Re: Virus in system restore

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

Have you deleted the original email. If you haven't deleted it's contents
then you may find that your virus checker can only see the infected items
but not delete them.

--
Remove 'nospam' from the address to email me
"Eric Baines" <EricBaines@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:5DF74916-07F2-4170-9495-1607E74C7979@xxxxxxxxxxxxxxxx
How do I remove a file infected by a virus from within the system restore
directory?

I recieved an email the other day that was a .zip file. I downloaded it to
my PC and virus scanned it using Sophos. It said that it had scanned 3
items
and they were OK. So I unzipped the file. It unzipped 5 files and
immediately
told me that one of the files was a .exe that was infected with a virus. I
immediately deleted all the files, without running any of them and cleared
my
wastebasket. It can't have been on my disk for more than a minute. I
thought
I had sorted the problem.

The next day, the scheduled disk scan kicked in, and said I had a copy of
this virus in the directory that stores my restore points. I tried to go
to
the directory, but even though I am an administrator on that PC, it
wouldn't
let me go into the directory.

I was unsure what to do, but was determined to get rid of this thing.
Therefore, I switched off system restore, so it deleted all the files in
the
directory. I scanned the directory and it said it was OK. I then switched
system restore back on, and when it had done that, I scanned the whole
disk,
and it said I was OK.

But system restore is there for precisely this sort of situation - where
your PC is damaged and you want to go back to an undamaged state.

What should I have done, that would have got rid of this file, without
getting rid of all my restore points?

Cheers

Eric


.

Relevant Pages

  • Re: bugbear.worm
    ... > I have a virus program "Vet" ... > I need to know haow to get rid of this ... infected files are being found in your 'System Restore' ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Virus in system restore
    ... It unzipped 5 files and immediately told me that one of the files was a .exe that was infected with a virus. ... The next day, the scheduled disk scan kicked in, and said I had a copy of this virus in the directory that stores my restore points. ... I then switched system restore back on, and when it had done that, I scanned the whole disk, and it said I was OK. ... What should I have done, that would have got rid of this file, without getting rid of all my restore points? ...
    (microsoft.public.windowsxp.general)
  • Re: Pixelsrvr.exe wont load on bootup
    ... Sounds like you got yourself a virus,. ... Adds the following line to the [windows] section of the Win.ini file: ... antivirus products, including the Symantec AntiVirus and Norton AntiVirus ... Disabling System Restore ...
    (microsoft.public.windowsxp.video)
  • Re: Is anyone experience like this? How did you removed this threat?
    ... | i'm not sure if these is the right place to post virus problems, ... | infected by backdoor these time on volume C. system restore. ... FireWall to allow it to download the needed AV vendor related files. ... This will bring up the initial menu of choices and should be executed in Normal Mode. ...
    (microsoft.public.windowsxp.general)
  • Re: virus problem
    ... > prompts me to this virus but cannot delete it. ... *not* contained only in System Restore points. ... Mode with TrendMicro's Sysclean: ... Create a new folder on your Desktop or the C: ...
    (microsoft.public.windowsxp.security_admin)