How to clean infections found in System Volume Information

The System Volume Information folder is a hard drive zone created by the Operating System and used by Windows to store critical information related to the system configuration. Sometimes, malware can change the system configuration (infected operating system files) and consequently, the System Volume Information will be tricked into storing infected files. To find the System Volume Information folder open your C:\\ drive with Windows Explorer.

The System Volume Information folder is protected against being used by regular applications and only the operating system has access to it. Therefore, although capable of detecting any infected files stored in this folder, Bitdefender cannot take any action for their removal because this is a protected area.

In order to remove the infected file or files in the System Volume Information folder you must disable and re-enable the System Restore feature.  The System Volume Information folder contains restore points, that is information based on which the system can be restored to its previous state. In case of infection, once the System Restore feature is disabled, the old restore points are removed and consequently the infected files are removed as well. It is highly recommended to re-enable this feature so that new restore points are created for future use.

For Windows XP:
- Right click on My Computer > choose Properties > Select the System Restore tab, and then click to select the Turn off System Restore (for all drives) check box;
- Click "OK", and then click "Yes" to initiate the restore point deletion;
- To turn on System Restore again after the restore point deletion has completed, repeat these steps, but click to clear the "Turn off System Restore" (for all drives) check box.

Or you can follow the steps from this Microsoft KB article to delete all the restore points except the most recent one:

For Windows Vista:
- Right click on Computer > choose Properties
- Choose System Protection and remove the checkmarks from "Available Disks", then click Apply
- To turn on System Restore again after the restore point deletion has completed, Windows Vista users will reach the System Protection area, place checkmarks in the boxes from "Available Disks" and then click "Apply"

Or you can follow the steps from this Microsoft KB article to delete all the restore points except the most recent one.

For Windows 7:
- Open System by clicking the Start button, right-clicking Computer, and then clicking Properties.
- In the left pane, click System protection.  If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
- Under Protection Settings, click Configure
- Under Disk Space Usage, click Delete
- Click Continue, and then click OK.

You can also check this Microsoft KB article to learn how to delete all system restore points or all but most recent one.


Important: if you choose to delete all system restore points we strongly recommend you to manually create a new one. How to create a restore point:

- for Windows XP: http://support.microsoft.com/kb/948247

- for Windows Vista: http://windows.microsoft.com/en-XM/windows-vista/System-Restore-frequently-asked-questions > then click to expand “How do I create a restore point manually?”

- for Windows 7: http://windows.microsoft.com/is-IS/windows7/Create-a-restore-point

   If you need further assistance please contact Customer Care.
 


Rate this article:

Submit