Hi everyone! New to searching for solutions to viruses, usually my fiance does it for me. I figured it was time for me to learn since we are becoming more and more computer based as the years go on. I have this trojan that I mention in the title in this directory on my laptop:

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP100\A0018382.exe

I have run AVG several times and it finds this little devil everytime and says that it has been deleted but alas it is still showing up when I run AVG. Every time I try to move the virus to the virus vault the program hangs for about 5 mins and then supposedly the file is gone. Does anyone have any information on this trojan? I've been checking in Google and Yahoo and haven't had much luck. I'll continue doing that until I find something or hopefully get some help here!

TIA (<-that's my name and a thanks in advance )

The file name you give there suggests that the infected file is containted within restore point information. If you turn off system restore on all drives, previous restore point information is deleted. Working on that basis, turning off system restore should solve your problem. You can reinstate it afterwards but bear in mind that you no longer have any restore points.

I can't guarantee that this is correct, just an educated deduction.

Hope this helps.

Chris

Hi Tia!

You can find instructions for turning off System Restore here: http://www.pchell.com/virus/systemrestore.shtml

chidman's educated guess is accurate. It is still in your Restore Folder and so every time you restart/reboot your computer, the virus is reloaded. Usually antivirus applications cannot make deletions from an active Restore function. You need to turn it off. Then run your AV and remove the virus. Then turn System Restore back on.


Best regards and welcome to Computer Cops!

_________________

Microsoft MVP Consumer Security 2006, 2007 & 2008

Well it did work!!! I turned off System Restore thru my Control Panel/System icon and the booger is gone!!! Thanks guys

TiaBoBia

Hi TiaBoBia!

You are very welcome!

Glad we could help.

_________________

Microsoft MVP Consumer Security 2006, 2007 & 2008

Hi folks!
I also have the trojan 'Downloader.Inservice.0'. (This must have happened only yesterday as I virus check regularly).

It's located in:

C:\RECYCLERS\S-1-5-21-299502267-492894223-839522115-1000\DC62.ZIP:\awi.exe

I have looked for this file but it doesn't seem to exist!

I have win 2000 and use AdAware and AVG 6.0 (free).
Please Please help me get rid of this!

Hi mightyatom,

C:\RECYCLER is a hidden folder. It is used by the Recycle Bin. To view
Hidden folders, open My Computer. Go to Tools>Folder Options. Click on the view tab and choose show hidden files and folders. Click OK.

Next press F5 in your keyboard for a refresh then empty your recyle bin. See if AVG will find it again.

Note: Please start/create your own topic next time. - Thanks.

Dearest Donna!

Your advice seems to have worked!
I did as you said and have run AVG umpteen times since (just to make sure! I'm not paranoid you understand: I'm just not used to life being THAT simple! |)
Result= Whoop-di-whoo - still NO VIRUS!
It cannot be that easy, surely?! (I'd better shhoosh now - better not tempt fate). Note: in my neck of the woods, 'shhoosh - or shoosh' means 'shut up/stay quiet/zip it etc' - you get ma drift.

Anyhoo - natural pessimism aside...
I just have to say You are wonderful!
In fact, you brought to mind my reason for joining this excellent forum in the first place = sanity preservation!
Dunno what I'd do without You and CC!

Respect to all of you.

Thanks sooo much Donna!
Take care - til next time (as I said, I'm not being para - just realistic!)

I blew it! I'm seeing double! I apologise for my mistake...

It's a-OK now mightyatom. I deleted your duplicate post and you are welcome! Glad we can help.

I'll now close this topic. @tiabobia, please PM a mod or host, if you want to re-open this topic. Others should create a new topic for any question or if you need help.

Thanks!