Avast antivirus scan shows about 30 of my windows 98se files inffected .windows wont let me rename,deleted or move them.
What is this virus,what does it do, why is it not on the virus definitions list ? Is there a tool to remove it ? my computer is
running at a snails pace and not responding at times. Norton
panda, spybot, ad-aware,detects nothing. Please Help
hi Jayr your trojan is in vps 0441-1 06/10/2004
Trojans that are running (in memory) can’t just be shut down, windows protects all running processes/programs. Try starting your system in safe mode and running a scan from there.
Also see this thread General Advice & Tools for virus/trojan/malware removal
If you haven’t already got this program you should, it is freeware.
I am running WinME and have the same problem that you have. A dozen or two of these win32:trojan…and…win32:trajano.
They went right through Avast!
I have tried everything suggested here and elsewhere.
They are in the system and protected. They all or most seem to be copies: .cpy extensions.
They are located @:
C:_restore\archive\fs814…
C:_restore\archive\fs814.cab\A0052204.cpy…
they ARE NOT in memory and running a v. scan in safe mode does nothing!
I have found no solution, this is confirm that you are not alone with this problem.
I am running WinME and have the same problem that you have.No you don't have the same problem Zimm. Disable system restore, reboot and see if the problem is solved. ;)
System restore doesn’t bring trojans. They are false positives. The way windows compress/codes the things in the system restore folder, give some files there the same signature as some malware.
System restore (only implemented in ME and XP) is Microsofts effort to make it easier for users to recover their system after a crash. Unfortunatly, it is not working as they want it to.
Instead of using system restore a image of the working system and regular backups is a much better way to restore a system when something is really going wrong.
System restore normally also uses a lot of diskspace. (You can change that in the settings)
The Windows C:_restore\ folder is a protected area of storeage used for system restore points, etc.
When you delete a file from some other windows system folders or files they are backed up here and protected. The only way to deal with problems in this area is as Eddy said is disable system restore and reboot, check you are clear and enable system restore again.
Im a newbie, What is VPS 0441-1 06/10/2004 ?
VPS - It is a file containing the various signatures of viruses (Virus Pattern Signature), each virus has a pattern/signature that anti-virus programs use to help dectect them. The numbers are basically to let you know if it is current or out dated. The current one is 0445-1 03.11.2004
Im sorry,I hate to sound stupid,but where do I find these vps
files,to look up my virus-win32 trojano 434 ?
Thanks
Looking at the vps would bring you nothing since the info in there is encrypted. It would only look like abacadabra. You can look at the malware which is detected by Avast:
starting Avast > Menu > Virus database