Can someone give me a bit more information about the following,
Scan name: Full system scan
- Started on: Saturday, May 29, 2010 7:35:08 PM
- VPS: 100530-0, 30/05/2010
C:\System Volume Information_restore{77D00644-4C26-4B96-B9FF-9CCC5F1956FC}\RP13\A0007935.exe [L] Win32:Renos-LL [Trj] (0)
C:\System Volume Information_restore{77D00644-4C26-4B96-B9FF-9CCC5F1956FC}\RP13\A0007944.exe [L] Win32:Renos-LL [Trj] (0)
C:\System Volume Information_restore{77D00644-4C26-4B96-B9FF-9CCC5F1956FC}\RP6\A0006308.exe [L] Win32:Renos-LL [Trj] (0)
C:\System Volume Information_restore{77D00644-4C26-4B96-B9FF-9CCC5F1956FC}\RP6\A0006309.exe [L] Win32:Renos-LL [Trj] (0)
C:\System Volume Information_restore{77D00644-4C26-4B96-B9FF-9CCC5F1956FC}\RP7\A0006379.exe [L] Win32:Trojan-gen (0)
C:\System Volume Information_restore{77D00644-4C26-4B96-B9FF-9CCC5F1956FC}\RP8\A0006408.exe [L] Win32:Trojan-gen (0)
Infected files: 6
Total files: 154661
Total folders: 14043
Total size: 94.6 GB
I Have tried to delete these files but Avast simply says Error the system cannot find the file specified.
I Have deleted ALL my restore points and rescanned but the above still shows what should I do now ?
have you tried scanning with Malwarebytes ?
Malwarebytes Anti-Malware 1.46 http://filehippo.com/download_malwarebytes_anti_malware/
after install, run update so you are sure you are scanning with latest database
click the remove selected button to quarantine anything found
post the scan log here
That files are on the system restore folder.
Delete your old restore points or disable/enable the system restore to get rid from them.
Windows blocks the avast deleting of that files.
If you already deleted all the restore points, maybe the virus is active. Are you using Windows 98 or Me?
Windows 98 had system restore ???
Sorry, seems Me (C:\System Volume Information_restore). Am I wrong?
Yes, WinME has system restore but I don’t believe it is located in the same folder location as this C:\System Volume Information, which I think was from XP onwards.
The Data Store cannot be moved or modified. Each fixed disk on your computer will also contain a _Restore folder for indexing and monitoring purposes and each of these folders will contain a file called Srdiskid.dat.
This gets more puzzling.
I run Malwarebytes which shows the files and then I delete them.
Run Malwarebytes again and it shows no infected files but when I run Avast it reports the same number of files are still there but then comes up with the previous message (in RED) Error the system cannot find the file specified.
Is Avast correct or Malwarebytes ?
Using windows 7 (32 bit)
I would try an offline (bootable CD) scanner. There may be something memory resident interfering with scans you have been running.