[Dshield] Virus in my restore point
pmarsh at nmefdn.org
Wed Dec 10 14:38:10 GMT 2003
Symantec has a nice little walk through
To completely remove all items in the systems restore point you'll need
to delete the _Restore folder in your root. Reboot the system and then
enable restore point to get a clean point back.
From: Keith Bergen [mailto:keith at keithbergen.com]
Sent: Wednesday, December 10, 2003 08:59 AM
To: list at dshield.org
Subject: [Dshield] Virus in my restore point
I have an annoying problem on my Win XP Pro box. One of the
files in one of the restore points is claimed to have a virus
in it. PC Cillin finds this virus each time, but cannot
remove it. Every day, PC Cillin reports that it is there, and
you have to hit okay.
The virus is Troj_Fyle.B, but never got installed on my
system. The executable, however, got into a restore point
before my scan could delete it. The Run key is not installed
in the registry either.
As you probably know, XP will automatically create these
restore points for you. I would like to find and remove that
restore point (thus removing the file). Does anybody know of
how to manage the restore points, and delete these restore
"Life is like an analogy"
list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:
More information about the list