would you be so kind and help me with this issue, please?
Recently I visited my friend with my USB flash memory stick. When my friend put it into USB port his Avast! 4.8 Professional annouced him that the USB flash memory stick was infected with the virus win32:Trojan-gen {Other} It took me by a great surprise since I have installed the same antivirus software on my notebook-on all the time… and it is updated on everyday basis.
Then I let my antivirus prog Avast! 4.8 Professional check my notebook after the restart with the delete of the infected files right away. The result was the list of announcements such as this:
2217E8}\RP118\AOO31293.exe\Toolbar.exe[Embedded#040d0] is infected with the virus win32:Trojan-gen {Other}
Delete: Error 42111 {Operation is not supported for this type of archive.}
Soubor D:\System volume information_restore{DBA14E4B-AE2F-43EB-AF97-F3C6D62217E8}\RP126\A0033155.exe\Toolbar.exe[Embedded#040d0] is infected with the virus win32:Trojan-gen {Other}
Delete: Error 42111 {Operation is not supported for this type of archive.}
Soubor D:\System volume information_restore{DBA14E4B-AE2F-43EB-AF97-F3C6D62217E8}\RP127\A0033553.EXE\wise0006.bin\wise0021.bin Error 42146 {Archive of the instalator is damaged.}
Soubor D:\System volume information_restore{DBA14E4B-AE2F-43EB-AF97-F3C6D62217E8}\RP127\A0033553.EXE\wise0006.bin\wise0021.bin Error 42146 {Archive of the instalator is damaged.}
Soubor D:\System volume information_restore{DBA14E4B-AE2F-43EB-AF97-F3C6D62217E8}\RP126\A0033559.exe\Toolbar.exe[Embedded#040d0] is infected with the virus win32:Trojan-gen {Other}
Delete: Error 42111 {Operation is not supported for this type of archive.}
Among the eventual side-effects of this trojan might be slow processing of operations, inability to open many Internet windows as it was possible previously, and brighter column through the desktop of the notebook. System restoration is disabled. I run Win XP, 2GB RAM and 3 GB processor.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:43:13 PM, on 7/1/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Disabling system restore (for all partitions) and rebooting would clear all restore points in the D:\System volume information folder, so wait until you are clear before enabling it again and it will create a clean restore point.
A newer version of service pack is available. Service packs increase the safety of your system. Visit Microsoft's windowsupdate site to download the newest version of the service pack.
We didn't detect any active process of a firewall on your system. Reasons maybe:
(1.) You are using the windows firewall or a hardware firewall.
(2.) You are using a firewall of an unknown vendor.
(3.) You are using a firewall, but for unknown reasons it is disabled
(4.) You don't use any firewall at all.
It should be capable of blocking unauthorised outbound Internet Connections.
Whilst the windows XP firewall is usually good at keeping your ports stealthed (hidden) it provides no outbound protection and you should consider a third party firewall.
Any malware that manages to get past your defences will have free reign to connect to the internet to either download more of the same, pass your personal data (sensitive or otherwise, user names, passwords, keylogger retrieved data, etc.) or open a backdoor to your computer, so outbound protection is essential.
There are many freeware firewalls such as, Comodo, PCTools Firewall Plus, Jetico, etc. - Zone Alarm free works fine with avast and has a reasonably friendly user interface, however, the free version is becoming bloated with trial ware and is also crippled as far as outbound protection goes In the Program Control, configuration area, the slider will only goes as far as Medium protection, if you want more you have to buy the Pro version.
I don’t see anything in your post about a trojan that doesn’t want to be removed ???
I have told you how to remove any infected restore points if that is what you mean. If not I need more information on exactly what this is ?
The trojan whatever it is isn’t running from any of those restore point files you gave.
Something else I didn’t pick up on in your first post, is the ‘Deletion’ word.
Deletion isn’t really a good first option (you have none left), ‘first do no harm’ don’t delete, send virus to the chest and investigate.