• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

System Volumn Information file?

I

Illegal_Ops

Guest
#1
Hi, i am using AVG anti virus program. Then suddenly it prompt that there is a virus WIN32\Hantaner virus in
C:\System Volume Information\restore{9754C57E-A396-4047-9FFA-DB896A1A6AC3}\RP401\A0014078.exe (see attached)

however when i run a anti virus scan, i could not find the virus, and also i can't find the folder as well. Why is it so? Please help, thanks
 
J

jroc

Guest
#2
What has happened...is you have restore active...and a virus that you had...has been stored in one of your restore options...so unless you delete that particular restore...or let AVP remove it...and and if you decide to restore..using that Date..then you will also be restoring that Virus......System Volume is where the restores are saved.
 
I

Illegal_Ops

Guest
#3
Cleanmgr.exe? I could not find it when i run it. Is it part of Win XP application, or is a extra application to download. I have already disable the system restore and restart it.
 

Shamus MacNoob

Moderator
Political User
#4
Why would your virus scanner allow a virus to be backed up is a question I would be asking myself, Turn off system restore, and flush the system volume information folders off all drives, empty the recycle bin, reboot , restart system restore, and make a new restore point. But if I were you I would find a virus scanner that was a little better, seems to me if you have a virus that means your virus scanner missed it, I have never ever had a virus land on my harddrives and that going back as far as windows 95, Sure I seen a virus trying to find a seat but it was intercepted as soon as the file was touched ..it was in kazza and as soon as the download started Nortons said naw we dont need this with a nice pop up in my face and there was no way for that file to even enter my computer let alone be stored << LOL too funny to reinfect me later ... so after all that said you need a virus scanner that scans on open, close, move, copy, paste, meaning a live scanner one that is working realtime ... I have not tried AVG<< but I would think it is a realtime scan ...if not find a better virus scanner ...
 

Shamus MacNoob

Moderator
Political User
#5
Originally posted by Illegal_Ops
Cleanmgr.exe? I could not find it when i run it. Is it part of Win XP application, or is a extra application to download. I have already disable the system restore and restart it.

When you right click on your c drive /properties / disc cleanup / the more options tab, remove old restore points is there ...but if the one your talking about is the only one you have ...do what I said and turn off the restore and delete the folders ...they will come back when you restart system restore ....
 

damnyank

I WILL NOT FORGET 911
#6
Perhaps a bit late for this problem today - but hopefully will provide for future reference. Keep in mind although this is referring to NAV - the Symantec Security Virus Scan referenced is free and will work as a second opinion to tell you if it was a false trigger or not.


Situation:
You have Norton AntiVirus (NAV) installed. When you scan the computer, NAV does not detect anything. However, when you run a virus scan from the Symantec Security Check Web site http://security.symantec.com/ssc/vc_about.asp?langid=ie&venid=sym&plfid=23&pkj=MMQNOOTGUSDJNRNJWDJ, a virus is detected in one of the following folders:
For Windows Me:
C:\_RESTORE
For Windows XP:
System Volume Information

Solution:
One of the new features of Windows Me and Windows XP is System Restore. This feature, which is enabled by default, is used by Windows to restore files on your computer in case they become damaged. Windows Me keeps the restore information in the _RESTORE folder. Windows XP stores this information in the System Volume Information folder. These folders are updated when the computer restarts.

If the computer was previously infected with a virus, then it is possible that the virus was backed up in the _RESTORE or System Volume Information folder. Files in the System Restore folder cannot infect the computer unless the computer is restored to an infected restore date. Because of this, NAV excludes the _RESTORE and System Volume Information folders from scanning by default.

NOTE: Even though the System Restore folders are excluded, your computer is still protected by Auto-Protect if for some reason the infected files are ever restored. If that should happen, Auto-Protect will automatically detect and repair the infected files.

The Symantec Security Check Web site virus scan does not exclude the System Restore folders. Because of this, the scan will detect any viruses in those folders. If that happens, then follow these steps to make sure that NAV is optimally configured and then scan again with NAV to make sure that no other files except files in the System Restore folder are infected.

1. Start NAV.
2. Run LiveUpdate and download the latest virus definitions.
3. Follow the steps in the document How to configure Norton AntiVirus to scan all files to make sure that the program is configured to scan all the files.
4. Run a full system scan.

If NAV does not detect anything, then you have the following options:

- Leave the computer as it is. The infected file or files will not infect the computer unless you restore the system to the date that includes the infected file or files. Even if you do restore the computer to the date that includes the infected file or files, then NAV Auto-Protect will detect and repair them during the restore process.
- Follow the steps in the document Cannot repair, quarantine, or delete a virus found in the _RESTORE or System volume information folder to disable System Restore, and restart the computer. This will purge the contents of the _RESTORE or System Volume Information folder.

NOTE: All Restore points will be lost when you disable System Restore.
 
R

RaWShadow

Guest
#10
You can take owner ship of the folders so you can access them and delete whatevers in em. You will need to disable simple file sharing first.
 

Members online

No members online now.

Latest posts

Latest profile posts

Perris Calderon wrote on Electronic Punk's profile.
Ep, glad to see you come back and tidy up...did want to ask a one day favor, I want to enhance my resume , was hoping you could make me administrator for a day, if so, take me right off since I won't be here to do anything, and don't know the slightest about the board, but it would be nice putting "served administrator osnn", if can do, THANKS

Been running around Quora lately, luv it there https://tinyurl.com/ycpxl
Electronic Punk wrote on Perris Calderon's profile.
All good still mate?
Hello, is there anybody in there? Just nod if you can hear me ...
Xie
What a long strange trip it's been. =)

Forum statistics

Threads
61,962
Messages
673,247
Members
89,017
Latest member
Seggar