PDA

View Full Version : FAQ #19 - How do I get rid of a virus in the Restore Directory?



-FAQ-
24-08-2004, 05:56 PM
FAQ #19 - How do I get rid of a virus in the Restore Directory?

Originally written by Susan B from replies by Pheonix and Godfather


Typical Questions:

Example One:
I have Windows ME and use AVG anti-virus (free edition). My problem is that AVG has detected a virus but it can't remove it. The actual file name that AVG has given me for this virus is c:\_Restore\Temp\F3EZSETP.O


Example Two:
A virus scan on my Windows XP operating system PC found several viruses and trojan-type of viruses in the C:\_Restore system folder. The virus checker was unable to delete or quarantine the infected files as they appear to be in use. I did not experience any obvious problems with my PC. Could you please tell me what would be the best thing to do in this situation?


Solution:
The message is telling you that a copy of the virus still remains in the System Restore points in Windows ME or Windows XP.

AVG is not able to remove it from this location and you will need to turn your system restore off, restart your computer and turn system restore back on.


Explanation:
The virus is "locked up" by windows in a restore file. Unless you or Windows has a problem and decides to use a restore point then it is in a benign state. If the restore is used, then you get the virus active. By turning off the restore you delete those restore points, along with the virus. This will purge all data from the system restore folder, including the "backed up" copies of the trojans and viruses. While you lose the system restore points (that never work well in Windows ME anyway) you would not want to restore a virus laden copy.

After rebooting you can then re-enable system restore.


How to disable and re-enable system restore:
For instructions on how to disable and re-enable system restore have a look here (http://www.xtra.co.nz/help/0,,6156-1366428,00.html).

Basically, to disable/enable Windows Me System Restore:

1. Click Start - Settings - Control Panel.
2. Double-click the System icon.
Note: If the System icon is not visible, click "View all Control Panel options" to display it.
3. On the Performance tab click File System.
4. Click the Troubleshooting tab and tick the box "Disable System Restore".
5. Click OK.

Turn restore back on by using the above procedure, but UNtick the box.

If your computer is still slow afterwards let us know and you will be given more help.


More Information

See the following pages at AVG for more information:

FAQ 55: Description for disabling restore function for Windows ME (http://www.grisoft.com/faq/us_faqtext.php?id=55&sid=25)

FAQ 56: Description for disabling restore function for Windows XP (http://www.grisoft.com/faq/us_faqtext.php?id=56&sid=25)