Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: vfx2 on April 07, 2006, 05:57:00 AM
-
Hi,
Today, Avast Home has detected 2 infected files, with Win32:Adloader-S [Trj].
For example
file:
A0048373.EXE
Path:
C:\System Volumen Information\_restore{D8CEBAA5-3F41-4FAE-BBC9-F34F5CF68AEO}\RP384
Please, I need more information about this trj. :o
-
If you find a virus keeps coming back after you delete it, it's most probably infected the System Restore folder, the best way to solve this is to disable System Restore, reboot your machine and then enable it again. After all, run a full avast! scanning. System Restore cannot be disabled on Windows 9x and it's not available in Windows 2k.
Enable/Disable System restore on Windows ME: http://support.microsoft.com/default.aspx?scid=kb;en-us;Q264887
Enable/Disable System restore on Windows XP: http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;310405
Windows attempts to protect files that are deleted from the system folders (just in case it was an accident), so they can be restored if required.
The problem is many malware writers are wise to that and put their files in the system folders, this is also done to confuse you into thinking you could be deleting an important system file.
Disable system restore, reboot, scan and if clean enable system restore again.