System Restore point has virus!!!

Discussion in 'Windows Desktop Systems' started by Dimoe, Mar 28, 2003.

  1. Dimoe

    Dimoe Guest

    Help, I am gettin a msg every time I open my comp that there is a virus in "C:\System Restore...." from my anti-virus.

    When I scan my HD for viruses, it comes up perfectly clean. The folder "System restore...and a bunch of other letters" doesn't even exist!!!

    How can I clean or delete this restore point with an infected virus???

    BTW: The virus happens to be sumthing like "WinHanter...." I can't seem to get it to pop while I am logging on. It only pops up occasionally.
     
  2. yoyo

    yoyo _________________

    Messages:
    1,557
    Looks like System Restore has backed up a virus. Only way to get rid of it is to delete all restore points. Antivirus programs cannot access the system restore folder. Btw your virus warning probably says there is a virus in C:\System Volume Information\Restore\RP(any number) and not C:\System Restore..., right? System Volume Information is a hidden folder and you have to take special steps to gain access, depending on filesystem and XP version.
    Easiest way to delete all restore points and the virus is to disable System Restore on all drives (Windows key + pause > System Restore), reboot and then reenable System Restore again.


    For some more information you may also read this http://www.ntfs.org/forum/showthread.php?s=&threadid=31174
    especially damnyank's post towards the end of the thread.
     
  3. damnyank

    damnyank I WILL NOT FORGET 911

    Messages:
    2,359
    Location:
    Petal, Mississippi
    yoyo - just got home from bowling and did my usual quick search of the forum and spotted this thread - thought to myself - I'll have to search for that post I made on this area - dang ya beat me to it - let's hope it helps!:D
     
  4. jdn

    jdn I'm trying

    Messages:
    110
    Location:
    Victoria, B.C. CANADA
    I have used AVG antivirus to repair viruses in the system restore volumne. www.grisoft.com