Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.



  • Please log in to reply
1 reply to this topic

#1 Julie Dance

Julie Dance

  • Members
  • 1 posts
  • Local time:01:30 PM

Posted 26 March 2009 - 06:33 AM

I have a full version of Avast home edition which I paid for. I've done a full system scan recently and it has picked up on the following files as trojans, which it has moved to the chest, what I need to know is whether my computer is now safe or could these trojans still be affecting it and/or getting any personal information from my computer? The system isn't running particularly slow and I don't get random pop-ups when i am in my web browser, which is mozilla firefox.

C:\Documents and Settings\Jules\Local Settings\Temporary Internet Files\Content.IE5\QNIX3N68
C:\System Volume Information\_restore{D5F7A20F-1294-41E9-A947-A77075103E2E}\RP74
C:\Documents and Settings\HP_Owner\Local Settings\Temporary Internet Files\Content.IE5\2M1P0ZJ4
C:\Program Files\EasyBits\KidsReady

Also my subscription is up in a couple of months and I wanted to know what the best anti-spyware, malware, trojan software is do you have any suggestions?

BC AdBot (Login to Remove)


#2 quietman7


    Bleepin' Janitor

  • Global Moderator
  • 51,762 posts
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:30 AM

Posted 26 March 2009 - 12:44 PM

When an anti-virus or security program quarantines a file by moving it into a virus vault (chest), that file is essentially disabled and prevented from causing any harm to your system. The quarantined file is safely held there and no longer a threat until you take action to delete it. One reason for doing this is to prevent deletion of a crucial file that may have been flagged as a "false positive". If that is the case, then you can restore the file and add it to the exclusion or ignore list. Doing this also allows you to view and investigate the files while keeping them from harming your computer. Quarantine is just an added safety measure. When the quarantined file is known to be malicious, you can delete it at any time.

The detected _restore{GUID}\RP***\A00*****.xxx file(s) identified by your scan are in the System Volume Information Folder (SVI) which is a part of System Restore. The *** after RP represents a sequential number automatically assigned by the operating system. The ***** after A00 represents a sequential number where the original file was backed up and renamed except for its extension. To learn more about this, refer to:System Restore is the feature that protects your computer by creating backups (snapshots saved as restore points) of vital system configurations and files. These restore points can be used to "roll back" your computer to a clean working state in the event of a problem. This makes it possible to undo harmful changes to your system configurations including registry modifications made by software or malware by reverting the operating systems configuration to an earlier date. The SVI folder is protected by permissions that only allow the system to have access and is hidden by default on the root of every drive, partition or volume including most external drives, and some USB flash drives.

System Restore is enabled by default and will back up the good as well as malicious files, so when malware is present on the system it gets included in restore points as an A00***** file. When you scan your system with anti-virus or anti-malware tools, you may receive an alert that a malicious file was detected in the SVI folder (System Restore points) and moved into quarantine.

If your anti-virus or anti-malware tool cannot move the files to quarantine, they sometimes can reinfect your system if you accidentally use an old restore point. In order to avoid reinfection and remove these file(s) if your security tools cannot remove them, the easiest thing to do is Create a New Restore Point to enable your computer to "roll-back" to a clean working state and use Disk Cleanup to remove all but the most recent restore point. Vista Users can refer to these links: Create a New Restore Point and Disk Cleanup.

If your anti-virus or anti-malware tool was able to move the file(s), I still recommend creating a new restore point and using disk cleanup as the last step after removing malware from an infected computer.

Also my subscription is up in a couple of months and I wanted to know what the best anti-spyware, malware, trojan software is do you have any suggestions?

BC's Freeware Replacements For Common Commercial Apps
BC's List of Virus & Malware Resources
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users