PPRuNe Forums

PPRuNe Forums (https://www.pprune.org/)
-   Computer/Internet Issues & Troubleshooting (https://www.pprune.org/computer-internet-issues-troubleshooting-46/)
-   -   Possible Suspicious File refusing to budge (https://www.pprune.org/computer-internet-issues-troubleshooting/205388-possible-suspicious-file-refusing-budge.html)

Brian Dixon 8th January 2006 15:56
Possible Suspicious File refusing to budge
 
Hi all.
I need a bit of help, please.
I run a Win XP machine, and regularly update and use F-Prot as my virus checker. I also use the on-line Trend Micro as a back-up virus checker, but have been having a few problems with that one of late.

Anyhoo... F-Prot has picked up a suspicious file that I am having great difficulty locating and removing. The file is called A0021218.exe and the file path is given as follows: C:\System Volume Information\_restore{F1C1C3C9-25FF-4E75-A8D8-79324AE6DADE}\RP191\
I have run Hijack This, but it doesn't show up. I have run the file find program on XP, but it doesn't show up there either. Ad Aware didn't help either.

Any clues? I was recently hit with something that installed an unwanted toolbar on my machine (similar to the Google toolbar), but forget it's name - sorry.

I use IE and Outlook Express for all things Internet.

I've a horrible feeling that I've been hijacked, but would appreciate any advice (as usual - in words of one syllable or less) on how to remove the little blighter from my machine. I've 'Googled' the .exe filename but didn't find anything that helped me.

As always, I'm grateful for your help and advice.
Regards,
Brian

Jet II 8th January 2006 16:57
Re: Possible Suspicious File refusing to budge
 
To clean out your System Restore, do the following:
Turn OFF System Restore.
1. On the Desktop, right-click My Computer.
2. Click Properties.
3. Click the System Restore tab.
4. Check the box beside "Turn off System Restore".
5. Click Apply, and then click OK.
6. Restart the computer. (You must restart your computer to clear the old Restore Points)
To Turn System Restore back ON.
1. Follow the above Steps 1 to 3
2. UNcheck the box beside "Turn off System Restore".
3. Click Apply, and then click OK.
4. Restart your computer.
Then do another scan with your virus scanner to see if you are still being alerted to anything.
I use IE and Outlook Express for all things Internet.
Bad idea - change to Opera or Firefox/Thunderbird

Brian Dixon 8th January 2006 20:05
Re: Possible Suspicious File refusing to budge
 
Jet II,
very many thanks. That sorted it.

I'll have a look at the programs you suggest.

Brian


All times are GMT. The time now is 02:48.


Copyright © 2026 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.