off to RAV for me.
    >
    > I suspect you went to RAV and poked around a bit and
    > didn't find what I was pointing you to. I've heard
    > similar responses from other users, which is why I created
    > the instructions in such generic 'easy to follow' detail.
    >
    > Try printing my instructions and follow them to the letter
    > and I think you'll be in good shape ;).
    >
    > Please let me know if it works out for you.
    >
    > KB
    > >-----Original Message-----
    > >Your information is very good. I tried to download a
    > trial version of RAV AV,
    > >but it told me due to MS' acquition of its intellectual
    > property rights, the
    > >download section is closed. RAV is scaling down and
    > eliminating its AV
    > >business.
    > >
    > >James
    > >
    > >"KB" wrote:
    > >
    > >> Noel is correct.
    > >>
    > >> Also you might want to run an online scan (it's
    > >> independent of your system) to see if anything else is
    > >> lurking. It's safe, free and offers peace of mind as
    > not
    > >> all AV programs find the same nasties.
    > >>
    > >> Follow these instructions:
    > >>
    > >> Go to this link http://www.ravantivirus.com/ . In the
    > >> upper left portion of
    > >> the screen, under MENU, you will see "Scan online".
    > Click
    > >> on it.
    > >>
    > >> On the next page in the RAV Outbreak Security Service
    > >> (orange text) box, at the bottom,
    > >> there's line "To continue without subscribing click
    > here.
    > >> Click there, no need to
    > >> enter anything in the yellow field and no need to hit
    > the
    > >> continue button.
    > >>
    > >> On the next page you will be in the scanner. It should
    > >> update the latest virus definitions
    > >> automatically. Be patient, it will take some time (~15
    > >> min. on my slow connection) to update.
    > >>
    > >> After the update is complete (It will say "Update
    > >> finished. Ready to scan." when it's done),
    > >> check the Autoclean box (right below the Scan My PC
    > >> button).
    > >>
    > >> Then press the "Scan My PC" button and you're off.
    > Again,
    > >> be patient, this will take some time,
    > >> 30 minutes on my slow machine.
    > >>
    > >> HTH
    > >>
    > >> KB
    > >> >-----Original Message-----
    > >> >These infections cannot harm you where they are - they
    > >> are in the System
    > >> >Restore archive.
    > >> >The only way they can harm your system is if you
    > restore
    > >> the system to a
    > >> >time during which it was infected - and eventually the
    > >> infected restore
    > >> >points will be removed by FIFO.
    > >> >
    > >> >If you're concerned that you may inadvertently use an
    > >> infected restore
    > >> >point, reset System Restore to clear all old points,
    > and
    > >> create a new on -
    > >> >do NOT attempt manual editing of the archive!!
    > >> >
    > >> >To Reset System Restore -
    > >> >System | Performance | File System | Troubleshooting
    > and
    > >> check
    > >> >"Disable System Restore",
    > >> >Apply and IMMEDIATELY reboot.
    > >> >This will flush you restore folder and erase all
    > >> checkpoints, then,
    > >> >System | Performance | File System | Troubleshooting
    > and
    > >> uncheck
    > >> >"Disable System Restore",
    > >> >Apply and again IMMEDIATELY reboot.
    > >> >This should now automatically create a new checkpoint
    > >> immediately following
    > >> >the restart.
    > >> >Finally adjust the space allocated to the restore
    > folder,
    > >> >System | Performance | File System | Hard Disk and
    > adjust
    > >> the restore slider
    > >> >to your preferred setting.
    > >> >
    > >> >Most people find that a setting of 200-300MB is
    > >> sufficient to hold 10-15
    > >> >days worth of restore points, unless you are doing a
    > lot
    > >> of
    > >> >installs/uninstalls, or installing large applications
    > >> (such as Office).
    > >> >
    > >> >
    > >> >
    > >> >
    > >> >--
    > >> >Noel Paton (MS-MVP 2002-2005, Windows)
    > >> >
    > >> >Nil Carborundum Illegitemi
    > >> >http://www.btinternet.com/~winnoel/millsrpch.htm
    > >> >
    > >> >http://tinyurl.com/6oztj
    > >> >
    > >> >Please read http://dts-l.org/goodpost.htm on how to
    > post
    > >> messages to NG's
    > >> >
    > >> >"J. Ascher" <JAscher@discussions.microsoft.com> wrote
    > in
    > >> message
    > >> >news:8584BE9E-217A-40A6-A764-
    > 54F876B94727@microsoft.com...
    > >> >>I have a problem removing a couple of Trojans from my
    > >> system when I use
    > >> >>Avast
    > >> >> AV in a thorough scan. It tells me that files in
    > >> >> C:\_restore\archive\FS44.cab\A003894.cpy
    > >> and ...\FS47.cab\A004125.cpy have
    > >> >> trojans but can't fix, remove, quarantine them.
    > >> >>
    > >> >> Can I remove these files manually and reinstall
    > clean
    > >> versions? If not,
    > >> >> what
    > >> >> else should I do to delete the Trojans?
    > >> >>
    > >> >> James
    > >> >
    > >> >
    > >> >.
    > >> >
    > >>
    > >.
    > >
    >
  7. Archived from groups: microsoft.public.windowsme.general (More info?)

    It's good you found the RAV online scan. It's a good
    thing to have as a backup, just in case ;).

    If you're looking for a different AV, you might consider
    to download, install, and update a trial version of
    Kapersky Antivirus.
    http://www.kasperskyusa.com/promotions/?Home
    Kapersky Antivirus Personal 5.0. I haven't used Kapersky
    myself but have read in many threads that it's very good,
    but costs a little more.

    Instructions on how to run it can be found down a little
    ways in a post here http://castlecops.com/postt106277.html.

    Before installing, get offline and disable your current AV
    protection completely. Don't run two AV programs in the
    background at the same time as they will have conflicts
    with each other. You can have two on your system, just
    not running at the same time.

    Happy surfing.

    KB
    >-----Original Message-----
    >Thanks, I did find the online scan. However, I wanted to
    see if there were a
    >trial version of the software.
    >
    >James
    >
    >"KB" wrote:
    >
    >> But you don't need the trial version to do an online
    >> scan. It is run without installing anything on your
    >> system. That's what makes it great. If your system is
    >> compromised or your AV is crippled you can scan without
    >> using your system. Anytime my personal AV finds
    anything,
    >> it's off to RAV for me.
    >>
    >> I suspect you went to RAV and poked around a bit and
    >> didn't find what I was pointing you to. I've heard
    >> similar responses from other users, which is why I
    created
    >> the instructions in such generic 'easy to follow'
    detail.
    >>
    >> Try printing my instructions and follow them to the
    letter
    >> and I think you'll be in good shape ;).
    >>
    >> Please let me know if it works out for you.
    >>
    >> KB
    >> >-----Original Message-----
    >> >Your information is very good. I tried to download a
    >> trial version of RAV AV,
    >> >but it told me due to MS' acquition of its
    intellectual
    >> property rights, the
    >> >download section is closed. RAV is scaling down and
    >> eliminating its AV
    >> >business.
    >> >
    >> >James
    >> >
    >> >"KB" wrote:
    >> >
    >> >> Noel is correct.
    >> >>
    >> >> Also you might want to run an online scan (it's
    >> >> independent of your system) to see if anything else
    is
    >> >> lurking. It's safe, free and offers peace of mind
    as
    >> not
    >> >> all AV programs find the same nasties.
    >> >>
    >> >> Follow these instructions:
    >> >>
    >> >> Go to this link http://www.ravantivirus.com/ . In
    the
    >> >> upper left portion of
    >> >> the screen, under MENU, you will see "Scan online".
    >> Click
    >> >> on it.
    >> >>
    >> >> On the next page in the RAV Outbreak Security
    Service
    >> >> (orange text) box, at the bottom,
    >> >> there's line "To continue without subscribing click
    >> here.
    >> >> Click there, no need to
    >> >> enter anything in the yellow field and no need to
    hit
    >> the
    >> >> continue button.
    >> >>
    >> >> On the next page you will be in the scanner. It
    should
    >> >> update the latest virus definitions
    >> >> automatically. Be patient, it will take some time
    (~15
    >> >> min. on my slow connection) to update.
    >> >>
    >> >> After the update is complete (It will say "Update
    >> >> finished. Ready to scan." when it's done),
    >> >> check the Autoclean box (right below the Scan My PC
    >> >> button).
    >> >>
    >> >> Then press the "Scan My PC" button and you're off.
    >> Again,
    >> >> be patient, this will take some time,
    >> >> 30 minutes on my slow machine.
    >> >>
    >> >> HTH
    >> >>
    >> >> KB
    >> >> >-----Original Message-----
    >> >> >These infections cannot harm you where they are -
    they
    >> >> are in the System
    >> >> >Restore archive.
    >> >> >The only way they can harm your system is if you
    >> restore
    >> >> the system to a
    >> >> >time during which it was infected - and eventually
    the
    >> >> infected restore
    >> >> >points will be removed by FIFO.
    >> >> >
    >> >> >If you're concerned that you may inadvertently use
    an
    >> >> infected restore
    >> >> >point, reset System Restore to clear all old
    points,
    >> and
    >> >> create a new on -
    >> >> >do NOT attempt manual editing of the archive!!
    >> >> >
    >> >> >To Reset System Restore -
    >> >> >System | Performance | File System |
    Troubleshooting
    >> and
    >> >> check
    >> >> >"Disable System Restore",
    >> >> >Apply and IMMEDIATELY reboot.
    >> >> >This will flush you restore folder and erase all
    >> >> checkpoints, then,
    >> >> >System | Performance | File System |
    Troubleshooting
    >> and
    >> >> uncheck
    >> >> >"Disable System Restore",
    >> >> >Apply and again IMMEDIATELY reboot.
    >> >> >This should now automatically create a new
    checkpoint
    >> >> immediately following
    >> >> >the restart.
    >> >> >Finally adjust the space allocated to the restore
    >> folder,
    >> >> >System | Performance | File System | Hard Disk and
    >> adjust
    >> >> the restore slider
    >> >> >to your preferred setting.
    >> >> >
    >> >> >Most people find that a setting of 200-300MB is
    >> >> sufficient to hold 10-15
    >> >> >days worth of restore points, unless you are doing
    a
    >> lot
    >> >> of
    >> >> >installs/uninstalls, or installing large
    applications
    >> >> (such as Office).
    >> >> >
    >> >> >
    >> >> >
    >> >> >
    >> >> >--
    >> >> >Noel Paton (MS-MVP 2002-2005, Windows)
    >> >> >
    >> >> >Nil Carborundum Illegitemi
    >> >> >http://www.btinternet.com/~winnoel/millsrpch.htm
    >> >> >
    >> >> >http://tinyurl.com/6oztj
    >> >> >
    >> >> >Please read http://dts-l.org/goodpost.htm on how to
    >> post
    >> >> messages to NG's
    >> >> >
    >> >> >"J. Ascher" <JAscher@discussions.microsoft.com>
    wrote
    >> in
    >> >> message
    >> >> >news:8584BE9E-217A-40A6-A764-
    >> 54F876B94727@microsoft.com...
    >> >> >>I have a problem removing a couple of Trojans from
    my
    >> >> system when I use
    >> >> >>Avast
    >> >> >> AV in a thorough scan. It tells me that files in
    >> >> >> C:\_restore\archive\FS44.cab\A003894.cpy
    >> >> and ...\FS47.cab\A004125.cpy have
    >> >> >> trojans but can't fix, remove, quarantine them.
    >> >> >>
    >> >> >> Can I remove these files manually and reinstall
    >> clean
    >> >> versions? If not,
    >> >> >> what
    >> >> >> else should I do to delete the Trojans?
    >> >> >>
    >> >> >> James
    >> >> >
    >> >> >
    >> >> >.
    >> >> >
    >> >>
    >> >.
    >> >
    >>
    >.
    >
  8. Archived from groups: microsoft.public.windowsme.general (More info?)

    The Virus Bulletin
    http://www.virusbtn.com/vb100/

    ICSA Labs - TrueSecure Corp.
    http://www.icsalabs.com/html/communities/antivirus/certifiedproducts.shtml

    AV-Test
    http://www.av-test.org/

    --
    Jack E. Martinelli 2002-05 MS MVP for Shell/User / DTS
    Help us help you: http://www.dts-L.org/goodpost.htm
    In Memorium: Alex Nichol
    http://www.microsoft.com/windowsxp/expertzone/meetexperts/nichol.mspx
    Your cooperation is very appreciated.
    ------
    "KB" <KB@discussions.microsoft.com> wrote in message
    news:0a4201c553de$53b76460$a501280a@phx.gbl...
    > It's good you found the RAV online scan. It's a good
    > thing to have as a backup, just in case ;).
    >
    > If you're looking for a different AV, you might consider
    > to download, install, and update a trial version of
    > Kapersky Antivirus.
    > http://www.kasperskyusa.com/promotions/?Home
    > Kapersky Antivirus Personal 5.0. I haven't used Kapersky
    > myself but have read in many threads that it's very good,
    > but costs a little more.
    >
    > Instructions on how to run it can be found down a little
    > ways in a post here http://castlecops.com/postt106277.html.
    >
    > Before installing, get offline and disable your current AV
    > protection completely. Don't run two AV programs in the
    > background at the same time as they will have conflicts
    > with each other. You can have two on your system, just
    > not running at the same time.
    >
    > Happy surfing.
    >
    > KB
    > >-----Original Message-----
    > >Thanks, I did find the online scan. However, I wanted to
    > see if there were a
    > >trial version of the software.
    > >
    > >James
    > >
    > >"KB" wrote:
    > >
    > >> But you don't need the trial version to do an online
    > >> scan. It is run without installing anything on your
    > >> system. That's what makes it great. If your system is
    > >> compromised or your AV is crippled you can scan without
    > >> using your system. Anytime my personal AV finds
    > anything,
    > >> it's off to RAV for me.
    > >>
    > >> I suspect you went to RAV and poked around a bit and
    > >> didn't find what I was pointing you to. I've heard
    > >> similar responses from other users, which is why I
    > created
    > >> the instructions in such generic 'easy to follow'
    > detail.
    > >>
    > >> Try printing my instructions and follow them to the
    > letter
    > >> and I think you'll be in good shape ;).
    > >>
    > >> Please let me know if it works out for you.
    > >>
    > >> KB
    > >> >-----Original Message-----
    > >> >Your information is very good. I tried to download a
    > >> trial version of RAV AV,
    > >> >but it told me due to MS' acquition of its
    > intellectual
    > >> property rights, the
    > >> >download section is closed. RAV is scaling down and
    > >> eliminating its AV
    > >> >business.
    > >> >
    > >> >James
    > >> >
    > >> >"KB" wrote:
    > >> >
    > >> >> Noel is correct.
    > >> >>
    > >> >> Also you might want to run an online scan (it's
    > >> >> independent of your system) to see if anything else
    > is
    > >> >> lurking. It's safe, free and offers peace of mind
    > as
    > >> not
    > >> >> all AV programs find the same nasties.
    > >> >>
    > >> >> Follow these instructions:
    > >> >>
    > >> >> Go to this link http://www.ravantivirus.com/ . In
    > the
    > >> >> upper left portion of
    > >> >> the screen, under MENU, you will see "Scan online".
    > >> Click
    > >> >> on it.
    > >> >>
    > >> >> On the next page in the RAV Outbreak Security
    > Service
    > >> >> (orange text) box, at the bottom,
    > >> >> there's line "To continue without subscribing click
    > >> here.
    > >> >> Click there, no need to
    > >> >> enter anything in the yellow field and no need to
    > hit
    > >> the
    > >> >> continue button.
    > >> >>
    > >> >> On the next page you will be in the scanner. It
    > should
    > >> >> update the latest virus definitions
    > >> >> automatically. Be patient, it will take some time
    > (~15
    > >> >> min. on my slow connection) to update.
    > >> >>
    > >> >> After the update is complete (It will say "Update
    > >> >> finished. Ready to scan." when it's done),
    > >> >> check the Autoclean box (right below the Scan My PC
    > >> >> button).
    > >> >>
    > >> >> Then press the "Scan My PC" button and you're off.
    > >> Again,
    > >> >> be patient, this will take some time,
    > >> >> 30 minutes on my slow machine.
    > >> >>
    > >> >> HTH
    > >> >>
    > >> >> KB
    > >> >> >-----Original Message-----
    > >> >> >These infections cannot harm you where they are -
    > they
    > >> >> are in the System
    > >> >> >Restore archive.
    > >> >> >The only way they can harm your system is if you
    > >> restore
    > >> >> the system to a
    > >> >> >time during which it was infected - and eventually
    > the
    > >> >> infected restore
    > >> >> >points will be removed by FIFO.
    > >> >> >
    > >> >> >If you're concerned that you may inadvertently use
    > an
    > >> >> infected restore
    > >> >> >point, reset System Restore to clear all old
    > points,
    > >> and
    > >> >> create a new on -
    > >> >> >do NOT attempt manual editing of the archive!!
    > >> >> >
    > >> >> >To Reset System Restore -
    > >> >> >System | Performance | File System |
    > Troubleshooting
    > >> and
    > >> >> check
    > >> >> >"Disable System Restore",
    > >> >> >Apply and IMMEDIATELY reboot.
    > >> >> >This will flush you restore folder and erase all
    > >> >> checkpoints, then,
    > >> >> >System | Performance | File System |
    > Troubleshooting
    > >> and
    > >> >> uncheck
    > >> >> >"Disable System Restore",
    > >> >> >Apply and again IMMEDIATELY reboot.
    > >> >> >This should now automatically create a new
    > checkpoint
    > >> >> immediately following
    > >> >> >the restart.
    > >> >> >Finally adjust the space allocated to the restore
    > >> folder,
    > >> >> >System | Performance | File System | Hard Disk and
    > >> adjust
    > >> >> the restore slider
    > >> >> >to your preferred setting.
    > >> >> >
    > >> >> >Most people find that a setting of 200-300MB is
    > >> >> sufficient to hold 10-15
    > >> >> >days worth of restore points, unless you are doing
    > a
    > >> lot
    > >> >> of
    > >> >> >installs/uninstalls, or installing large
    > applications
    > >> >> (such as Office).
    > >> >> >
    > >> >> >
    > >> >> >
    > >> >> >
    > >> >> >--
    > >> >> >Noel Paton (MS-MVP 2002-2005, Windows)
    > >> >> >
    > >> >> >Nil Carborundum Illegitemi
    > >> >> >http://www.btinternet.com/~winnoel/millsrpch.htm
    > >> >> >
    > >> >> >http://tinyurl.com/6oztj
    > >> >> >
    > >> >> >Please read http://dts-l.org/goodpost.htm on how to
    > >> post
    > >> >> messages to NG's
    > >> >> >
    > >> >> >"J. Ascher" <JAscher@discussions.microsoft.com>
    > wrote
    > >> in
    > >> >> message
    > >> >> >news:8584BE9E-217A-40A6-A764-
    > >> 54F876B94727@microsoft.com...
    > >> >> >>I have a problem removing a couple of Trojans from
    > my
    > >> >> system when I use
    > >> >> >>Avast
    > >> >> >> AV in a thorough scan. It tells me that files in
    > >> >> >> C:\_restore\archive\FS44.cab\A003894.cpy
    > >> >> and ...\FS47.cab\A004125.cpy have
    > >> >> >> trojans but can't fix, remove, quarantine them.
    > >> >> >>
    > >> >> >> Can I remove these files manually and reinstall
    > >> clean
    > >> >> versions? If not,
    > >> >> >> what
    > >> >> >> else should I do to delete the Trojans?
    > >> >> >>
    > >> >> >> James
    > >> >> >
    > >> >> >
    > >> >> >.
    > >> >> >
    > >> >>
    > >> >.
    > >> >
    > >>
    > >.
    > >
Ask a new question

Read More

Trojan Microsoft Windows