Tom's Hardware > Forum > Windows XP > Configuration & Customize > Virus in System Volume info folder

Virus in System Volume info folder

Forum Windows XP : Configuration & Customize - Virus in System Volume info folder

Tom's Hardware: Over 1.4 million members in 6 different countries available to answer all your high-tech questions. Sign up now! Its free!
Ask the community Add a reply
Word :    Username :           
 
Anonymous   05-24-2004 at 04:22:23 AM

Archived from groups: microsoft.public.windowsxp.configuration_manage (More info?)

 

Hi

My AVG resident shield detected Netsky.D in the system volume info folder.
But the virus scanner couldn't find or delete it until I added the Local
Administrators group to the folder (Only SYSTEM had access before.) Question
is - what is the impact of what I've done? Are users excluded from this
folder just to keep them from fiddling, or is there a better reason?

Regards
Steve

Add a reply
Sponsored Links
Register or log in to remove.
Anonymous   05-24-2004 at 04:22:24 AM
- 0 +

Archived from groups: microsoft.public.windowsxp.configuration_manage (More info?)

 

System Volume Information is where the System Restore information is held.
It is likely the virus has corrupted the information stored in that
location. Whenever something such as this happens in that area, you need to
clear it entirely. The way to do this is to turn off System Restore, reboot
and turn it back on.

Open System in Control Panel, go to the System Restore tab, select "Turn off
System Restore on all drives," click apply, reboot the system and then turn
System Restore on. You then might want to make a manual restore point and
restore to it just to be sure System Restore is functioning as it should.
Start\All Programs\Accessories\System Tools\System Restore.

--
Michael Solomon MS-MVP
Windows Shell/User
Backup is a PC User's Best Friend
DTS-L.Org: http://www.dts-l.org/

"Steve W" <antispamsteveW@=No-Spam=.org> wrote in message
news:emh3KwQQEHA.3944@tk2msftngp13.phx.gbl...
> Hi
>
> My AVG resident shield detected Netsky.D in the system volume info folder.
> But the virus scanner couldn't find or delete it until I added the Local
> Administrators group to the folder (Only SYSTEM had access before.)
> Question
> is - what is the impact of what I've done? Are users excluded from this
> folder just to keep them from fiddling, or is there a better reason?
>
> Regards
> Steve
>
>

Reply to Anonymous
Anonymous   05-24-2004 at 04:22:24 AM
- 0 +

Archived from groups: microsoft.public.windowsxp.configuration_manage (More info?)

 

Steve W wrote:

> My AVG resident shield detected Netsky.D in the system volume info folder.
> But the virus scanner couldn't find or delete it until I added the Local
> Administrators group to the folder (Only SYSTEM had access before.) Question
> is - what is the impact of what I've done? Are users excluded from this
> folder just to keep them from fiddling, or is there a better reason?
>
System Restore made a copy of the virus as part of its system restore
points, but you corrupted the restore point chain by letting your AV
damage the SVI folder.

Turn SR off and back on and don't use your AV to clear SVI again.
Manually create a restore point then go to the cleanup tool
(cleanmgr.exe) to delete all but the last restore point.

--
Kent W. England, Microsoft MVP for Windows Security

Reply to Anonymous
Anonymous   05-24-2004 at 02:14:11 PM
- 0 +

Archived from groups: microsoft.public.windowsxp.configuration_manage (More info?)

 

>-----Original Message-----
>Hi
>
>My AVG resident shield detected Netsky.D in the system
volume info folder.
>But the virus scanner couldn't find or delete it until I
added the Local
>Administrators group to the folder (Only SYSTEM had
access before.) Question
>is - what is the impact of what I've done? Are users
excluded from this
>folder just to keep them from fiddling, or is there a
better reason?
>right click on my computer then go down to properties.
once that opens click the tab for system restore there
with me a box you can check that says turn system restore
off check it the click apply once that is finished uncheck
the box then click apply again. now it will not be in your
system restore folder

>Regards
>Steve
>
>
>.
>

Reply to Anonymous
Anonymous   05-25-2004 at 12:56:19 AM
- 0 +

Archived from groups: microsoft.public.windowsxp.configuration_manage (More info?)

 

Thanks for your help guys, I've done what you recommended.

Regards
Steve

"Steve W" <antispamsteveW@=No-Spam=.org> wrote in message
news:emh3KwQQEHA.3944@tk2msftngp13.phx.gbl...
> Hi
>
> My AVG resident shield detected Netsky.D in the system volume info folder.
> But the virus scanner couldn't find or delete it until I added the Local
> Administrators group to the folder (Only SYSTEM had access before.)
Question
> is - what is the impact of what I've done? Are users excluded from this
> folder just to keep them from fiddling, or is there a better reason?
>
> Regards
> Steve
>
>

Reply to Anonymous
Ask the community Add a reply
Tom's Hardware > Forum > Windows XP > Configuration & Customize > Virus in System Volume info folder
Go to:

There are 449 identified and unidentified users. To see the list of identified users, Click here.

Forum map
Bestofmedia Forum ©
2000-2009 Bestofmedia Group
Page generated in 0.463 seconds
Please mind

You are about to answer a thread that has been inactive for more than 6 months.
If you still wish to proceed, please ensure that your posting is original and does not duplicate or overlap any prior responses to this thread.

Add a reply Cancel
Sponsored links
  • Ask the community now
  • Publish
Ad
They won a badge
Join us in greeting them