I have Windows 7. I’ve tried everything said in all the threads related to this that I could find, but I still have 11 files of Kavos in System and Volume Information, a folder that does not appear in C:/ not even with show hidden files and folders. On top of that, when I try to access it through the address bar (C:/System and Volume Information), it says access denied. Even after I disabled system restore but it’s still there. I went into safe mode and ran malwarebyte and True Sword complete scans, the latter of which took 12 hours. They found stuff, but even after that, those 11 files stay put. What can I do?
Windows block that folder. You need to change access rights.
But cleaning the restore points should delete them. If new ones are infected, your computer is infected.
uncheck hide protected operating system files which is two entries down from Show all files and folders on Folder Options
your restore points are entered as RP*, example in yr case RP3. RP4, RP5, RP6
whether deleting these files will solve problem if yr computer is infected is another thing
Then again, how is yr computer running? These restore points entries may simply be verbose - just extra words leftover, not doing anything. You may be clean of viruses.
Edit - please remember to recheck Hide protected operating system files in Folder Options
So I got in the folder and the files left over are exe files. Going into safe mode and loading the corresponding inf files, it points to a file called husyuh8.exe, of which I could find no info in google. I could not load the inf files in regular mode. In both modes, I couldn’t delete a single file inside of system volume information, even the shortcut I accidently created. It would ask me if I wanted to send the files to the recycling bin, I click yes and then nothing happens. I set all the permissions, but something is blocking it.
Also, the folders with the viruses have no size info:
When you delete something in system restore you break the chain and that restore point is no longer available - have you deleted your restore points and created a new one ?
XP
[*]Select Start > All Programs > Accessories > System tools > System Restore.
[*]On the dialogue box that appears select Create a Restore Point
[*]Click NEXT
[*]Enter a name e.g. Clean
[*]Click CREATE
You now have a clean restore point, to get rid of the bad ones:
[*]Select Start > All Programs > Accessories > System tools > Disk Cleanup.
[*]In the Drop down box that appears select your main drive e.g. C
[*]Click OK
[*]The System will do some calculation and the display a dialogue box with TABS
[*]Select the More Options Tab.
[*]At the bottom will be a system restore box with a CLEANUP button click this
[*]Accept the Warning and select OK again, the program will close and you are done
. VISTA
To manually create a new Restore Point
[*]Go to Control Panel and select System and Maintenance
[*]Select System
[*]On the left select Advance System Settings and accept the warning if you get one
[*]Select System Protection Tab
[*]Select Create at the bottom
[*]Type in a name i.e. Clean
[*]Select Create
Now we can purge the infected ones
[*]Go back to the System and Maintenance page
[*]Select Performance Information and Tools
[*]On the left select Open Disk Cleanup
[*]Select Files from all users and accept the warning if you get one
[*]In the drop down box select your main drive i.e. C
[*]For a few moments the system will make some calculations
[*]Select the More Options tab
[*]In the System Restore and Shadow Backups select Clean up
[*]Select Delete on the pop up
[]Select OK
[]Select Delete
You are now done
Double Click mbam-setup.exe to install the application.
[*]Make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.
[*]If an update is found, it will download and install the latest version.
[*]Once the program has loaded, select “Perform Full Scan”, then click Scan.
[*]The scan may take some time to finish,so please be patient.
[*]When the scan is complete, click OK, then Show Results to view the results.
[*]Make sure that everything is checked, and click Remove Selected.
[]When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
[]The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
[*]Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
opps restore point cannot be deleted need unblocker next day when windows automatic update run, your window not genuin anymore