Sign in with
Sign up | Sign in
Your question

Trojan problem

Tags:
  • Trojan
  • Microsoft
  • Windows
Last response: in Windows 95/98/ME
Share
Anonymous
May 7, 2005 12:48:01 PM

Archived from groups: microsoft.public.windowsme.general (More info?)

I have a problem removing a couple of Trojans from my system when I use Avast
AV in a thorough scan. It tells me that files in
C:\_restore\archive\FS44.cab\A003894.cpy and ...\FS47.cab\A004125.cpy have
trojans but can't fix, remove, quarantine them.

Can I remove these files manually and reinstall clean versions? If not, what
else should I do to delete the Trojans?

James

More about : trojan problem

Anonymous
May 7, 2005 8:59:51 PM

Archived from groups: microsoft.public.windowsme.general (More info?)

These infections cannot harm you where they are - they are in the System
Restore archive.
The only way they can harm your system is if you restore the system to a
time during which it was infected - and eventually the infected restore
points will be removed by FIFO.

If you're concerned that you may inadvertently use an infected restore
point, reset System Restore to clear all old points, and create a new on -
do NOT attempt manual editing of the archive!!

To Reset System Restore -
System | Performance | File System | Troubleshooting and check
"Disable System Restore",
Apply and IMMEDIATELY reboot.
This will flush you restore folder and erase all checkpoints, then,
System | Performance | File System | Troubleshooting and uncheck
"Disable System Restore",
Apply and again IMMEDIATELY reboot.
This should now automatically create a new checkpoint immediately following
the restart.
Finally adjust the space allocated to the restore folder,
System | Performance | File System | Hard Disk and adjust the restore slider
to your preferred setting.

Most people find that a setting of 200-300MB is sufficient to hold 10-15
days worth of restore points, unless you are doing a lot of
installs/uninstalls, or installing large applications (such as Office).




--
Noel Paton (MS-MVP 2002-2005, Windows)

Nil Carborundum Illegitemi
http://www.btinternet.com/~winnoel/millsrpch.htm

http://tinyurl.com/6oztj

Please read http://dts-l.org/goodpost.htm on how to post messages to NG's

"J. Ascher" <JAscher@discussions.microsoft.com> wrote in message
news:8584BE9E-217A-40A6-A764-54F876B94727@microsoft.com...
>I have a problem removing a couple of Trojans from my system when I use
>Avast
> AV in a thorough scan. It tells me that files in
> C:\_restore\archive\FS44.cab\A003894.cpy and ...\FS47.cab\A004125.cpy have
> trojans but can't fix, remove, quarantine them.
>
> Can I remove these files manually and reinstall clean versions? If not,
> what
> else should I do to delete the Trojans?
>
> James
May 7, 2005 8:59:52 PM

Archived from groups: microsoft.public.windowsme.general (More info?)

Noel is correct.

Also you might want to run an online scan (it's
independent of your system) to see if anything else is
lurking. It's safe, free and offers peace of mind as not
all AV programs find the same nasties.

Follow these instructions:

Go to this link http://www.ravantivirus.com/ . In the
upper left portion of
the screen, under MENU, you will see "Scan online". Click
on it.

On the next page in the RAV Outbreak Security Service
(orange text) box, at the bottom,
there's line "To continue without subscribing click here.
Click there, no need to
enter anything in the yellow field and no need to hit the
continue button.

On the next page you will be in the scanner. It should
update the latest virus definitions
automatically. Be patient, it will take some time (~15
min. on my slow connection) to update.

After the update is complete (It will say "Update
finished. Ready to scan." when it's done),
check the Autoclean box (right below the Scan My PC
button).

Then press the "Scan My PC" button and you're off. Again,
be patient, this will take some time,
30 minutes on my slow machine.

HTH

KB
>-----Original Message-----
>These infections cannot harm you where they are - they
are in the System
>Restore archive.
>The only way they can harm your system is if you restore
the system to a
>time during which it was infected - and eventually the
infected restore
>points will be removed by FIFO.
>
>If you're concerned that you may inadvertently use an
infected restore
>point, reset System Restore to clear all old points, and
create a new on -
>do NOT attempt manual editing of the archive!!
>
>To Reset System Restore -
>System | Performance | File System | Troubleshooting and
check
>"Disable System Restore",
>Apply and IMMEDIATELY reboot.
>This will flush you restore folder and erase all
checkpoints, then,
>System | Performance | File System | Troubleshooting and
uncheck
>"Disable System Restore",
>Apply and again IMMEDIATELY reboot.
>This should now automatically create a new checkpoint
immediately following
>the restart.
>Finally adjust the space allocated to the restore folder,
>System | Performance | File System | Hard Disk and adjust
the restore slider
>to your preferred setting.
>
>Most people find that a setting of 200-300MB is
sufficient to hold 10-15
>days worth of restore points, unless you are doing a lot
of
>installs/uninstalls, or installing large applications
(such as Office).
>
>
>
>
>--
>Noel Paton (MS-MVP 2002-2005, Windows)
>
>Nil Carborundum Illegitemi
>http://www.btinternet.com/~winnoel/millsrpch.htm
>
>http://tinyurl.com/6oztj
>
>Please read http://dts-l.org/goodpost.htm on how to post
messages to NG's
>
>"J. Ascher" <JAscher@discussions.microsoft.com> wrote in
message
>news:8584BE9E-217A-40A6-A764-54F876B94727@microsoft.com...
>>I have a problem removing a couple of Trojans from my
system when I use
>>Avast
>> AV in a thorough scan. It tells me that files in
>> C:\_restore\archive\FS44.cab\A003894.cpy
and ...\FS47.cab\A004125.cpy have
>> trojans but can't fix, remove, quarantine them.
>>
>> Can I remove these files manually and reinstall clean
versions? If not,
>> what
>> else should I do to delete the Trojans?
>>
>> James
>
>
>.
>
Related resources
May 7, 2005 9:53:38 PM

Archived from groups: microsoft.public.windowsme.general (More info?)

"J. Ascher" <JAscher@discussions.microsoft.com> wrote

>I have a problem removing a couple of Trojans from my system when I use
>Avast
> AV in a thorough scan. It tells me that files in
> C:\_restore\archive\FS44.cab\A003894.cpy and ...\FS47.cab\A004125.cpy have
> trojans but can't fix, remove, quarantine them.
>
> Can I remove these files manually and reinstall clean versions? If not,
> what
> else should I do to delete the Trojans?
>
> James

Delete your restore points as it seems they are hanging out in there. If
that doesn´t work, boot up to DOS and delete them there.

Alias
Anonymous
May 7, 2005 11:41:01 PM

Archived from groups: microsoft.public.windowsme.general (More info?)

Your information is very good. I tried to download a trial version of RAV AV,
but it told me due to MS' acquition of its intellectual property rights, the
download section is closed. RAV is scaling down and eliminating its AV
business.

James

"KB" wrote:

> Noel is correct.
>
> Also you might want to run an online scan (it's
> independent of your system) to see if anything else is
> lurking. It's safe, free and offers peace of mind as not
> all AV programs find the same nasties.
>
> Follow these instructions:
>
> Go to this link http://www.ravantivirus.com/ . In the
> upper left portion of
> the screen, under MENU, you will see "Scan online". Click
> on it.
>
> On the next page in the RAV Outbreak Security Service
> (orange text) box, at the bottom,
> there's line "To continue without subscribing click here.
> Click there, no need to
> enter anything in the yellow field and no need to hit the
> continue button.
>
> On the next page you will be in the scanner. It should
> update the latest virus definitions
> automatically. Be patient, it will take some time (~15
> min. on my slow connection) to update.
>
> After the update is complete (It will say "Update
> finished. Ready to scan." when it's done),
> check the Autoclean box (right below the Scan My PC
> button).
>
> Then press the "Scan My PC" button and you're off. Again,
> be patient, this will take some time,
> 30 minutes on my slow machine.
>
> HTH
>
> KB
> >-----Original Message-----
> >These infections cannot harm you where they are - they
> are in the System
> >Restore archive.
> >The only way they can harm your system is if you restore
> the system to a
> >time during which it was infected - and eventually the
> infected restore
> >points will be removed by FIFO.
> >
> >If you're concerned that you may inadvertently use an
> infected restore
> >point, reset System Restore to clear all old points, and
> create a new on -
> >do NOT attempt manual editing of the archive!!
> >
> >To Reset System Restore -
> >System | Performance | File System | Troubleshooting and
> check
> >"Disable System Restore",
> >Apply and IMMEDIATELY reboot.
> >This will flush you restore folder and erase all
> checkpoints, then,
> >System | Performance | File System | Troubleshooting and
> uncheck
> >"Disable System Restore",
> >Apply and again IMMEDIATELY reboot.
> >This should now automatically create a new checkpoint
> immediately following
> >the restart.
> >Finally adjust the space allocated to the restore folder,
> >System | Performance | File System | Hard Disk and adjust
> the restore slider
> >to your preferred setting.
> >
> >Most people find that a setting of 200-300MB is
> sufficient to hold 10-15
> >days worth of restore points, unless you are doing a lot
> of
> >installs/uninstalls, or installing large applications
> (such as Office).
> >
> >
> >
> >
> >--
> >Noel Paton (MS-MVP 2002-2005, Windows)
> >
> >Nil Carborundum Illegitemi
> >http://www.btinternet.com/~winnoel/millsrpch.htm
> >
> >http://tinyurl.com/6oztj
> >
> >Please read http://dts-l.org/goodpost.htm on how to post
> messages to NG's
> >
> >"J. Ascher" <JAscher@discussions.microsoft.com> wrote in
> message
> >news:8584BE9E-217A-40A6-A764-54F876B94727@microsoft.com...
> >>I have a problem removing a couple of Trojans from my
> system when I use
> >>Avast
> >> AV in a thorough scan. It tells me that files in
> >> C:\_restore\archive\FS44.cab\A003894.cpy
> and ...\FS47.cab\A004125.cpy have
> >> trojans but can't fix, remove, quarantine them.
> >>
> >> Can I remove these files manually and reinstall clean
> versions? If not,
> >> what
> >> else should I do to delete the Trojans?
> >>
> >> James
> >
> >
> >.
> >
>
May 8, 2005 12:30:53 AM

Archived from groups: microsoft.public.windowsme.general (More info?)

But you don't need the trial version to do an online
scan. It is run without installing anything on your
system. That's what makes it great. If your system is
compromised or your AV is crippled you can scan without
using your system. Anytime my personal AV finds anything,
it's off to RAV for me.

I suspect you went to RAV and poked around a bit and
didn't find what I was pointing you to. I've heard
similar responses from other users, which is why I created
the instructions in such generic 'easy to follow' detail.

Try printing my instructions and follow them to the letter
and I think you'll be in good shape ;) .

Please let me know if it works out for you.

KB
>-----Original Message-----
>Your information is very good. I tried to download a
trial version of RAV AV,
>but it told me due to MS' acquition of its intellectual
property rights, the
>download section is closed. RAV is scaling down and
eliminating its AV
>business.
>
>James
>
>"KB" wrote:
>
>> Noel is correct.
>>
>> Also you might want to run an online scan (it's
>> independent of your system) to see if anything else is
>> lurking. It's safe, free and offers peace of mind as
not
>> all AV programs find the same nasties.
>>
>> Follow these instructions:
>>
>> Go to this link http://www.ravantivirus.com/ . In the
>> upper left portion of
>> the screen, under MENU, you will see "Scan online".
Click
>> on it.
>>
>> On the next page in the RAV Outbreak Security Service
>> (orange text) box, at the bottom,
>> there's line "To continue without subscribing click
here.
>> Click there, no need to
>> enter anything in the yellow field and no need to hit
the
>> continue button.
>>
>> On the next page you will be in the scanner. It should
>> update the latest virus definitions
>> automatically. Be patient, it will take some time (~15
>> min. on my slow connection) to update.
>>
>> After the update is complete (It will say "Update
>> finished. Ready to scan." when it's done),
>> check the Autoclean box (right below the Scan My PC
>> button).
>>
>> Then press the "Scan My PC" button and you're off.
Again,
>> be patient, this will take some time,
>> 30 minutes on my slow machine.
>>
>> HTH
>>
>> KB
>> >-----Original Message-----
>> >These infections cannot harm you where they are - they
>> are in the System
>> >Restore archive.
>> >The only way they can harm your system is if you
restore
>> the system to a
>> >time during which it was infected - and eventually the
>> infected restore
>> >points will be removed by FIFO.
>> >
>> >If you're concerned that you may inadvertently use an
>> infected restore
>> >point, reset System Restore to clear all old points,
and
>> create a new on -
>> >do NOT attempt manual editing of the archive!!
>> >
>> >To Reset System Restore -
>> >System | Performance | File System | Troubleshooting
and
>> check
>> >"Disable System Restore",
>> >Apply and IMMEDIATELY reboot.
>> >This will flush you restore folder and erase all
>> checkpoints, then,
>> >System | Performance | File System | Troubleshooting
and
>> uncheck
>> >"Disable System Restore",
>> >Apply and again IMMEDIATELY reboot.
>> >This should now automatically create a new checkpoint
>> immediately following
>> >the restart.
>> >Finally adjust the space allocated to the restore
folder,
>> >System | Performance | File System | Hard Disk and
adjust
>> the restore slider
>> >to your preferred setting.
>> >
>> >Most people find that a setting of 200-300MB is
>> sufficient to hold 10-15
>> >days worth of restore points, unless you are doing a
lot
>> of
>> >installs/uninstalls, or installing large applications
>> (such as Office).
>> >
>> >
>> >
>> >
>> >--
>> >Noel Paton (MS-MVP 2002-2005, Windows)
>> >
>> >Nil Carborundum Illegitemi
>> >http://www.btinternet.com/~winnoel/millsrpch.htm
>> >
>> >http://tinyurl.com/6oztj
>> >
>> >Please read http://dts-l.org/goodpost.htm on how to
post
>> messages to NG's
>> >
>> >"J. Ascher" <JAscher@discussions.microsoft.com> wrote
in
>> message
>> >news:8584BE9E-217A-40A6-A764-
54F876B94727@microsoft.com...
>> >>I have a problem removing a couple of Trojans from my
>> system when I use
>> >>Avast
>> >> AV in a thorough scan. It tells me that files in
>> >> C:\_restore\archive\FS44.cab\A003894.cpy
>> and ...\FS47.cab\A004125.cpy have
>> >> trojans but can't fix, remove, quarantine them.
>> >>
>> >> Can I remove these files manually and reinstall
clean
>> versions? If not,
>> >> what
>> >> else should I do to delete the Trojans?
>> >>
>> >> James
>> >
>> >
>> >.
>> >
>>
>.
>
Anonymous
May 8, 2005 7:28:03 AM

Archived from groups: microsoft.public.windowsme.general (More info?)

Thanks, I did find the online scan. However, I wanted to see if there were a
trial version of the software.

James

"KB" wrote:

> But you don't need the trial version to do an online
> scan. It is run without installing anything on your
> system. That's what makes it great. If your system is
> compromised or your AV is crippled you can scan without
> using your system. Anytime my personal AV finds anything,
> it's off to RAV for me.
>
> I suspect you went to RAV and poked around a bit and
> didn't find what I was pointing you to. I've heard
> similar responses from other users, which is why I created
> the instructions in such generic 'easy to follow' detail.
>
> Try printing my instructions and follow them to the letter
> and I think you'll be in good shape ;) .
>
> Please let me know if it works out for you.
>
> KB
> >-----Original Message-----
> >Your information is very good. I tried to download a
> trial version of RAV AV,
> >but it told me due to MS' acquition of its intellectual
> property rights, the
> >download section is closed. RAV is scaling down and
> eliminating its AV
> >business.
> >
> >James
> >
> >"KB" wrote:
> >
> >> Noel is correct.
> >>
> >> Also you might want to run an online scan (it's
> >> independent of your system) to see if anything else is
> >> lurking. It's safe, free and offers peace of mind as
> not
> >> all AV programs find the same nasties.
> >>
> >> Follow these instructions:
> >>
> >> Go to this link http://www.ravantivirus.com/ . In the
> >> upper left portion of
> >> the screen, under MENU, you will see "Scan online".
> Click
> >> on it.
> >>
> >> On the next page in the RAV Outbreak Security Service
> >> (orange text) box, at the bottom,
> >> there's line "To continue without subscribing click
> here.
> >> Click there, no need to
> >> enter anything in the yellow field and no need to hit
> the
> >> continue button.
> >>
> >> On the next page you will be in the scanner. It should
> >> update the latest virus definitions
> >> automatically. Be patient, it will take some time (~15
> >> min. on my slow connection) to update.
> >>
> >> After the update is complete (It will say "Update
> >> finished. Ready to scan." when it's done),
> >> check the Autoclean box (right below the Scan My PC
> >> button).
> >>
> >> Then press the "Scan My PC" button and you're off.
> Again,
> >> be patient, this will take some time,
> >> 30 minutes on my slow machine.
> >>
> >> HTH
> >>
> >> KB
> >> >-----Original Message-----
> >> >These infections cannot harm you where they are - they
> >> are in the System
> >> >Restore archive.
> >> >The only way they can harm your system is if you
> restore
> >> the system to a
> >> >time during which it was infected - and eventually the
> >> infected restore
> >> >points will be removed by FIFO.
> >> >
> >> >If you're concerned that you may inadvertently use an
> >> infected restore
> >> >point, reset System Restore to clear all old points,
> and
> >> create a new on -
> >> >do NOT attempt manual editing of the archive!!
> >> >
> >> >To Reset System Restore -
> >> >System | Performance | File System | Troubleshooting
> and
> >> check
> >> >"Disable System Restore",
> >> >Apply and IMMEDIATELY reboot.
> >> >This will flush you restore folder and erase all
> >> checkpoints, then,
> >> >System | Performance | File System | Troubleshooting
> and
> >> uncheck
> >> >"Disable System Restore",
> >> >Apply and again IMMEDIATELY reboot.
> >> >This should now automatically create a new checkpoint
> >> immediately following
> >> >the restart.
> >> >Finally adjust the space allocated to the restore
> folder,
> >> >System | Performance | File System | Hard Disk and
> adjust
> >> the restore slider
> >> >to your preferred setting.
> >> >
> >> >Most people find that a setting of 200-300MB is
> >> sufficient to hold 10-15
> >> >days worth of restore points, unless you are doing a
> lot
> >> of
> >> >installs/uninstalls, or installing large applications
> >> (such as Office).
> >> >
> >> >
> >> >
> >> >
> >> >--
> >> >Noel Paton (MS-MVP 2002-2005, Windows)
> >> >
> >> >Nil Carborundum Illegitemi
> >> >http://www.btinternet.com/~winnoel/millsrpch.htm
> >> >
> >> >http://tinyurl.com/6oztj
> >> >
> >> >Please read http://dts-l.org/goodpost.htm on how to
> post
> >> messages to NG's
> >> >
> >> >"J. Ascher" <JAscher@discussions.microsoft.com> wrote
> in
> >> message
> >> >news:8584BE9E-217A-40A6-A764-
> 54F876B94727@microsoft.com...
> >> >>I have a problem removing a couple of Trojans from my
> >> system when I use
> >> >>Avast
> >> >> AV in a thorough scan. It tells me that files in
> >> >> C:\_restore\archive\FS44.cab\A003894.cpy
> >> and ...\FS47.cab\A004125.cpy have
> >> >> trojans but can't fix, remove, quarantine them.
> >> >>
> >> >> Can I remove these files manually and reinstall
> clean
> >> versions? If not,
> >> >> what
> >> >> else should I do to delete the Trojans?
> >> >>
> >> >> James
> >> >
> >> >
> >> >.
> >> >
> >>
> >.
> >
>
May 8, 2005 11:58:00 AM

Archived from groups: microsoft.public.windowsme.general (More info?)

It's good you found the RAV online scan. It's a good
thing to have as a backup, just in case ;) .

If you're looking for a different AV, you might consider
to download, install, and update a trial version of
Kapersky Antivirus.
http://www.kasperskyusa.com/promotions/?Home
Kapersky Antivirus Personal 5.0. I haven't used Kapersky
myself but have read in many threads that it's very good,
but costs a little more.

Instructions on how to run it can be found down a little
ways in a post here http://castlecops.com/postt106277.html.

Before installing, get offline and disable your current AV
protection completely. Don't run two AV programs in the
background at the same time as they will have conflicts
with each other. You can have two on your system, just
not running at the same time.

Happy surfing.

KB
>-----Original Message-----
>Thanks, I did find the online scan. However, I wanted to
see if there were a
>trial version of the software.
>
>James
>
>"KB" wrote:
>
>> But you don't need the trial version to do an online
>> scan. It is run without installing anything on your
>> system. That's what makes it great. If your system is
>> compromised or your AV is crippled you can scan without
>> using your system. Anytime my personal AV finds
anything,
>> it's off to RAV for me.
>>
>> I suspect you went to RAV and poked around a bit and
>> didn't find what I was pointing you to. I've heard
>> similar responses from other users, which is why I
created
>> the instructions in such generic 'easy to follow'
detail.
>>
>> Try printing my instructions and follow them to the
letter
>> and I think you'll be in good shape ;) .
>>
>> Please let me know if it works out for you.
>>
>> KB
>> >-----Original Message-----
>> >Your information is very good. I tried to download a
>> trial version of RAV AV,
>> >but it told me due to MS' acquition of its
intellectual
>> property rights, the
>> >download section is closed. RAV is scaling down and
>> eliminating its AV
>> >business.
>> >
>> >James
>> >
>> >"KB" wrote:
>> >
>> >> Noel is correct.
>> >>
>> >> Also you might want to run an online scan (it's
>> >> independent of your system) to see if anything else
is
>> >> lurking. It's safe, free and offers peace of mind
as
>> not
>> >> all AV programs find the same nasties.
>> >>
>> >> Follow these instructions:
>> >>
>> >> Go to this link http://www.ravantivirus.com/ . In
the
>> >> upper left portion of
>> >> the screen, under MENU, you will see "Scan online".
>> Click
>> >> on it.
>> >>
>> >> On the next page in the RAV Outbreak Security
Service
>> >> (orange text) box, at the bottom,
>> >> there's line "To continue without subscribing click
>> here.
>> >> Click there, no need to
>> >> enter anything in the yellow field and no need to
hit
>> the
>> >> continue button.
>> >>
>> >> On the next page you will be in the scanner. It
should
>> >> update the latest virus definitions
>> >> automatically. Be patient, it will take some time
(~15
>> >> min. on my slow connection) to update.
>> >>
>> >> After the update is complete (It will say "Update
>> >> finished. Ready to scan." when it's done),
>> >> check the Autoclean box (right below the Scan My PC
>> >> button).
>> >>
>> >> Then press the "Scan My PC" button and you're off.
>> Again,
>> >> be patient, this will take some time,
>> >> 30 minutes on my slow machine.
>> >>
>> >> HTH
>> >>
>> >> KB
>> >> >-----Original Message-----
>> >> >These infections cannot harm you where they are -
they
>> >> are in the System
>> >> >Restore archive.
>> >> >The only way they can harm your system is if you
>> restore
>> >> the system to a
>> >> >time during which it was infected - and eventually
the
>> >> infected restore
>> >> >points will be removed by FIFO.
>> >> >
>> >> >If you're concerned that you may inadvertently use
an
>> >> infected restore
>> >> >point, reset System Restore to clear all old
points,
>> and
>> >> create a new on -
>> >> >do NOT attempt manual editing of the archive!!
>> >> >
>> >> >To Reset System Restore -
>> >> >System | Performance | File System |
Troubleshooting
>> and
>> >> check
>> >> >"Disable System Restore",
>> >> >Apply and IMMEDIATELY reboot.
>> >> >This will flush you restore folder and erase all
>> >> checkpoints, then,
>> >> >System | Performance | File System |
Troubleshooting
>> and
>> >> uncheck
>> >> >"Disable System Restore",
>> >> >Apply and again IMMEDIATELY reboot.
>> >> >This should now automatically create a new
checkpoint
>> >> immediately following
>> >> >the restart.
>> >> >Finally adjust the space allocated to the restore
>> folder,
>> >> >System | Performance | File System | Hard Disk and
>> adjust
>> >> the restore slider
>> >> >to your preferred setting.
>> >> >
>> >> >Most people find that a setting of 200-300MB is
>> >> sufficient to hold 10-15
>> >> >days worth of restore points, unless you are doing
a
>> lot
>> >> of
>> >> >installs/uninstalls, or installing large
applications
>> >> (such as Office).
>> >> >
>> >> >
>> >> >
>> >> >
>> >> >--
>> >> >Noel Paton (MS-MVP 2002-2005, Windows)
>> >> >
>> >> >Nil Carborundum Illegitemi
>> >> >http://www.btinternet.com/~winnoel/millsrpch.htm
>> >> >
>> >> >http://tinyurl.com/6oztj
>> >> >
>> >> >Please read http://dts-l.org/goodpost.htm on how to
>> post
>> >> messages to NG's
>> >> >
>> >> >"J. Ascher" <JAscher@discussions.microsoft.com>
wrote
>> in
>> >> message
>> >> >news:8584BE9E-217A-40A6-A764-
>> 54F876B94727@microsoft.com...
>> >> >>I have a problem removing a couple of Trojans from
my
>> >> system when I use
>> >> >>Avast
>> >> >> AV in a thorough scan. It tells me that files in
>> >> >> C:\_restore\archive\FS44.cab\A003894.cpy
>> >> and ...\FS47.cab\A004125.cpy have
>> >> >> trojans but can't fix, remove, quarantine them.
>> >> >>
>> >> >> Can I remove these files manually and reinstall
>> clean
>> >> versions? If not,
>> >> >> what
>> >> >> else should I do to delete the Trojans?
>> >> >>
>> >> >> James
>> >> >
>> >> >
>> >> >.
>> >> >
>> >>
>> >.
>> >
>>
>.
>
Anonymous
May 8, 2005 9:55:33 PM

Archived from groups: microsoft.public.windowsme.general (More info?)

The Virus Bulletin
http://www.virusbtn.com/vb100/

ICSA Labs - TrueSecure Corp.
http://www.icsalabs.com/html/communities/antivirus/cert...

AV-Test
http://www.av-test.org/

--
Jack E. Martinelli 2002-05 MS MVP for Shell/User / DTS
Help us help you: http://www.dts-L.org/goodpost.htm
In Memorium: Alex Nichol
http://www.microsoft.com/windowsxp/expertzone/meetexper...
Your cooperation is very appreciated.
------
"KB" <KB@discussions.microsoft.com> wrote in message
news:0a4201c553de$53b76460$a501280a@phx.gbl...
> It's good you found the RAV online scan. It's a good
> thing to have as a backup, just in case ;) .
>
> If you're looking for a different AV, you might consider
> to download, install, and update a trial version of
> Kapersky Antivirus.
> http://www.kasperskyusa.com/promotions/?Home
> Kapersky Antivirus Personal 5.0. I haven't used Kapersky
> myself but have read in many threads that it's very good,
> but costs a little more.
>
> Instructions on how to run it can be found down a little
> ways in a post here http://castlecops.com/postt106277.html.
>
> Before installing, get offline and disable your current AV
> protection completely. Don't run two AV programs in the
> background at the same time as they will have conflicts
> with each other. You can have two on your system, just
> not running at the same time.
>
> Happy surfing.
>
> KB
> >-----Original Message-----
> >Thanks, I did find the online scan. However, I wanted to
> see if there were a
> >trial version of the software.
> >
> >James
> >
> >"KB" wrote:
> >
> >> But you don't need the trial version to do an online
> >> scan. It is run without installing anything on your
> >> system. That's what makes it great. If your system is
> >> compromised or your AV is crippled you can scan without
> >> using your system. Anytime my personal AV finds
> anything,
> >> it's off to RAV for me.
> >>
> >> I suspect you went to RAV and poked around a bit and
> >> didn't find what I was pointing you to. I've heard
> >> similar responses from other users, which is why I
> created
> >> the instructions in such generic 'easy to follow'
> detail.
> >>
> >> Try printing my instructions and follow them to the
> letter
> >> and I think you'll be in good shape ;) .
> >>
> >> Please let me know if it works out for you.
> >>
> >> KB
> >> >-----Original Message-----
> >> >Your information is very good. I tried to download a
> >> trial version of RAV AV,
> >> >but it told me due to MS' acquition of its
> intellectual
> >> property rights, the
> >> >download section is closed. RAV is scaling down and
> >> eliminating its AV
> >> >business.
> >> >
> >> >James
> >> >
> >> >"KB" wrote:
> >> >
> >> >> Noel is correct.
> >> >>
> >> >> Also you might want to run an online scan (it's
> >> >> independent of your system) to see if anything else
> is
> >> >> lurking. It's safe, free and offers peace of mind
> as
> >> not
> >> >> all AV programs find the same nasties.
> >> >>
> >> >> Follow these instructions:
> >> >>
> >> >> Go to this link http://www.ravantivirus.com/ . In
> the
> >> >> upper left portion of
> >> >> the screen, under MENU, you will see "Scan online".
> >> Click
> >> >> on it.
> >> >>
> >> >> On the next page in the RAV Outbreak Security
> Service
> >> >> (orange text) box, at the bottom,
> >> >> there's line "To continue without subscribing click
> >> here.
> >> >> Click there, no need to
> >> >> enter anything in the yellow field and no need to
> hit
> >> the
> >> >> continue button.
> >> >>
> >> >> On the next page you will be in the scanner. It
> should
> >> >> update the latest virus definitions
> >> >> automatically. Be patient, it will take some time
> (~15
> >> >> min. on my slow connection) to update.
> >> >>
> >> >> After the update is complete (It will say "Update
> >> >> finished. Ready to scan." when it's done),
> >> >> check the Autoclean box (right below the Scan My PC
> >> >> button).
> >> >>
> >> >> Then press the "Scan My PC" button and you're off.
> >> Again,
> >> >> be patient, this will take some time,
> >> >> 30 minutes on my slow machine.
> >> >>
> >> >> HTH
> >> >>
> >> >> KB
> >> >> >-----Original Message-----
> >> >> >These infections cannot harm you where they are -
> they
> >> >> are in the System
> >> >> >Restore archive.
> >> >> >The only way they can harm your system is if you
> >> restore
> >> >> the system to a
> >> >> >time during which it was infected - and eventually
> the
> >> >> infected restore
> >> >> >points will be removed by FIFO.
> >> >> >
> >> >> >If you're concerned that you may inadvertently use
> an
> >> >> infected restore
> >> >> >point, reset System Restore to clear all old
> points,
> >> and
> >> >> create a new on -
> >> >> >do NOT attempt manual editing of the archive!!
> >> >> >
> >> >> >To Reset System Restore -
> >> >> >System | Performance | File System |
> Troubleshooting
> >> and
> >> >> check
> >> >> >"Disable System Restore",
> >> >> >Apply and IMMEDIATELY reboot.
> >> >> >This will flush you restore folder and erase all
> >> >> checkpoints, then,
> >> >> >System | Performance | File System |
> Troubleshooting
> >> and
> >> >> uncheck
> >> >> >"Disable System Restore",
> >> >> >Apply and again IMMEDIATELY reboot.
> >> >> >This should now automatically create a new
> checkpoint
> >> >> immediately following
> >> >> >the restart.
> >> >> >Finally adjust the space allocated to the restore
> >> folder,
> >> >> >System | Performance | File System | Hard Disk and
> >> adjust
> >> >> the restore slider
> >> >> >to your preferred setting.
> >> >> >
> >> >> >Most people find that a setting of 200-300MB is
> >> >> sufficient to hold 10-15
> >> >> >days worth of restore points, unless you are doing
> a
> >> lot
> >> >> of
> >> >> >installs/uninstalls, or installing large
> applications
> >> >> (such as Office).
> >> >> >
> >> >> >
> >> >> >
> >> >> >
> >> >> >--
> >> >> >Noel Paton (MS-MVP 2002-2005, Windows)
> >> >> >
> >> >> >Nil Carborundum Illegitemi
> >> >> >http://www.btinternet.com/~winnoel/millsrpch.htm
> >> >> >
> >> >> >http://tinyurl.com/6oztj
> >> >> >
> >> >> >Please read http://dts-l.org/goodpost.htm on how to
> >> post
> >> >> messages to NG's
> >> >> >
> >> >> >"J. Ascher" <JAscher@discussions.microsoft.com>
> wrote
> >> in
> >> >> message
> >> >> >news:8584BE9E-217A-40A6-A764-
> >> 54F876B94727@microsoft.com...
> >> >> >>I have a problem removing a couple of Trojans from
> my
> >> >> system when I use
> >> >> >>Avast
> >> >> >> AV in a thorough scan. It tells me that files in
> >> >> >> C:\_restore\archive\FS44.cab\A003894.cpy
> >> >> and ...\FS47.cab\A004125.cpy have
> >> >> >> trojans but can't fix, remove, quarantine them.
> >> >> >>
> >> >> >> Can I remove these files manually and reinstall
> >> clean
> >> >> versions? If not,
> >> >> >> what
> >> >> >> else should I do to delete the Trojans?
> >> >> >>
> >> >> >> James
> >> >> >
> >> >> >
> >> >> >.
> >> >> >
> >> >>
> >> >.
> >> >
> >>
> >.
> >
!