Is anyone experience like this? How did you removed this threat?

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: sebio <sebio@xxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Thu, 28 Feb 2008 15:34:02 -0800

hi to all viewer,

i'm not sure if these is the right place to post virus problems, but i'm
sure based upon previous reading some questions posted here, i got an idea
and some tips how to do if such thing may happened.
anyway, i have only a free AV installed on my PC but normally i do online
scanning on AV, i use onecare online scan, norton online scan and kaspersky
online scan on my PC, then last week I have infected buy a Trojan. on my
partition volume F.
cropped report:
F:\System Volume Information\MountPointManagerRemoteDatabase Object is
locked skipped

F:\System Volume
Information\_restore{293F2884-3D03-4F2C-813E-C74886B8ABE4}\RP36\A0004733.inf
Infected: Trojan.Win32.Agent.ad skipped

Scan process completed.

Then I start removing the virus using kaspersky trial version but as i
scanned it does not found the virus located on System volume, I also used
ather removing software but to frustration got the same result as virus still
on volume F.

so I decided to reformat drive F, now resolved the issue but lost all data
installed.

then lately I scanned again using online kaspersky scanner & found out being
infected by backdoor these time on volume C. system restore.
as previous option reformatting drive, I don't think i should do that, if
any suggestions how to delete these files located on system restore or how to
access system restore, that would be very helpful to me.
I'm trying to locate this file but i think it is hidden, even if i show all
hidden files, i can't track the location.
here's the scan result:
C:\System Volume Information\MountPointManagerRemoteDatabase Object is
locked skipped

C:\System Volume
Information\_restore{293F2884-3D03-4F2C-813E-C74886B8ABE4}\RP66\A0020006.exe/data0000.cab/DbgSvc.exe Infected: Backdoor.Win32.Rbot.fzp skipped

C:\System Volume
Information\_restore{293F2884-3D03-4F2C-813E-C74886B8ABE4}\RP66\A0020006.exe/data0000.cab/Svchost.exe Infected: Backdoor.Win32.Rbot.fzp skipped

C:\System Volume
Information\_restore{293F2884-3D03-4F2C-813E-C74886B8ABE4}\RP66\A0020006.exe/data0000.cab Infected: Backdoor.Win32.Rbot.fzp skipped

C:\System Volume
Information\_restore{293F2884-3D03-4F2C-813E-C74886B8ABE4}\RP66\A0020006.exe
Rsrc-Package: infected - 3 skipped

C:\System Volume
Information\_restore{293F2884-3D03-4F2C-813E-C74886B8ABE4}\RP84\change.log
Object is locked skipped

Thanks & Best Regards
.

Follow-Ups:
- Re: Is anyone experience like this? How did you removed this threat?
  - From: Kayman
- Re: Is anyone experience like this? How did you removed this threat?
  - From: David H. Lipman
- Re: Is anyone experience like this? How did you removed this threat?
  - From: philo

Prev by Date: Re: Control/C, then Control/V is fine - BUT what happens when you (of
Next by Date: Re: Desktop Setup
Previous by thread: My Computer--Very Slow to Populate with Harddrives
Next by thread: Re: Is anyone experience like this? How did you removed this threat?
Index(es):
- Date
- Thread

Relevant Pages

Re: Boot Sector Viruses
... XP System Restore will simply "resotre" the virus after you remove it ... > Does anyone know of a virus scanner that will run during> the boot process? ... I have several extremely complex> infections where files will either disappear when they're> scanned by my virus scanner or they will simply reappear> after a certain amount of time after I use a scanner and> get rid of them. ...
(microsoft.public.security)
Re: Virus in system restore
... Ithought I had a decent virus checker. ... What I really can't understand is how the file got into a restore point so ... Therefore, I switched off system restore, so it deleted all the files ... real-time scanner as discussed above, and set it to update daily. ...
(microsoft.public.windowsxp.general)
Re: HELP !!!! -- PC freezes during virus scan (nav,avg also online)
... Michael wrote: ... >> But now my PC freezes during virus scan. ... > I've never had too much luck with Trend Micro's online scanner, ... PestPatrol's scanner works ok, but I ...
(microsoft.public.scripting.virus.discussion)
Re: Is anyone experience like this? How did you removed this threat?
... i have only a free AV installed on my PC but normally i do online ... Some virus checkers can repair "infections" within system Volume Info ... any suggestions how to delete these files located on system restore or how ...
(microsoft.public.windowsxp.general)
Re: Please help trojan virus
... >I have been infected with a trojan virus. ... System Restore and you are running XP. ... Update your A/V product regularly or try an online scan ...
(microsoft.public.security.virus)