Metropol


https://www.metropol247.co.uk/forum/

Trojan Virus in System Restore folder

https://www.metropol247.co.uk/forum/viewtopic.php?t=2031

Page 1 of 1

Trojan Virus in System Restore folder

Posted: Sun 21 Nov, 2004 21.22
by Inspector Sands
My virus scanner (AVG) detected a Trojan (IRC Backdoor) a few days ago. Major problem as not only did it keep flashing up a warning, something kept restarting my PC at decreasing intervals until it was rebooting just after booting. Managed to run the virus scanner/cleaner once, but it couldn't fix the virus only quarantine it.

Because I couldn't do anything due to the restarts I started in safe mode and restored the system to a system restore pouint from a week earlier. Everything booted back up and this time the virus scanner managed to get rid of the trojan.

Everything's fine now except in the last couple of days I've had a couple of notifications of a trojan (looks like the same one) in a folder that looks like it's something to do with XPs System Restore. Presumably when I did the restor last week it backed up the old config and this is where the virus is.

My virus scanner, when run doesn't even find it, despite the 'resident shield' flashing up warnings.

Any idea how to get rid of it?

Posted: Sun 21 Nov, 2004 21.34
by Dr Lobster*
if you turn system restore off and then on again, (right click my computer, click the system restore tab and uncheck/apply check/apply the turn off system retore box) this will delete all previous retore points, including the file which is flagging up this error.

Posted: Sun 21 Nov, 2004 22.49
by Inspector Sands
Ahhh brilliant.

Just looking this up to get more details, is it just a case of disabling, then going back in and then doing the reverse? A couple of pages I've looked at say to virus scan and restart the PC after switching system restore off. Don't really fancy doing that if I've no restore points left (paranoid!)

Posted: Mon 22 Nov, 2004 00.18
by Neil Jones
Inspector Sands wrote:Just looking this up to get more details, is it just a case of disabling, then going back in and then doing the reverse? A couple of pages I've looked at say to virus scan and restart the PC after switching system restore off. Don't really fancy doing that if I've no restore points left (paranoid!)
If you disable System Restore you will lose all system restore points that exist by design of the feature. But new ones are made every 10hrs of system use time and every 24hrs of real time use, plus you can make your own additional ones as you wish.

In any case, System Restore as a whole works with the technology of newer install routines which prompt the feature to make a restore point just before the new software is installed. It's also a final safety net for clueless computer users who are more prone to change settings and things when they don't know what those settings do.
All times are UTC+01:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited