virus in System volume information folder

Status
Not open for further replies.

Shikhar

Journeyman
Hi,

I have win xp on D: I had run Zonealarm Antivirus (which comes as a part of zonealrm security suite) it found virus in the system volume information folder of both my C: and D: the virus was identified as Backdoor.Berbew (something like that) and was removed.

I searched the net and found some removal techniques. I checked the registry but could not find the entry which this virus makes. One of the symptoms was that the internet settings are put to custom level from default level. This happened recently. that same virus is not found on my hard disk now.

There is a folder named _restore{D2E........ the name is very long.
I want to know whether this folder is created by the virus or not.
i could see the folder only through dos.

Also my pc has become very very slow.

thanks in advance.
 

saROMan

QA Juggler
well The system Vol info folder is where your System restore files are stored .. do this

Right click on the Drive where your XP is installed eg c: ....go to properties->disk Cleanup->more options->System Restore->Clean Up ...this will remove all Restore Points Except The latest One...then scan the PC n see if virus is gone..if not Disable the Restore service...delete all contents of system vol info folder .....Get the Removal Tool Here*securityresponse.symantec.com/avcenter/FxBerbew.exe also see This & This Page for more info..also Zone alarm Av is not a good choice ...try getting a better solution..like Kaspersky..or even Free Avast works great ....
 

Choto Cheeta

Rebooting
yes... u must disable the system restore service.... otherways the copy of that infected file will remain on the restore data folder....
 

expertno.1

Technomancer
disable the service and get a good antivirus and perform a complee system scan..as it may have infected other files

do it with latest updates
 
Status
Not open for further replies.
Top Bottom