Virus in my System Volume Information Directory

Discussion in 'Windows Desktop Systems' started by incubuzz, May 28, 2002.

  1. incubuzz

    incubuzz Guest

    I have a IRC-Sdbot virus in my system volume information directory. Getting rid of the virus should normally not be a problem. However i am not able to do anything with my c:\system volume information directory since i get an "Acces Denied" message everytime.

    Even went to the Mcafee site to see what they are saying, and the only extra advise is turning of System Restore. Well knew that wouldn't work, but tried it anyway and guess what... it didn't work. They gave also hints on how to find out that the virus is active. Checked the registry and everything and all their suggestions did not give any result.

    So here i am with a virus on my computer and not able to remove it.

    Is there anybody that can help me out.


  2. incubuzz

    incubuzz Guest

    Trying restore...

    Well since i disabled system restore all system restore points are erased.

    This is the advise of Mcafee! Which sucks since the idea of using system restore is not bad at all, but cannot be tried.

    I think though that the System Volume Information is not altered when using restore.

    I will try norton though, and see what happens there...

    I have my doubts since mcafee can also quarentine files but since it cannot access the files in the first place, the quarentine doens't work.

    Thank you though,

  3. Hipster Doofus

    Hipster Doofus Good grief Charlie Brown

    Melbourne Australia
    What about starting in safe mode using a command prompt & trying to get to the folder that way? If you can you might be able to delete it using the del command.
  4. Geffy

    Geffy Moderator Folding Team

    United Kingdom
    try logging in under the actual Administrator Account, then turn off System Restore, then Open My Computer, right click on your C Drive, click properties, then click the Disk Cleanup button, let it scan then click the More Options tab, then under System Restore (at the bottom of the Window) click Cleanup, this will remove all but your last restore point, but if you have turned off sys restore, then it should in theory delete all of the restore points.
  5. incubuzz

    incubuzz Guest

    that will do...

    The system volume information folder is empty and when scanning my c: drive nothing showed up, so i am guessing it is solved.

    thank you all..