Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Rescue Disc => Topic started by: johnt2004 on April 05, 2005, 07:56:28 PM
-
Symantec did but was unable to clean. it was the symmantec named virus Trojan.Tooso.E living in C:\System Volume Information\_restore{39090519-5C79-4094-B9A1-BDAF783FCB1C}\RP331\
Usiing bart update from April 04/05
Sorry in my attempt to get my system going the file was deleted. so I do not have a sample to send you.
John.
-
Windows attempts to protect files that are deleted from the system folders (just in case it was an accident), so they can be restored if required. The problem is many malware writers are wise to that and put their files in the system folders, this is also done to confuse you into thinking you could be deleting an important system file.
Disable system restore, reboot, scan and if clean enable system restore again.
Start > Control Panel > System > System restore > Disable
Click Apply
Enable it again
Click Ok
I can't imagine why the infected file was not detected... ::)
-
Looks as thou it's a variation of the W32.Beagle@mm family.
I can't imagine why it was not detected either ???
-Steve
-
Looks as thou it's a variation of the W32.Beagle@mm family.
I can't imagine why it was not detected eitherĀ ???
Steve, can't you warn virus@avast.com of this?
John, can you send the sample to this email? (zip and password the file, mention the password and this thread on the message body) ;)
-
When I turn off system restore it deleted the items under 'system information' where the infected file was.
Prior to doing that I was scanning after booting off Avast/Bart. It scanned the file but reported no virus.
Sorry I don't have a file to send you.