[bella]

Updated with chapter 3:

Infection of System volume restore files by a Trojan.

Spyware writers are getting more inventive. Some infections attach themselves to you system restore files and Windows will not let an anti-virus program delete one of those files.

Remedy:

1. Switch off your system restore. Windows will tell you that you will lose all your system restore points. Click ¨yes¨. This will delete all the system volume restore files and get rid of the virus. Those deleted files will be put in the recycle bin and still mean a threat. We will have to get rid of all the files in the
recycle bin as well. Not only that, even after emptying the recycle bin, the files will still be there. You can use the search function to look for ¨recycler¨ files.

These files can only be wiped with a special software or the following method:

Start > run > type cmd> enter > this will bring you in the DOS window.

Go to Start > Run type cmd then hit Enter

Type the following at the command prompt:

Type:

rd /s /q c:\recycler (make sure you include the spaces after rd, s, and q,

Hit Enter.

That will remove the recycler files

Attention:

If you have more than one drive and you have to remove recycle files from another drive, make sure you change to the right directory and also change the path.

E.g. Delete the recycler folder of drive D: rd /s /q / D:\recycler

Right click your Desktop > Text document.

Dragg it to it to the Recycle Bin on your desktop.

Run an online anti-virus like Kaspersky, Panda or F-Secure.

Run AVG anti-spyware in safe mode.

Switch on system restore and set a new restore point.