Jump to content



  • Please log in to reply
2 replies to this topic

#1 Kahai


    New Member

  • Members
  • Pip
  • 11 posts

Posted 31 January 2010 - 08:52 PM

Hi, I am not sure if this is a false positive or not, but I've run a full scan and found one infection entitled Malware.Packer.Gen as

C:\System Volume Information\_restore{FDD9614E-CF40-43E1-9C20-263B0BDC362F}\RP167\A0064576.DLL

On inspection, this file was last created and modified back in 2003! The year of the computer's purchase.

I would like to make sure that it is in fact a malicious file before I go deleting it.

#2 nosirrah


    Forum Deity

  • Administrators
  • PipPipPipPipPipPip
  • 5,452 posts
  • Gender:Male
  • Location:Northampton, MA USA

Posted 31 January 2010 - 09:09 PM

That is a file backed up in system restore and if you are not seeing a matching file detected in your system it is almost certainly a very old backup of malicious software .

Remember system restore backs up ALL executable files , not just the clean ones .

You can have MBAM delete it or flush system restore , wither option will handle this .

You can also ignore it as where it is located is not accessible and unless you plan on running system restore all the way back to 2003 it wont ever effect anything .
Bruce Harrison
Vice President of Research

Posted Image

Follow us: Twitter, Become a fan: Facebook

#3 Kahai


    New Member

  • Members
  • Pip
  • 11 posts

Posted 31 January 2010 - 09:13 PM

I like the idea of flushing my System Restore folder although I don't really know how.

I've heard that the folder is essential for the stable running of windows, so I don't want to delete anything hastily and removing something I shouldn't.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users