Virus I cant get rid of - help

Secure Home | Search | About

Lost Password?

Microsoft Antivirus Discussions

get this group's latest topics as an RSS feed

add this group's latest topics to your My MSN content

add this group's latest topics to your My Yahoo content

add this group's latest topics to your Google content

Subject

Author

Date

Virus I cant get rid of - help

neil

08-20-2006

RE: Virus I cant get rid of - help

Pan

08-20-2006

Re: Virus I cant get rid of - help

Bruce Chambers

08-20-2006

Re: Virus I cant get rid of - help

nei

08-20-2006

Re: Virus I cant get rid of - help

Bruce Chambers

08-20-2006

Posted by =?Utf-8?B?bmVpbA==?= on August 20, 2006, 4:53 am

If you were Registered and logged in, you could reply and use other advanced thread options

I have seemed to have picked up the following
W32/VB-EMU:VB-Downloader-Sml-based!Maximus
D:\SYSTEM VOLUME INFORMATION\_RESTORE{D8696F73-2D76-...\A0015698.EXE

my anti virus picks it up but wont delete it. Can anyone offer me help to
get rid of it and also let mme know what this virus actually does. Thanks

Posted by =?Utf-8?B?UGFuZGFfbWFu?= on August 20, 2006, 9:05 am

If you were Registered and logged in, you could reply and use other advanced thread options

My reply is at the bottom of your message :

"neil" wrote:

> I have seemed to have picked up the following

> W32/VB-EMU:VB-Downloader-Sml-based!Maximus

> D:\SYSTEM VOLUME INFORMATION\_RESTORE{D8696F73-2D76-...\A0015698.EXE

> my anti virus picks it up but wont delete it. Can anyone offer me help to

> get rid of it and also let mme know what this virus actually does. Thanks

Hello .

This detection is heuristic detection of new unknown malware . According to
the name it is a trojan downloader. This name shows that you use F-prot AV or
F-prot OEM av product .

System Restore is a place where Windows keeps restore points and information
that can be used to restore the system to a previous state if Windows crashes
. System Restore's folder(s) are restricted zone so only Windows can touch
there !

See here how to fix the problem :
http://www.f-prot.com/support/windows/fpwin_faq/24.html

After this , it is strongly recommended that you perform full scan with your
av :
http://www.f-prot.com/support/windows/I_have_virus.html

In addition , download , install , update and use to perform full scan :

Ad-Aware SE Personal
http://www.lavasoftusa.com/software/adaware

SpyBot Search and Destroy
http://www.safer-networking.org/microsoft.en.html

Ewido AntiSpyware
http://www.ewido.net

Learn how to protect your PC:
http://pandaman.my.contact.bg/Protect_your_PC.htm

Regards!
--
Panda_man
Bronze level Contributor

Posted by Bruce Chambers on August 20, 2006, 10:59 am

If you were Registered and logged in, you could reply and use other advanced thread options

neil wrote:

> I have seemed to have picked up the following

> W32/VB-EMU:VB-Downloader-Sml-based!Maximus

> D:\SYSTEM VOLUME INFORMATION\_RESTORE{D8696F73-2D76-...\A0015698.EXE

> my anti virus picks it up but wont delete it. Can anyone offer me help to

> get rid of it and also let mme know what this virus actually does. Thanks

The System Volume Information is the hidden, protected operating
system folder in which WinXP's System Restore feature stores
information used to recover from errors. It's really not a good idea
for you, or an antivirus application, to directly access the contents
of that folder, unless you expect to have no future use for the
restore points, in which case it would be simpler just to turn off the
System Restore feature.

To clear viruses or other malware from the "System Volume
Information," simply turn off the System Restore feature (Start > All
Programs > Accessories > System Tools > System Restore, System Restore
Settings), reboot, then re-enable System Restore, and reboot one last
time. This will delete all of your Restore Points, including the
corrupted one(s), and allow you start with a clean slate.

--

Bruce Chambers

Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html

They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. -Benjamin Franklin

Many people would rather die than think; in fact, most do. -Bertrum Russell

Posted by =?Utf-8?B?bmVpbA==?= on August 20, 2006, 11:46 am

If you were Registered and logged in, you could reply and use other advanced thread options

brilliant - seems to have worked a treat

"Bruce Chambers" wrote:

> neil wrote:

> > I have seemed to have picked up the following

> > W32/VB-EMU:VB-Downloader-Sml-based!Maximus

> > D:\SYSTEM VOLUME INFORMATION\_RESTORE{D8696F73-2D76-...\A0015698.EXE

> >

> > my anti virus picks it up but wont delete it. Can anyone offer me help to

> > get rid of it and also let mme know what this virus actually does. Thanks

> The System Volume Information is the hidden, protected operating

> system folder in which WinXP's System Restore feature stores

> information used to recover from errors. It's really not a good idea

> for you, or an antivirus application, to directly access the contents

> of that folder, unless you expect to have no future use for the

> restore points, in which case it would be simpler just to turn off the

> System Restore feature.

> To clear viruses or other malware from the "System Volume

> Information," simply turn off the System Restore feature (Start > All

> Programs > Accessories > System Tools > System Restore, System Restore

> Settings), reboot, then re-enable System Restore, and reboot one last

> time. This will delete all of your Restore Points, including the

> corrupted one(s), and allow you start with a clean slate.

> --

> Bruce Chambers

> Help us help you:

> http://dts-l.org/goodpost.htm

> http://www.catb.org/~esr/faqs/smart-questions.html

> They that can give up essential liberty to obtain a little temporary

> safety deserve neither liberty nor safety. -Benjamin Franklin

> Many people would rather die than think; in fact, most do. -Bertrum Russell

Posted by Bruce Chambers on August 20, 2006, 12:24 pm

If you were Registered and logged in, you could reply and use other advanced thread options

neil wrote:

> brilliant - seems to have worked a treat

Good to hear.

--

Bruce Chambers

Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html

They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. -Benjamin Franklin

Many people would rather die than think; in fact, most do. -Bertrum Russell

Similar Threads	Posted
HELP: Virus is preventing me from installing anti virus software!!	January 11, 2007, 2:17 am
I have a virus that uses "anti virus software" downloads as a cover up	March 24, 2007, 1:40 pm
I have a worm or virus that does not allow me to go to ANY anti-virus website	January 28, 2006, 10:29 pm
Caught a Virus: Virus:Trj/Shutdown.Z -- need advice	June 13, 2007, 12:59 am
Vundo fix not finding vundo virus - windows tool deletes virus	May 14, 2008, 2:06 pm
Does anybody know what virus i've got?	July 5, 2005, 8:23 am
New Virus?	July 6, 2005, 11:22 am
virus	July 19, 2005, 12:20 pm
Virus help	August 8, 2005, 10:34 am
Virus Help	August 13, 2005, 8:00 am

The site map in XML format XML site map