Trojan

[Rob Graham]

I have a Trojan virus on my computer, so my anti-virus software informs me.
The folder is called System Volume Information and sits on the C drive and
appears to be empty. When I try to delete it it won't let me. I've made it
'not read-only' and that has no effect. How does one get rid of
files/folders that won't go?

Rob Graham

 

[Shenan Stanley]

I have a Trojan virus on my computer, so my anti-virus software
informs me. The folder is called System Volume Information and sits
on the C drive and appears to be empty. When I try to delete it it
won't let me. I've made it 'not read-only' and that has no effect.
How does one get rid of files/folders that won't go?

Turn off the system restore.
- http://support.microsoft.com/?kbid=310405
Reboot.
Turn on the system restore.
Make a manual restore point..
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/xpsysrst.mspx
Continue on with life normally.

 

[Kelly]

Rob,

That is not your trojan, that is where it is being stored. That folder
houses your restore information. Either turn off System Restore (which
should have been advised), run the cleaner, then enable System Restore.

And/or....

Create a restore point and then use the Disk Cleanup advanced tab to delete
all but the last restore point. The virus will be gone, if your virus
checker already deleted it from your system.

 

[Rob Graham]

Thanks for your help, guys.

While you're there, I've just started using XP, so I'm learning the
wrinkles. One thing I've found is that when I attempt to reboot by clicking
Start/Restart, sometimes I get a small box telling me that a program, say
IE, is closing down and that I can close immediately and lose data, or not
as the case may be. This doesn't happen at each reboot, just sometimes. I'd
be interested to know why it is.

Thanks

Rob

 

[wojo]

Thanks for your help, guys.

While you're there, I've just started using XP, so I'm learning the
wrinkles. One thing I've found is that when I attempt to reboot by
clicking
Start/Restart, sometimes I get a small box telling me that a program, say
IE, is closing down and that I can close immediately and lose data, or not
as the case may be. This doesn't happen at each reboot, just sometimes.
I'd
be interested to know why it is.

Thanks

Rob

If you close a window and then immediately go to shutdown your system
sometimes the program didn't close completely yet and you will get that
message.
I don't know for sure that this is what is happening in our case but I know
it does happen.

--
kwoyach[SPAM]53954@yahoo[SPAM].com
TO Email: Remove [SPAM]
If I can help you I will.
If you can help me thanks.

--

**Useful Links**
AdAware: www.lavasoftusa.com/software/adaware/

Spybot S & D: www.safer-networking.org/

Check for Parasites/Worms: www.gemal.dk/browserspy/parasites.html

CWShredder: http://www.spywareinfo.com/~merijn/downloads.html

 

[Rob Graham]

Yes, that figures. Thanks

And another thing. I seem to have had my homepage hijacked. The URL is
'about:blank' and is a page where I can search for all manner of products
and services. I assumed I had some spyware or something and despite running
Spyhunter I just cannot get rid of it. I've got two computers, both running
XP and only one of them seems to suffer from this. Any ideas?

Rob

 

[Guest]

As well, per the advicve above, how do you shut down
system restore and change the points? Thanks!

-----Original Message-----
Yes, that figures. Thanks

And another thing. I seem to have had my homepage hijacked. The URL is
'about:blank' and is a page where I can search for all manner of products
and services. I assumed I had some spyware or something and despite running
Spyhunter I just cannot get rid of it. I've got two computers, both running
XP and only one of them seems to suffer from this. Any ideas?

Rob


If you close a window and then immediately go to shutdown your system
sometimes the program didn't close completely yet and you will get that
message.
I don't know for sure that this is what is happening in

our case but I
know

it does happen.

--
kwoyach[SPAM]53954@yahoo[SPAM].com
TO Email: Remove [SPAM]
If I can help you I will.
If you can help me thanks.

--

**Useful Links**
AdAware: www.lavasoftusa.com/software/adaware/

Spybot S & D: www.safer-networking.org/

Check for Parasites/Worms: www.gemal.dk/browserspy/parasites.html

CWShredder: http://www.spywareinfo.com/~merijn/downloads.html

.

 

[wojo]

Try HijackThis:
http://www.majorgeeks.com/download.php?det=3155

Yes, that figures. Thanks

And another thing. I seem to have had my homepage hijacked. The URL is
'about:blank' and is a page where I can search for all manner of products
and services. I assumed I had some spyware or something and despite
running
Spyhunter I just cannot get rid of it. I've got two computers, both
running
XP and only one of them seems to suffer from this. Any ideas?

Rob

If you close a window and then immediately go to shutdown your system
sometimes the program didn't close completely yet and you will get that
message.
I don't know for sure that this is what is happening in our case but I know
it does happen.

--
kwoyach[SPAM]53954@yahoo[SPAM].com
TO Email: Remove [SPAM]
If I can help you I will.
If you can help me thanks.

--

**Useful Links**
AdAware: www.lavasoftusa.com/software/adaware/

Spybot S & D: www.safer-networking.org/

Check for Parasites/Worms: www.gemal.dk/browserspy/parasites.html

CWShredder: http://www.spywareinfo.com/~merijn/downloads.html

 

[wojo]

Control Panel > System > "System Restore" tab
From here you have the option of disabling System Restore
Then reboot and Enable System Restore again.
This will remove your old restore points if that is what your trying to do.
as far as "changing" the points goes System Restore should be located under
accessories > system tools if you didn't move it.
From there you can "create" restore points.

--
kwoyach[SPAM]53954@yahoo[SPAM].com
TO Email: Remove [SPAM]
If I can help you I will.
If you can help me thanks.

--

**Useful Links**
AdAware: www.lavasoftusa.com/software/adaware/

Spybot S & D: www.safer-networking.org/

Check for Parasites/Worms: www.gemal.dk/browserspy/parasites.html

CWShredder: http://www.spywareinfo.com/~merijn/downloads.html

As well, per the advicve above, how do you shut down
system restore and change the points? Thanks!

-----Original Message-----
Yes, that figures. Thanks

And another thing. I seem to have had my homepage hijacked. The URL is
'about:blank' and is a page where I can search for all manner of products
and services. I assumed I had some spyware or something and despite running
Spyhunter I just cannot get rid of it. I've got two computers, both running
XP and only one of them seems to suffer from this. Any ideas?

Rob


If you close a window and then immediately go to shutdown your system
sometimes the program didn't close completely yet and you will get that
message.
I don't know for sure that this is what is happening in

our case but I
know

it does happen.

--
kwoyach[SPAM]53954@yahoo[SPAM].com
TO Email: Remove [SPAM]
If I can help you I will.
If you can help me thanks.

--

**Useful Links**
AdAware: www.lavasoftusa.com/software/adaware/

Spybot S & D: www.safer-networking.org/

Check for Parasites/Worms: www.gemal.dk/browserspy/parasites.html

CWShredder: http://www.spywareinfo.com/~merijn/downloads.html

.

 

[Alex Nichol]

I have a Trojan virus on my computer, so my anti-virus software informs me.
The folder is called System Volume Information and sits on the C drive and
appears to be empty.

That folder contains the System Restore points. The virus has been
included in one. It can do no harm there, unless you restore to the
point concerned. So wait for a new clean one to have been made (or go
to Start - All Programs - Accessories - System Tools - System Restore
and create one manually) then Start - All Programs - Accessories -
System Tools - Disk Cleanup and on the More Options use the button to
delete all but the more recent point - the virus will go along with the
point it is in

 

[Bruce Chambers]

Greetings --

The System Volume Information is the folder in which WinXP's
System Restore feature stores information used to recover from errors.

To clear viruses from the "System Volume Information," simply turn
off the System Restore feature (Start > All Programs > Accessories >
System Tools > System Restore, System Restore Settings), reboot, then
re-enable System Restore, and reboot one last time. This will delete
all of your Restore Points, including the corrupted one(s), and allow
you start with a clean slate.


Bruce Chambers

--
Help us help you:




You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH

 

[Kelly]

Hi Rob,

Run all of these, all of them:

Ad-Aware
http://www.lavasoftusa.com/

Spybot
http://tinyurl.com/btf8

CWShredder (Line 313)
http://www.kellys-korner-xp.com/xp_tweaks.htm

Hijack This
http://www.spychecker.com/program/hijackthis.html

Free Online Virus Scan
http://housecall.trendmicro.com/housecall/start_corp.asp

If that doesn't help this issue (it will help your next one), run this edit:

This edit automatically ends tasks and timeouts that prevent programs from
shutting down and clears the Paging File on Exit.

Auto End Tasks to Enable a Proper Shutdown (Line 76)
http://www.kellys-korner-xp.com/xp_tweaks.htm

 

[Rob Graham]

I have a Trojan virus on my computer, so my anti-virus software informs me.
The folder is called System Volume Information and sits on the C drive and
appears to be empty. When I try to delete it it won't let me. I've made it
'not read-only' and that has no effect. How does one get rid of
files/folders that won't go?

Rob Graham

Thanks for all your help.

Rob