system volume

Computing.Net > Forums > Security and Virus > system volume

Original Message

Name: Blakes7
Date: February 26, 2007 at 21:04:31 Pacific
Subject: system volume
OS: xp pro
CPU/Ram: 1600+/512
Model/Manufacturer: athlon

Comment:

Hi! I just ran a virus scan, avira, spybot, and ad-aware. Ad-aware found a trojan in the system volume folder---it designated it TR/Agent.bgd. The option it recommended was to deny access. I clicked ok, and ad-aware seemed to lock up. I pressed alt-ctl-delete, and it said it was running. After about 5 minutes of doing nothing, I clicked cancel. Ran it again, and it found it again. I clicked on delete, and it seemed to lock again. Said the program was running, but nothing happened for about 5 minutes again, so I cancelled again. I googled the trojan name, and got a German link, clicked on translate, and followed the microsoft link to the English microsoft to show the system volume folder. A lot of files not seen before appeared, but in the root file(not sure if they mean system or system32, checked both) no system volume---directory or file. Not sure what I'd do if I found it, but it's well hidden. Now the crux-of-the-biscuit, how do I remove this file? Any and all responses will be greatly appreciated. Thanks.

Report Offensive Message For Removal

Response Number 1

Name: EnterTheMidnight
Date: February 26, 2007 at 22:30:30 Pacific
Subject: system volume

Reply: (edit)

I'd try rebooting in Safe Mode by pressing F8 just before the Windows logo appears and selecting "Safe Mode." Once you're in safe mode, run Ad-aware or your virus scanner and select "Clean" or "Fix" and see if it can purge the virus from the infected file. If that fails, try the "Remove" or "delete" option.
AMD Athlon 62 X2 5000+ OC
2 GB DDR2 4200 RAM
nVidia GeForce 7900GS 256 MB DDR3
400 GB 7200 RPM HDD
Windows Vista Ultimate Edition
22" LCD widescreen monitor
5 Mbps connection

Report Offensive Follow Up For Removal

Response Number 2

Name: jboy
Date: February 26, 2007 at 23:30:55 Pacific
Subject: system volume

Reply: (edit)

The term 'root file' refers to the lowest level of the directory tree - for example:
C:\
"not sure if they mean system or system32"
There's actually a folder called system volume information, but it's hidden and protected
You can try cleaning from Safe Mode, sure, but it may be more expedient just to disable System Restore which will remove all restore points (including the infected one) - then re enable if desired, and you're certain you're trojan free
I'm not one of those who think Bill Gates is the devil. I simply suspect that if Microsoft ever met up with the devil, it wouldn't need an interpreter.

Report Offensive Follow Up For Removal

Response Number 3

Name: ls_daniel
Date: March 2, 2007 at 07:20:08 Pacific
Subject: system volume

Reply: (edit)

What version of Ad-Aware do you run and what definitions file do you use?

Report Offensive Follow Up For Removal


System Volume Information Folder C:\System Volume Information\_resto virus in System Volume Information System Volume Information: virus Trojan in System Volume Information	Anti-virims System Alert Popup Critical System Errors! message System Alert Pop-Up Problem System was hijacked On disabling System restore in Xp

Keyboard virus É ?

Trojan issue

Use following form to reply to current message:

Name: From My Computing.Net Settings E-Mail: From My Computing.Net Settings Subject: system volume

Comments:

  Homepage URL (*): 
Homepage Title (*): 
         Image URL:

How often do you use Computing.Net?

Poll Finishes In 3 Days.
Discuss in The Lounge

Another Clueless In Need of Help

VM Win Server 2003 Admin password

Connecting Vista to an XP network

XP won't let me log in

Internet Cuts Out Every Few Minutes

All Posts Awaiting Replies