I use AVG, Ewido, and Ad Aware to keep the bad stuff away. When I run these scans, do they go into system restore and clean those files out? Or do the bad guys hide in there? Can I do something to open up the gates of system restore so I can do a "real" scan? If so, how?
2007-03-13 19:32:38 · 5 answers · asked by Mid-Island- Marc 2 in Computers & Internet ➔ Security
IF YOU RECENTLY HAD A VIRUS INFECTION, CHANCES ARE SOME FILES IN SYSTEM RESTORE ARE STILL INFECTED.
(even if you think you've removed/cleaned them with an AV scan)
A virus or malware can be "locked" within System Restore files and can be released if you use that Restore Point.
Best thing is to turn off your System Restore (which deletes ALL of the files including those infected)
Start>Control Panel>System>System Restore (tab)>Turn Off System Restore (put a check)>Apply>OK
and then run an AV scan along with your other security scans (Ad-Aware, Spybot, etc.) and then establish a new Restore Point afterward (although Spybot does establish a Restore Point automatically at the end of it's process).
"Unfortunately, System Restore backs up the bad with the good, thus a problem occurs when malware is present on the system and gets included in this restore point. When users later scan their system with antivirus software, they may receive a message that a virus was found in either the _RESTORE (Windows ME) folder or the System Volume Information folder (Windows XP) but the antivirus software is unable to remove it."
http://antivirus.about.com/od/windowsbasics/a/systemrestore.htm
2007-03-13 19:54:29 · answer #1 · answered by GeneL 7 · 0⤊ 0⤋
They do scan in the System Volume Information Folder. You can see this folder (but will be denied access to it) if you navigate to Tools > Folder Options > View, and check "Show Hidden Files and Folders" in Windows Explorer.
By the way AVG/Ewido is a good program, but Ad-Aware has seriously fallen behind the leading edge in recent years. About all it's good for is getting rid of cookies. A much better scanner is SuperAntiSpyware.
http://www.superantispyware.com/
You can Google for reviews of it, or check out a hardcore security geek forum, like Wilder's. It comes highly recommended. On the other hand, I'm currently beta testing Ad-Aware 2007, and it looks a lot more promising.
If you're interested in testing the beta release:
http://www.lavasoftusa.com/support/securitycenter/beta_applications.php
Be aware, this is a beta so they make no guarantees that it won't hose your system. It's running smoothly on mine, but, of course, YMMV
2007-03-14 02:43:50 · answer #2 · answered by asyland 3 · 0⤊ 1⤋
I believe AVG scans the restore files.
2007-03-14 02:38:17 · answer #3 · answered by Noodle Head 2 · 0⤊ 1⤋
yes i belive they do but it is always better to do a complete scan of your computer in safe mode it gets rid of the spyware or viruses that hide elsewhere on the pc
2007-03-14 02:41:51 · answer #4 · answered by Anonymous · 0⤊ 0⤋
If you do a FULL SYSTEM SCAN then it scans it all. It also scans the Registry and other drives you use
2007-03-14 02:37:55 · answer #5 · answered by Anonymous · 0⤊ 1⤋