http://www.brandonandlaura.com/avg.jpg

Anyone know of a way to rid of this Trojan?

http://www.misec.net/trojanhunter/
if AVG cant catch it give this a try
Magnus has a 30 day trial period
I do not use AVG.sorry

Disable system restore.
reboot
Scan with AVG again
Re-enable system restore.
reboot

I'm not sure if any AV programs can remove problems with system restore files.

I'm not sure if any AV programs can remove problems with system restore files.

Your right none can.

:)

Sooo..... how would one fix this problem?

:)

Disable system restore.
reboot
Scan with AVG again
Re-enable system restore.
reboot


Do what Norm said. :thumb:

Hmm... that seems to have taken care of it.

Any idea why you must turn-off the SR to remove the virus?

THanks, Norm!!!

:D

Hmm... that seems to have taken care of it.

Any idea why you must turn-off the SR to remove the virus?

THanks, Norm!!!

:DBecause the Trojan/virus lives in SR.

Hmm... that seems to have taken care of it.

Any idea why you must turn-off the SR to remove the virus?

THanks, Norm!!!

:D

The way it's designed, the operating system compresses and protects system restore points in a method that, well, antivirus programs cannot get in there and "work with" files.

Only way around it is to turn off system restore, and reboot. Which in effect deletes that compressed restore point(s). Yes you lose your ability to restore to a prior point now...but....well, that's what happens. Turning on system restore will allow new restore points to be saved to file from <this point> on.

Just like any file "in use", files saved and compressed by system restore can't be accessed by other processes. They are "in use" by the system.
Even from command mode they aren't easy to delete. You have to change some attributes first.

For almost any virus, manual repair instructions insist you disable the system restore before repair. That way you delete any infected files that were saved during a system restore, and without system restore running it won't save any more infected files.

That makes some sense to me now. It seems to have taken care of the problem.

Thanks, all!!!

:)

That makes some sense to me now. It seems to have taken care of the problem.

Thanks, all!!!

:)Ok, cool, but I don't see a thread titled "Why I now Love AVG" :D

Ok, cool, but I don't see a thread titled "Why I now Love AVG" :D

:rotfl:

:rotfl:
C'mon, say it outloud 3 times.

I love AVG, I love AVG, I love AVG

And I'll never dis AVG again lol :D

thx Norm , I really do , it hasnt failed me ever ! :thumb:

I love AVG

I love AVG

I love AVG.

It's good for my home PC. Don't need anything else. :thumb:

Kaspersky rocks 100% of AV software on the market. I'd be willing to bet it could dig all up INSIDE a system-restore point's a$$ like an undersized thong to get rid of whatever "lives" in there. Of course that would probably corrupt/destoy the restore-point but hey, if the shіt is infected then it's pretty much useless anyway!

An interesting fact about KAV is that it uses a combination of system-drivers that hook into the kernel during startup. Why is that important? It's important because it makes KAV absolutely 99.9% (just covering my ass hehe) unable to be killed forcefully without bringing down the "mighty and stable Windows OS". heh.

Other then that horrific loophole I discovered and posted to vuln-dev recently which was an exploit to diable KAV locally (one must be sitting IN FRONT of the PC), KAV is as good as it gets. And I don't care what anyone says but Symantec's Norton AV is still a chunk of bloated crap to me (and very easy to bypass at that).

Just try KAV. =) :thumb:

Kaspersky rocks 100% of AV software on the market.

Not NOD32.
;)
Esp when you consider how lightweight it is, very little performance hit. Still a fan of Symantecs Corp Edition too.

Kaspersky rocks 100% of AV software on the market. I'd be willing to bet it could dig all up INSIDE a system-restore point's a$$ like an undersized thong to get rid of whatever "lives" in there. Of course that would probably corrupt/destoy the restore-point but hey, if the shіt is infected then it's pretty much useless anyway!

An interesting fact about KAV is that it uses a combination of system-drivers that hook into the kernel during startup. Why is that important? It's important because it makes KAV absolutely 99.9% (just covering my ass hehe) unable to be killed forcefully without bringing down the "mighty and stable Windows OS". heh.

Other then that horrific loophole I discovered and posted to vuln-dev recently which was an exploit to diable KAV locally (one must be sitting IN FRONT of the PC), KAV is as good as it gets. And I don't care what anyone says but Symantec's Norton AV is still a chunk of bloated crap to me (and very easy to bypass at that).

Just try KAV. =) :thumb:

Kaspersky, Mcaffee and ESET (A couple of others as well but not AVG and AVAST) were recently just fixed because they were vulnerable to a compression header problem. It was open for a while before that. Something to do with Microsofts compression and WINZIp. The virus makers were taking advantage of this vulnerability. It was fixed on the 16th I believe. ESET sent out a ntoice about it.

Pie

KAV is a verified resource hog. Almost as much as mcafee. While it is not a bad AV I'll use avg or nod32 over it anyday ( currently using nod32)

Norm leave the poor boy alone. He's suffering piloting anxieties and requires medications.

Norm leave the poor boy alone.

Ok

Didn't expect that answer did ya ?


Is there anyone here at SG that is NOT on medication?
:D

KAV is a verified resource hog. Almost as much as mcafee. While it is not a bad AV I'll use avg or nod32 over it anyday ( currently using nod32)

Not at all, I have Kaspersky Personal Pro 4.5 on my pc and my wife has Kaspersky 5.0 Personal on hers and neither slow down a bit. If you used it maybe you had it configured wrong.

:)

I will personally shine the shoes of anyone that can prove KAV5 is a "resource hog" when compared to Symantecs Norton CrumbyVirus. I don't know about the corporate edition but from 2001 to 2005 the crap is SO bloated and SO resource hoggy that I can't believe anyone would dare to accuse KAV5 of sucking up resources. Just compare the memory footprint or better yet, take a look at how damn huge NAV is. It's like over 50 Megs or something while KAV is less then 12 Megs in size. What the HECK is Symantec feeding NAV!? It seriously needs to loose some weight.

And again, you can't kill KAV with any task-manager. You can't even attach a debugger to it. Every other AV i've seen can be EASILY terminated thru a simple "end-task". Which means if an un-fingerprinted virus infects your system, it can easily terminate your AV and KEEP it from reloading..... But not with KAV5. KAV5 will STAY in memory and allow you to update it via internet until it finally catches the worm/virus/trojan etc..

I will personally shine the shoes of anyone that can prove KAV5 is a "resource hog" when compared to Symantecs Norton CrumbyVirus.

You said "Kaspersky rocks 100% of AV software on the market.". I flat out disagree with that. "rocks" Symantecs retail home consumer antivirus product? I won't disagree with you on that. But so called "rocks" all other brands of antivirus? :nope:

Symantecs Corp Edition antivirus has a memory footprint in the mid-upper teens BTW, and is infinitely better than their retail consumer product, IMO.

Also most people forget that there are usually more than one service to an antivirus product running as a process, so often don't add up enough services for a "total" memory count in task manager. There is usually 2-3 processes in total. Regardless, the memory footprint isn't a full indication of the performance hit. There are many other factors to consider on the real time scanning engine which impact performance much more. Yeah if you're still running a dinosaur Pentium 133 with 24 megs of RAM, memory use becomes a big factor.

Is there anyone here at SG that is NOT on medication?:D
Now that you mention it, I don't beleive there is! :rotfl:

Not at all, I have Kaspersky Personal Pro 4.5 on my pc and my wife has Kaspersky 5.0 Personal on hers and neither slow down a bit. If you used it maybe you had it configured wrong.

:)


Kav runs about 5-8 megs more resourcewise than AVG or Eset does. Even with the e-mail scanner un-installed.

Meh. To each their own.

Isend my Nrton to the trash and install Avast Home antivirus,this AV is better and work with SP2 :thumb:

Great thread :thumb: I just learned a bunch, thanks guys :thumb:

Is there anyone here at SG that is NOT on medication?
:D
uh, me

wait a minute


*reaches for bottle of Excedrin Migraine

never mind :)

Well, at least we agree on one thing.. That Norton pretty much sucks. Again, I haven't messed around with the corporate product but thats only because god damn it, every time I tried to prove to myself that norton "really is" worth something I just wound up making an .exe undetectalbe to norton in lese and less time. :( In fact, I can recal the very first time about' 2/3 years ago when I decided (after wondering why all the trojan/script kiddies were constantly praising Norton AV all the time) to modify a small keylogger I downloaded (by sysinternals). I changed ONE BYTE in the executable and norton was NO longer able to detect it. :eek: :confused:

Year after year it became only SLIGHTLY more difficult to make a so called "malicious object" undetected to norton's AV offering. I became more disgruntled even though at the time Windows was not my mainstream OS. Around mid to late 2002 I just alltogether gave up on even installing norton AV and instead stuck with a combination of user common-sense and AV software from pretty much every other vendor under the sun. Then one day KAV came out and I thought "wow, this shіt is buggy as hell (early 4x versions) but DAMN the detection is first-rate".

A while after, AVPoffset was released which landed a big blow to anything AVP based, including KAV. However, that was swiftly remedied (unfortunately for some hehe) as were most of the bugs/incompatibilities in pre 5.x versions. Well bottom line is to be fair, I haven't even TOUCHED norton in a while so I can't with absolute certainty say that it "still sucks" but if the trends I observed in earlier times are any indication of what's still going on in 03/04/05 and beyond, then I can with a huge degree of certainty say that norton AV still does very much suck.

Now we're soley talking about DETECTION rates which KAV does excel in no matter how you slice it. As far as stability, engine design, security features, speed etc. are concerned, I think that should be a separate topic. :)