Hi,

I recently performed a PC Restore on my nearly 6-year-old Dell E310 Dimension computer (which runs Windows XP). Afterwards, I installed Malware Bytes and performed a scan. It found 15 infections - which I deleted. After that, I installed Avast and performed a full scan. Avast found no infections. I then performed a boot-scan…and ran into some issues, which I’d like help with.

Mid-way through the boot-scan, I received this message:

File C:\System Volume Information_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP2\A0000086.rbf|>Data1.cab|>ElShowSpyAbout.exe|>[UPX] is infected by Win32.:Malware-gen

I pressed “1” to “Delete”, and received this message:

Delete: Error 42111 {The operation is not supported for this type of archive.}

I tried “Move to Chest”, and “Repair” too, but they also didn’t work. The only option that worked was “Ignore”.

I’d like to get rid of this virus, and would appreciated any advise as to how to do so.

Thanks.

Stephen

is this a program you know ElShowSpyAbout.exe ?

I'd like to get rid of this virus, and would appreciated any advise as to how to do so.

If this is a virus...you are not infected as it is located in system restore.. but if you should use that restore point, and it is a virus...

so if you do not need the restor points you can delete and create new
http://www.bleepingcomputer.com/tutorials/windows-xp-system-restore-guide/

Hi Pondus,

Thanks for the response.

Well, my intent was to return my computer to factory settings - which is what PC Restore is supposed to do. I don’t know what ElShowSpyAbout.exe is.

I’ll check out your link and determine whether I need my current restore points or not.

Thanks.

Stephen

Well, my intent was to return my computer to factory settings

if so you dont use a restore point but the recovery partition or recovery CD

then it will be as the first day you got it

I believe after PC Restore, my computer is supposed to be like the first day. I’d love to completely wipe everything, and re-install my OS. However, my system never came with a recovery cd, and, although it did come with the Windows XP cd, that cd doesn’t seem to be bootable (I tried changing the BIOS order to no avail). I’m considering requesting a recovery cd from DELL.

In the meantime, I’ll look into the recovery partition and deleting the restore point options.

Thanks.

Stephen

if there is a recovery partition on the disk…

the recovery is usually accessed by tapping the F11 key under start up

have googled a bit and some places they say to hit ctrl+F11 when you see the dell start up logo

Yes, that’s what I did - CTRL+F11.

Well, if that’s the recovery partition, then redoing that probably won’t solve my problem (as I’ve done that at least 3 times over the past 5 days).

My experience with OEM computer manufacturers recovery CDs and partitions is the recovery will only work if your installed hardware exactly matches the configuration as when the PC was new. That includes hard drive, optical drive, etc. Also all existing add on printers and USB devices need to be removed.

OK. That’s good to know.

I decided to go the recovery disk route. I requested the disks Tuesday, and they sent me all of the recovery/re-install disks. So, I’ll perform that this weekend.

I like Avast, so I’ll re-install that, run another boot-scan and see if that resolved the issue.

Quick follow-up.

I reinstalled everything. Then installed and ran Avast - no more boot-scan errors. Yeah!

-s