johnwrites

need advice re scan

Recommended Posts

Heres  scan from last week.Could not locate any nfo on ths

 

Emsisoft Emergency Kit - Version 3.0
Last update: N/A

Scan settings:

Scan type: Custom Scan
Objects: Rootkits, Memory, Traces, Cookies, C:\

Detect Riskware: On
Scan archives: On
ADS Scan: On
File extension filter: On
Inclusion filter: |.asp|.bat|.cab|.cgi|.chm|.cla|.class|.cmd|.com|.cpl|.ini|.css|.dll|.elf|.exe|.hlp|.hta|.htm|.html|.zip|.wh|.jar|.jpe|.jpeg|.jpg|.js|.jse|.lnk|.ocx|.php|.pif|.rar|.xpi|.reg|.scr|.sh|.shs|.src|.sys|.txt|.vbs|.vxd|.wmf|.doc|.docx|.xls|.xlsx|.ppt|.pptx|.pdf|
Advanced caching: On
Direct disk access: On

Scan start:    06/01/2013 19:07:46

C:\System Volume Information\_restore{227F16AB-7072-4457-80CF-F0A11EF7420F}\RP58\A0230041.dll     detected: Gen:[email protected] (B)
C:\System Volume Information\_restore{227F16AB-7072-4457-80CF-F0A11EF7420F}\RP58\A0230242.dll     detected: Gen:[email protected]@YAyzB7p (B)

Scanned    404161
Found    2

Scan end:    07/01/2013 01:44:37
Scan time:    6:36:51
 

Share this post


Link to post
Share on other sites

Those detections are on restore points. Anything in system restore is not an active threat to the system. However, those restore points are infected and should be purged from the system. You do not want to use an infected restore point while performing a system restore.

Share this post


Link to post
Share on other sites
Those detections are on restore points. Anything in system restore is not an active threat to the system. However, those restore points are infected and should be purged from the system. You do not want to use an infected restore point while performing a system restore.

any dea what it is. Could it be FP? that is an old computer and not on net very much

 

purge from system? would it be enough to turn off system restore/delete all restore points?

Share this post


Link to post
Share on other sites
any dea what it is. Could it be FP? that is an old computer and not on net very much

Without the actual files there is no way to tell.

 

purge from system? would it be enough to turn off system restore/delete all restore points?

Turning the system restore off, rebooting and turning it back on should do the trick just fine.

Share this post


Link to post
Share on other sites
Without the actual files there is no way to tell.

 

Turning the system restore off, rebooting and turning it back on should do the trick just fine.

where would thev actual files be? they must still be on the pc if they could be restored. OK see your comment re reboot etc. Thanks

Share this post


Link to post
Share on other sites

The files are located in the following folder:

 

C:\System Volume Information\_restore{227F16AB-7072-4457-80CF-F0A11EF7420F}\

 

This is a system folder, so most likely it won't be listed in your Explorer. Copying the location and pasting it into the Explorer location bar should get you there though.

Share this post


Link to post
Share on other sites
The files are located in the following folder:

 

C:\System Volume Information\_restore{227F16AB-7072-4457-80CF-F0A11EF7420F}\

 

This is a system folder, so most likely it won't be listed in your Explorer. Copying the location and pasting it into the Explorer location bar should get you there though.

 

The files are located in the following folder:

 

C:\System Volume Information\_restore{227F16AB-7072-4457-80CF-F0A11EF7420F}\

 

This is a system folder, so most likely it won't be listed in your Explorer. Copying the location and pasting it into the Explorer location bar should get you there though.

i did another scan now and they did not show?

Share this post


Link to post
Share on other sites

The first scan was done before you switched the system restore off and back on. This is why the files were still detected, because they were still actually there. Switching the system restore off and on again removed all files which were previously detected which is why scans now come up clean. Simply because the files Emsisoft Emergency Kit complained about in your first scan are no longer there.

  • Upvote 1

Share this post


Link to post
Share on other sites
The first scan was done before you switched the system restore off and back on. This is why the files were still detected, because they were still actually there. Switching the system restore off and on again removed all files which were previously detected which is why scans now come up clean. Simply because the files Emsisoft Emergency Kit complained about in your first scan are no longer there.

no  never swtched off the system restore at all

Share this post


Link to post
Share on other sites
Have you ran an online update in between those scans? If you did it was likely a false positive that was fixed with an online update.

yes i had an update between scans, must have been FP. Thanks for your help

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.