Tom's Guide | Tom's Hardware | Tom's Games
 |
 |
 |
During a virus scan it found an infected file and I hit the wrong key and deleted it.
The file was:
C:\System Volume Information\_restore{54024A50-BB33-4CDE-9B8C-F88E510D9C9B}\RP458\A0120945.exe
Is this going to cause me problems, and if so, is there any way to fix it?
Thanks for any help.
JimmyG
That's part of System Restore, most likely not. I always disable System Restore on all my PC's and my clients' PC's.
0 
I'll admit when I saw the _restore I thought that's what it might be and breathed a little easier.
Thanks a lot
JimmyG
0
I would recommend that you disable system restore. Then do a virus scan of your system. Remove anything it finds. Then re-enable system restore.
-Ryan Adams
Free Computer Tips and more:http://RyanTAdams.comPaid Tech Support: Black Diamond
0
OTH - I'd take a shot in the dark - new business (potential revenues) by depriving clients of the ability to perform system restore on their own machine.
i_Xp/VistaUser
0
You didn't do any harm.
The anti-virus program (or whatever anti-malware program) cannot actually delete the malware found in a System Restore restore point, which is what that reference points to - it can only find malware in it.
If you run the scan again using the same settings, you will see it's still there.System Restore stores all the restore points in one chain of data. You can't delete any of the individual restore points - "links" - in the chain. You can only get rid of malware found in the restore points by turning off System Restore, which deletes the whole chain of restore points.
Many programs, and people who offer advice, tell you to turn off System Restore when you are removing malware.
I have come across info that says Microsoft experts and other experts now recommend you DO NOT turn off System Restore until AFTER you have removed malware and you are sure your system is working okay again.
Their reasoning is:
- you cannot be infected or re-infected by any malware found in restore points, unless you deliberately load an infected restore point yourself. Malware is essentially inert if it's in a restore point. If that's the only place malware is found, it can't do your system any harm, unless you load the infected restore point.
- some anti-malware software has had bugs in it in the past and it has deleted things it should not have - e.g. Spybot (many times), AdAware. Sometimes you cannot fix the problems caused by what the anti-malware software did wrong without re-loading Windows, unless you have NOT disabled System Restore and you have a previous restore point you can load. Even if you do have infected restore points, there are often other older un-infected restore points you can load.If you want to turn off System Restore AFTER you have removed malware and you are sure your system is working okay again, to remove any infected restore points, if you have any, that's fine.
0
XpUser,
You crack me up! LMAO!
Tubesandwire,
I agree with what you have reported with this exception....in most cases of a bad infiltration of viruses/malware/spyware in a system I have found that system restore is too corrupted to work properly or will not work at all.In that case it is (Imho) best to go ahead and turn off system restore to purge the non-removable infections and save time in the long run in determining that the files are indeed hidden(protected) within system restore and have to turn it off anyway. This keeps the anti-virus program from continuing to report the offensive files.
I always turn SR off anyway and then turn it back on when everything is properly working. This allows that the computer has atleast a clean starting place for the future!
It is the disadvantaged who habitually elect Democrats on the belief of personal change---
yet they remain disadvantaged.
0
"in most cases of a bad infiltration of viruses/malware/spyware in a system I have found that system restore is too corrupted to work properly or will not work at all."
I haven't found that to be the case at all. However, you often can't successfully load some of the system restore points for other reasons, especially older ones, even when you do not have malware, which you may mistake for a restore point being corrupted.
"I always turn SR off anyway and then turn it back on when everything is properly working."
As those experts have pointed out, that can get you into trouble sometimes if the anti-malware software has bugs.
System Restore certainly is not without flaws. It can't restore files that have been deleted. It would be a much better situation if the the restore points were not chained together and you could delete individual contaminated restore points.
But it's there, and you might as well give it a shot.
0
I have found System Restore to be about as useful as a Condom with Holes. It does not and cannot Restore "The System", only a few selected System Files.
A full registry Backup utility is available FREE--ERUNT-.
HDD cloning is a much better choice for Restoring an infected system, when accompanied by incremental Backups. What's the sense of messing with BUGGY AV tools and corrupted Restore points, when in just a few minutes the System Can be Restored From an Iso Image and Backups.
There is nothing to learn from someone who already agrees with you.
0
I couldn't agree more with getting rid of system restore. It does not work properly and Dumbob has hit it right on the head. I too disable system restore on all computers I service. A full disk image incremented properly is a much better way to go. It works flawlessly and you do not have to put up with the frustration of trying to get SR to work properly for you. I know there is going to be a lot of people that would disagree but I have done it this way for years and has worked flawlessly. I tried SR many times and have yet to get it to work properly.
jimmygyuma If you continue to use SR it is not a bad idea to delete the existing restore points periodically. This should only be done when you know the system is working properly. You can make new restore points if you choose but the system will do that for you as well.
0
OtherHill, most of our clients are on domains, their profiles reside on the server which is backed up incrementally. Home users, I clone the hard drive from a clean install and back up data to a DVD-R or 2(which is typically enough for most people I've ever serviced a PC for). And yes, System Restore does not solve issues 75% of the time and is a haven for viruses/malware in general.
0
Most of the people who ask for help on this site didn't make any kind of backup, and the vast majority of the ones who have brand name software installations didn't bother to make a Recovery Disk or a Recovery Disk set.
If all they've got is System Restore restore points, it does no harm to leave System Restore enabled until after the malware has been removed otherwise.
"System Restore.......is a haven for viruses/malware in general."
See the latter part of response 6.
0
tubesandwires
I went into Help and Support (which is usually anything but) and read up on System Restore, and in an article titled Understanding System Restore it says in this situation to turn it off and turn it back on. I have done that.
My computer is working fine, except for a couple of preexisting problems. I may throw those at you when I get some time.
Thanks everybody.
JimmyG
0  |
 |
 |
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |
