AVAST has reported the exe’s listed below as Trojan infected, but when I upload the exe’s to VirusTotal for a check against 30 AV engines (including AVAST), not a single one reports an infection.
http://www.pbase.com/image/89526062.jpg
So is this a false positive, along with many posters that I see have reported a Trojan detection in their System Volume Information folder?
Cheers,
Jim
Indeed seems a false positive. The scanning with your avast and VirusTotal could differ (update versions, engine used).
If you can lost your restore points, I suggest you disable System Restore and reenable it again after.
send the files to virus[at]avast[dot]com in a password protected archive and describe them shortly (you can attach the virtotal results e.g.)… the FP will be fixed then immediately… thx
Done, as requested. Thanks for your proactive response…appreciate your interest.
Cheers,
Jim
I should also mention my surprise in the number of restore files checked by AVAST in this “hidden” folder…Total files: 16476 by AVAST’s count.
I don’t think most users need more than a dozen restore points. Is there any software available that can manage these restore points in a user friendly interface?
Thanks again,
Jim
oki… wait for the VPS update… we’ll check (and fix) the detection…
The System Restore, System Volume Information can grow to huge proportions unless you keep it under control. Since it is a protected area I don’t believe there will be a huge amount of tools to manage it.
You can however reduce the default size, System Properties, System restore, Settings, by default it takes a percentage of the partition/drive. If you have a large partition/drive that figure can be very large and you can reduce that.
You could also periodically set a new restore point (ensure you are clean first) and then clear all but the new most recent restore point.
Create Clean Restore Point - Clear old Restore Points.
Ensure you are clear of infection create a clean System Restore point:
You now have a clean restore point, you should clear the old ones:
DavidR…Thanks for being there!!!
Very elegant solution, which should be in every WinXP user’s toolbox. My SysVolInfo folder went from 10.2GB → 54.9MB. Awesome!! Report is listed below. I didn’t know that the system restore was such a hog, and further I didn’t know that it could be cleaned as you so correctly stepped through it. Amazing. Learn something every day. Thanks again DavidR!!!
I’ll make a point of saving your procedure (I’ve gotten to the point that I have a short term memory :-), and revisit it in the future. Really impressed, DavidR!
Cheers Buddy,
Jim
B E F O R E…
Infected files: 0
Total files: 16476
Total folders: 355
Total size: 10.2 GB
A F T E R …
Infected files: 0
Total files: 30
Total folders: 6
Total size: 54.9 MB
No problem, glad I could help.
Not only does this save you disk space, it will also have a large effect in the avast scan duration. Just make sure you periodically check on how big it is getting and nip it in the bud if it gets too unwieldy.
Welcome to the forums.
Just a short word to confirm that the AVAST virus database fingerprint was changed recently, and the false positives that resided in the System Volume Information (SVI) folder I posted above, no longer test positive.
Again thanks for saving me a bunch of headaches trying to get access to the SVI folder, and probably mucking things up worse. And again I thank DavidR for teaching me how to clean up the SVI in an elegant way that precludes me from mucking up the folder. Personally I think that this important cleanup method ought to be posted more frequently, since I’ll bet not amny people really know the size of their SVI folder. Again, my SysVolInfo folder went from 10.2GB → 54.9MB
Cheers, & G’day
Jim
Thanks for the follow-up info.