Re: Possible netsky virus

From: Bruce Chambers (bruce_a_chambers_at_h0tmail.com)
Date: 11/16/04

• Next message: Doug Knox MS-MVP: "Re: System Restrictions in Office 2003"
• Previous message: SteveA: "RE: System Restrictions in Office 2003"
• In reply to: weowie: "Possible netsky virus"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Mon, 15 Nov 2004 19:40:19 -0700

    The System Volume Information is the hidden, protected operating
system folder in which WinXP's System Restore feature stores
information used to recover from errors. It's really not a good idea
for you, or an antivirus application, to directly access the contents
of that folder, unless you expect to have no future use for the
restore points, in which case it would be simpler just to turn off the
System Restore feature.

    To clear viruses or other malware from the "System Volume
Information," simply turn off the System Restore feature (Start > All
Programs > Accessories > System Tools > System Restore, System Restore
Settings), reboot, then re-enable System Restore, and reboot one last
time. This will delete all of your Restore Points, including the
corrupted one(s), and allow you start with a clean slate.

-- 
Bruce Chambers
Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html
You can have peace. Or you can have freedom. Don't ever count on 
having both at once. - RAH
"weowie" <weowie@discussions.microsoft.com> wrote in message 
news:6E3A3221-3366-4CD6-A11A-56F1A0FA4C1A@microsoft.com...
> AVG anti-virus reports a Netsky virus in the following file:
> C:System Volume
> Information\-restore{469FFB16-41B1-B996-984B86C8FB66}\RP210\A0043978.scr
>
> Manually running AVG fails to find any viruses.
>
> All my efforts at locating this file fail with Windows Explorer 
> saying"
> System Volume Information is not accessible
> Access is denied.
>
> Does anyone know how to access this file and possibly delete it?
>
> 

---

• Next message: Doug Knox MS-MVP: "Re: System Restrictions in Office 2003"
• Previous message: SteveA: "RE: System Restrictions in Office 2003"
• In reply to: weowie: "Possible netsky virus"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: win32 worm ... system folder in which WinXP's System Restore feature stores ... Settings), reboot, then re-enable System Restore, and reboot one last ... (microsoft.public.security.virus) Re: System Volume Information ... system folder in which WinXP's System Restore feature stores ... Settings), reboot, then re-enable System Restore, and reboot one last ... (microsoft.public.windowsxp.general) Kudos for System Restore ... >Just for a change of pace: kudos to the developers for ... the System Restore feature. ... (microsoft.public.windowsxp.general) Re: Trojan: in C:System Volume Information ... system folder in which WinXP's System Restore feature stores ... > Is this an AVG Resident Shield ERROR? ... (microsoft.public.security.virus) Re: System Volume Information ... system folder in which WinXP's System Restore feature stores ... System Tools> System Restore, System Restore Settings), reboot, then ... (microsoft.public.windowsxp.general)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(17)