Ponza A virus

  • Thread starter Thread starter Miles
  • Start date Start date
M

Miles

My anti virus program (CA e-Trust EZ AntiVirus) has
identified the following Ponza A virus:

C:\System Volume Information\Restore{F8D3E663-439A-4F56-
A12E-87568CA318C1}\RP100\A0012728.exe

I see the C:\System Volume Information\ path under the
anti-virus software view of the tree, but can't figure
how to access it for deletion of the virus (under C: in
windows I don't see the folder 'System Volume
Information').

I tried searching for different portions of the string
w/o luck.

I have run both Spybot & AdAware without any luck.

Any suggestions would be appreciated.
TIA, Miles
(I also posted this on the 'basic' site)
 
That folder is the windows system restore folder
If you shut System Restore off then reboot that folder will be deleted
You can then turn system restore back on
peter
 
Please read the following URL:
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm

The objective:
------------------
- Turn off the System Restore function
- Reboot the PC
- Using your AV package, perform a full scan of all files on the platform and clean/delete
infectors found
- Turn on the System Restore function, and re-apply any System Restore preferences,
e.g. HD space to use
- Reboot the PC
- Create a new System Restore point.

Dave



| My anti virus program (CA e-Trust EZ AntiVirus) has
| identified the following Ponza A virus:
|
| C:\System Volume Information\Restore{F8D3E663-439A-4F56-
| A12E-87568CA318C1}\RP100\A0012728.exe
|
| I see the C:\System Volume Information\ path under the
| anti-virus software view of the tree, but can't figure
| how to access it for deletion of the virus (under C: in
| windows I don't see the folder 'System Volume
| Information').
|
| I tried searching for different portions of the string
| w/o luck.
|
| I have run both Spybot & AdAware without any luck.
|
| Any suggestions would be appreciated.
| TIA, Miles
| (I also posted this on the 'basic' site)
 
Greetings --

The System Volume Information is the folder in which WinXP's
System Restore feature stores information used to recover from errors.

To clear viruses from the "System Volume Information," simply turn
off the System Restore feature (Start > All Programs > Accessories >
System Tools > System Restore, System Restore Settings), reboot, then
re-enable System Restore, and reboot one last time. This will delete
all of your Restore Points, including the corrupted one(s), and allow
you start with a clean slate.


Bruce Chambers

--
Help us help you:




You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
 
You must log in or register to reply here.

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Ponza A vrius 3
What is a Runtime packed fsg threat? 2
Is anyone experience like this? How did you removed this threat? 3
Virus 1
Anti Virus 5
Access Denied on a directory 1
Help: can't find Trojan Horse 6
Service Pack 3 Problem 7

Back
Top