Computer Support Forum

I deleted system volume information

Question: I deleted system volume information

I used baku 2 weeks ago and deleted my sytem volume information. Win xp and now no restore,no help,no run etc. Still online and still lost ????

Relevance 100%
Preferred Solution: I deleted system volume information

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: I deleted system volume information

I'm not understanding your problem very well as your post is somewhat brief and hard to comprehend.

1. I'm assuming by "baku" you mean backup? Please confirm.

2. When you say you deleted your system volume information do you mean the actual folder itself, or the contents of the folder?

3. When you say "no restore" do you mean you can not now set a restore point?

Any further details you can give as to what you did and what you are trying to do would be helpful.

12 more replies
Relevance 90.2%

Hey guys:

I'm an idiot!!! Last night I deleted my System Volume Information folder off of a Raid-0 set of hard drives. As I mentioned, this raid set is not drive with my XP on it. This is just a drive for storage of pictures, video, and other programs I prefer not to have on my C:\. I did take go as far as to turn off System Restore before deleting it. Now when I boot up I cannot access the drive at all. It tells me that "The drive is not formatted. Do I want to format it now?."

I don't want to do that and I am wondering if there is a way to create a new System Volume Information folder so I can access the drive again???

Thanks

Answer:Deleted System Volume Information Folder on a Non-Operating system drive???

I think you are connecting the dots...where there is no connection.

Deleting a system volume folder...isn't possible by me, even when system restore is not used (I always disable SR immediately after a clean install). Even though the folders are empty and I don't have SR employed, the system won't allow me to delete these empty folders.

I believe that the problem is your RAID setup...perhaps you ought to try to repair it.

Louis

2 more replies
Relevance 88.56%

Honestly don't know y I deleted it but, I was cleaning files from my drives while in Linux and I deleted the system volume folder from one of my hdds and now all my data is inaccessible. Haven't touched the drive since, would like a surefire way to get it back. Here is my set up64gb ssd Windows 7
1tb hdd internal (deleted system volume folder)
1tb external hdd 50gb Linux partition 950gb ntfs partition
Thanks in advance

Answer:recover deleted system volume information on external drive

Have you had a look at the current version of the HIRENS boot CD. this has lots of free recovery tools on it. I have used it a few times for exactly the purpose you need it for...

Go here: Download Hiren

And scroll down about 3/4 of the way and you will a download link.

hth
Tanya

2 more replies
Relevance 80.36%

Hi. I'm trying to get rid of files and this one is the main one that I have found so far that is getting stuck and not being deleted. It says that "change.log" is being used by other users.

Occasionally as well a chinese website pops up for some reason.

Thanks

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:33:25, on 17/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton PC Checkup\executables\mrHealthy\MrHealthy.exe
C:\Program Files\NDAS\System\ndassvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Common Files\S... Read more

More replies
Relevance 69.29%

I am using Windows XP Pro and recently created a restore point in my System Restore program. This was over a month ago, and I no longer need that restore point. When I defrag with either Diskeeper or Norton Speedisk, I get a report on a good number of defragmented/defragmentable files, most of which are in the Restore folder in my System Volume Information folder. I was able to access my System Volume folder and found the offending file but hesitate to delete that file unless I can be assured that I can do so safely.

Would a simple delete be okay?

Attached is a screenshot of the folder in my Systems Information folder.
 

Answer:Safe to a Delete System Restore Folder from System Volume Information?

7 more replies
Relevance 69.29%

Hey, everyone!

Looking for some advice on getting my GB back, if possible.
I hope I'm posting in the right area.

The other day I had to do a System Restore on my Compaq (Windows XP) so far everything is working fine now. Though, I noticed my computer was running slower than usual. I checked my overall GB usage and found that it had dropped 20GB since the System Restore. My computer is currently 140GB in total and right now only 50% of it is left, making my computer run...not so quickly.

I used TreeSize and found that the missing 20GB was being used in "System Volume Information". I don't mean to sound like a newbie, but what exactly could be suddenly taking up 20GB of my space since the system restore? Is it possible for me to get it back without harming my computer? How do I go about doing that?

Someone mentioned that I should make sure it wasn't trojan/virus related, so I've run anti-virus, anti-malware, PC tuneups, etc. Everything is clean. Any advice?

Thanks so much!

EDIT: Okay well, after searching deeper into the "System Volume Information" I see that all the used GB is coming from a folder inside called "_restore{" and there must be 70+ different files inside, I'm guessing these are system restore points? Most of them are less than 1GB (though there are so many it apparently adds up) but one of them is a whopping 13.3GB by itself. What can I do about all these?

 

Answer:Help! Missing 20GB after System Restore, found in System Volume Information -- Why?

7 more replies
Relevance 68.88%

I had trouble defragging {dbcbca6a-9a27-11df-94f4-028037000300}{3808876b-c176-4e48-b7ae-04046e6cc752} in C:\System Volume Information using defragler. It is more than 2GB large. Is it normal for one system restore to be that large? Norton and MBAM says the my system is clean. Only 31.1 GB total used. Abou 250 GB (I think) total hard drive space

Also the tracking folder is showing weird characters:
?Cf????? ?O?8m   windellstudio15 NW?Dc`A??$??{?? =?e? ? ? ????  ?             ... Read more

Answer:ONE System File in System Volume Information more than 3GB large. Can't Defrag

Defragging does not reduce file size, it only moves files to improve speeds.

Do a disk cleanup maybe its system error storage, or something the operating system stores
Unless it is a virus that is hogging your hard drive space (Inwhich case I would do a scan with Malwarebytes anti malware from malwarebytes.org)
It could be a crucial file, but I would think it would be a bit smaller.

your hard drive has enough space to make that 3 GB look like megabytes....

Keep your eye on that file. If it continually gets bigger, chances are, it could be a virus.

7 more replies
Relevance 68.47%

hIYA FOLKS,MY FIRST POSTING - WELL HERE GOES,I HAVE A PROBLEM WITH A FOLDER OF THE ABOVE,(C:\RECYCLER-SYS VOL INFO)..I DELETED THE FOLDER BY MISTAKE,THE THING IS THAT 'TREND ANTI VIRUS' IS STATING THERE IS A SUSPICIOUS FILE THERE,SO HOW DO I GET THE FOLDER BACK IN C:/ KNOWING THAT THE FOLDER STILL EXISTS.I AM ON WINDOWS PROF XP.ALSO,A HARDWARE PROBLEM..MY MACHINE KEEPS GETTING VERY HOT,VERY.!!!!!!!..NOW.!! IS IT THE MOTOR FAN OR MAYBE SOME COMPONENT PROBLEM....THANKS PEOPLE.........WANE K....BOLTON LANCASHIRE - OF THE NORTHERN REGION
 

More replies
Relevance 68.47%

Does anyone know WHERE I can FIND:
C:\System Volume Information\ ???

I just can't find it anywhere under WINDOWS or as System 32 subfolder. My anti-spy app, says I got all kinds of
INFESTED trojans, droppers, keyloggers etc. located there.

Answer:C:\System Volume Information\ ???

i believe its a hidden folder, make sure u make all hidden folders and OS files viewable by going to windows explorer, tools menu, folder options, vies tab

4 more replies
Relevance 68.47%

I am wondering what some of these files in the "system volume information" folder are.chkdsk (this is actually a folder)6373773drv.iswmdllog.datMountPointManagementRemoteDatabasetracking.logI saw these and got suspicious. Anyone know what they are?

Answer:System Volume Information

Sorry about the vagueness of my question, I've just never seen these before. I know what chkdsk is, I have never seen a folder named chkdsk though.

5 more replies
Relevance 68.47%

Is system volume information a virus? There are 2 folders in two seperate hard drives and on one i can delete it but it comes back like three seconds later. On a different hard drive i cant do anything to it at all
 

More replies
Relevance 68.47%

My System Volume Information folder has 28 of those very large files
that take up 27.2 GB of disk space. The oldest is dated 11-01-2013. This seems to me to be too much . Is it too much? If it is too much, what could cause that to happen?

Answer:System Volume Information - Is it too big?

The System Volume Information folder contains your Windows restore points. Depending on the size of your hard drive, 27 GB isn't that much space.

You can adjust the amount of hard drive space the restore points use. In the Search Bar type Advanced then select View Advanced System Settings then click on the System Protection tab, from there you can adjust the percentage of hard drive used for restore points.

4 more replies
Relevance 68.47%

I am having win7 home basic(64-bit) operating system on my laptop.In each
drive of my hard disk $RICYCLE.BIN,System volume Information and sys folders
of 0 byte size get created before some days. When I unchecked option to show hidden files from folders option folders got hidden.I tried to delete these folders but it's not working.I also tried to delete folder by taking ownership of folder form properties menu of folder.This is decreasing speed of my laptop.I am not understanding if they are system folders or due to virus.Plz reply.

More replies
Relevance 68.47%

When I turn off System Restore on my partitioned D drive, there is a still a subfolder in the System Volume Information folder named: _restore{2AA86FA6-CEB4-46B9-A260-A78C7302C6BF}, that remains. When I go to explore it, it contains many files that have long been deleted. Can I go ahead and delete this whole folder? Not the System Volume Information, but just the subfolder; _restore{2AA86FA6-CEB4-46B9-A260-A78C7302C6BF}. BTW, shouldn't that subfolder be automatically erased upon turning the sytem restore off? Thanks
 

Answer:System Volume Information

Tranceaddict said:



When I turn off System Restore on my partitioned D drive, there is a still a subfolder in the System Volume Information folder named: _restore{2AA86FA6-CEB4-46B9-A260-A78C7302C6BF}, that remains. When I go to explore it, it contains many files that have long been deleted. Can I go ahead and delete this whole folder? Not the System Volume Information, but just the subfolder; _restore{2AA86FA6-CEB4-46B9-A260-A78C7302C6BF}. BTW, shouldn't that subfolder be automatically erased upon turning the sytem restore off? ThanksClick to expand...

I am not sure about the auto erasing part of the question, but you can always place the folder in your recycle bin for a bit and see if anything goes screwy (unlikely). It seems to me it is just an old restore point file. You could probably safely delete but, it is always safer to have it handy for a little while before deleting permanently.
 

2 more replies
Relevance 68.47%

can anyone please help?for some strange reason my system volume information folder keeps growing by at least a couple of gigs every day.i have disabled system restore completley and deleted all my previous restore points.but it still keeps growing.
 

More replies
Relevance 68.47%

I was defragging with defraggler and i noticed that there were a few defragmented files in System Volume Information but they were huge files which added to about 8gb. It could be more as only the fragmented files add to 8gb.

I was wondering where these files came from? They have long, random letter/number names and range from 200mb - 3gb each

Before my factory settings reset, i used to have only 1 huge file in system volume information which was ~2gb.

is it okay if i delete these files

thanks

Answer:~8-9 GB used in C:\System Volume Information\ ?

They are system restore points.

System Restore

You can safely delete all of them but the most recent one to get the space back if you like, but be aware that you won't have those points to go back to if you ever need to, except the most recent one made. They will be made again after a while, which you can then repeat if you want. Or you can just leave them be.

System Protection Restore Points - Delete

You can also change how much or how little space system restore will take up. Or just leave it like it is.

System Protection - Change Disk Space Usage

3 more replies
Relevance 68.47%

I have a virus or malware. Every time I run Ad-ware . I get malware that show up in C:\ System Volume Information.I keep removing it but it just comes back. I add my Hi-jack reporLogfile of Trend Micro HijackThis v2.0.2Scan saved at 2:30:58 PM, on 10/15/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18241)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware\aawservice.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exeC:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exeC:\Program Files\Common Files\AOL\ACS\AOLAcsd.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exeC:\Program Files\iolo\common\lib\ioloServiceManager.exeC:\Program Files\iRacing\iRacingService.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\WINDOWS&#... Read more

Answer:C:\ System Volume Information

Welcome to Bleeping Computer, please be sure you have read and followed the Preparation Guide For Use Before Posting A Hijackthis Log, Instructions for receiving help in cleaning your computerhttp://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/All advice given is taken at your own risk.I apologize for the wait, if your issues are not resolved, read the instructions posted above and then follow the directions below. If you no longer need help, I would appreciate a quick post letting me know so I can close your topic.I get malware that show up in C:\ System Volume Information.The only way to clean that is like this:Turn off System Restore.On the Desktop, right-click My Computer.Click Properties.Click the System Restore tab.Check Turn off System Restore.Click Apply, and then click OK.RebootTurn ON System Restore, On the Desktop, right-click My Computer.Click Properties.Click the System Restore tab.UN-Check *Turn off System Restore*.Click Apply, and then click OK.I see a few other issues in this HJT log and would be glad to help you address them if you will post a fresh HJT log.Thanks

2 more replies
Relevance 68.47%

Seems I have a problem. I left my house for about 20 minutes, come back to my computer and Norton is open saying it found and quarantined a trojan horse. I don't know how I got it, considering I was gone and everything on my computer was closed.

This was the exact file and location:

File: C:\System Volume Information\_restore{E9431B88-3A8B-4B9F-B2B1-ABBDE576F6FD}\RP339\A0202805.dll

I want to make sure there is nothing else, because with just a .dll it makes me think there is more infected files.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:31:45 PM, on 5/13/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Razer\DeathAdder\razerhid.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Razer\DeathAdder\razerofa.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.... Read more

Answer:C:\System Volume Information\

8 more replies
Relevance 68.47%

Hello. Im a novice so please enlighten me.

my AVG antivirus always displays this message (even though im not running the scan manually)

Threat Detected! while opening file: E:\System Volume Information\_restore{9E74D4F4-A15B-4496-A0F3-77B54401AA42}\A0032793.vbs
Virus Found VBS/small

What do i do? I have tried healing but it failed. if I press move to vault, it says object moved to vault. but then after a few minutes it pops up again.

Then another kind of threat, desktop.ini, pops up from time to time.

how seriously at threat is my laptop? it runs on xp 2000, intel celeron 1.3GHZ

THANKS SO MUCH in advance.
 

Answer:help please- system volume information

That is in the restore points

Turn off restore points, boot, turn them back on – here’s how

http://service1.symantec.com/SUPPOR...2001111912274039?OpenDocument&src=sec_doc_nam
 

1 more replies
Relevance 68.47%

Just installed a 2nd hard drive as a slave and I accidentally copied a bunch of files from the 1st one to the System Volume Information folder on the 2nd.

To delete these files and put them elsewhere, I have run the

cacls "G:\System Volume Information" /E /G username:F and press ENTER

routine in CMD and get

"Are you sure (Y/N)?"

even with "Y", I get "Access Denied."

Any hints? Safe mode a sure bet? I have Win XP Home, master hard disk FAT32, and new slave hard disk NTFS.
 

Answer:System Volume Information

It may be that the FAT 32 and NTFS file systems on the different drive aren't compatible. From the best of my knowledge, FAT 32 systems/drives can't write to NTFS formatted volumes or partitions. An option may be to convert your master hard drive to the NTFS file system, or to convert your slave drive to the FAT 32 system. I'm sure that there will be more members join the thread to give advice.
 

2 more replies
Relevance 68.47%

So, I set configs to allow 111 GB for System Restore, thinking I'd buy some extra insurance, on a 1.5 TB HDD. And now looking why I can't create Drive Image backup on 250 GB Drive, when I used to. Turns out, the last "critical" update for Win7 restore point is using a whopping 70 GB of space. What's up with that? Usually the restore point directories are in the single digits. Windoze 7, Home Premium, x64.

Answer:System Volume Information 109 GB !!

If we are talking about shadows and shadowstorage, this would be very strange. Usually a shadow (restore point) is between 250MB and 1GB (approximately). Are you sure that those 70GBs are only 1 shadow. I suggest you do the following:

1. Open an elevated Command Prompt (run as admin) and type: vssadmin list shadowstorage That will show 3 numbers - Used, Allocated and Maximum. Allocated is the amount that has been reserved at this point in time and Maximum should be your 111GBs.

2. Again in Command Prompt type: vssadmin list shadows That will list all the restore points you have (on all partitions). They are dated. If you want a convenient program to look at your restore points, get Shadow Explorer.

6 more replies
Relevance 68.47%

Help! I have recently updated my AVG virus scan and it finds an I-worm virus sitting in my System Volume Information directory.However the virus program cannot access the folder as it can't see it!I can't see this folder in Windows, I can only see it if I go to DOS environment and dir/a:h the c: drive.I cannot access this folder as it says access is denied. Does anyone know how to access this folder? Or even make it visible to programs in Windows?I'm running Windows XP on a Celeron 2 GHz laptop and AVG version6. Thanks!Dave Woods

Answer:System Volume Information

Don't know if this is of any use..... cause don't really know what i'm talking about but....I had a folder that was causing problems a couple of months ago. I ran the virus checker and like you said it couldn't see it... I tried to manually delete it but it wouldn't let me. In the end i ran scandisk and and it found i and i was able to delete it from there.Like i said don't know if that helps but worth a try maybe :)

4 more replies
Relevance 68.47%

Hey guys,

Just a quick question, I've a 80gig hard drive, partitioned in two; 52gig on C, & 24gig on D,

When I ran Treesize pro while doing a spring clean to clear some space, It shows that System Volume Information is occuping 22 GIG on my C Drive - ?!?!?!?!

What is System Volume Information within windows??

I can't open the folder within treesize, and I don't want to delete it wothout knowing what exactly it's purpose is...

Screenshot

Please help!!

Cheers

Sticker
 

Answer:System Volume Information - XP - ???

Have a look here.......

http://www.theeldergeek.com/system_volume_information_folder1.htm
Debe
 

1 more replies
Relevance 68.47%

What the heck is in that file and why can't I open it?

In the C: drive, main area, there is a file called System Volume Information, I can't open it, it says access denied

When I defragged the HD it says that whatever the hell is in there is fragmented?

I got a torjan the other day, I thought AVG got rid of it, but AVG pops up a window every now and then saying it is still there, I think it says its in that damn folder Does AVG not detect it because the folder is blocked?

I noticed my computer is kinda slow, so how do I get in that dag folder?

Answer:System Volume Information.....

http://www.theeldergeek.com/system_v...on_folder1.htm

This is what you need to know.

after that, disable system restore and run your av

6 more replies
Relevance 68.47%

I have a hidden files called System Volume Information it is 2.11GB in size , does anyone know what it is and is it ok to delete ??cheersbeemerman

Answer:what is System Volume Information ??

click here

3 more replies
Relevance 68.47%

In a recent attempt to clear some space on my hard disk to improve performance, I decided to perform a Treesize scan to identify the folders containing the largest amount of data. According to Treesize, the folder, "C:\System Volume Information" has a capacity of 42.3 GB and is easily the largest on my hard drive. From a search on here, it seems to be the location for System Restore points, even though I've configured that to use just 200 MB of disk space, and only the most recent System Restore point is available to return to.

I'm running Windows XP Home Edition SP2, with a 146 GB hard disk. Any suggestions as to how I can clear this space would be gratefully appreciated. Thanks.
 

Answer:C:\System Volume Information

16 more replies
Relevance 68.47%

does anyone know why w2k has system volume information ?

i know that xp holds the restore points there but w2k does not have system restore,
i have 2 files in the one on my C drive - MountPointManagerRemoteDatabase and tracking.log, all the rest just have tracking.log

ta
 

Answer:system volume information

Hi

Its part of Distributed Link Tracking (DLT) Client
http://technet.microsoft.com/en-gb/library/bb742605.aspx
 

2 more replies
Relevance 68.47%

Hi - I felt something was wrong so I ran Trend Housecall the free online virus and spyware checker. It came up with over 20 consecutive files stating trojan - spyware and all these were in D:\System Volume Information\.......\A0365396.exe to D:\System Volume Information\....\A0365416.exe.
Trend asked Do I want to fix it I responded yes
any one advise what is going on as I am receiveng numerous american based suspicious e-mails. a lot referring to Cheryl whoever that may be
regards

 

Answer:System Volume Information

Welcome to Major Geeks!

Please read ALL of this message including the notes before doing anything.

Please follow the instructions in the below link:

READ & RUN ME FIRST. Malware Removal Guide

and attach the requested logs when you finish these instructions.

**** If something does not run, write down the info to explain to us later but keep on going. ****
Do not assume that because one step does not work that they all will not. MGtools will frequently run even when all other tools will not.


After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!
Helpful Notes:


If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools and the manual update Malwarebytes ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
If you cannot seem to login to an infected user account, try using a different user account ... Read more

2 more replies
Relevance 68.47%

Recently my spyware programs get locked on the "System Volume Information\tracking.log" folder. They work okay in Safe Mode. I found instructions to allow access to the folder, even though Microsoft's Instructions were inaccurate. However, I deleted the file in Safe mode and it reappeared upon reboot.
 

Answer:System Volume Information

Instead of changing permissions on the folders and thus allowing malware possible access to them, just use Disk Cleanup to delete all but the last of the restore points. If the last one also is infected, make a new one (when your machine is clean, of course) and delete the previous one with Disk Cleanup.
 

3 more replies
Relevance 68.47%

there is a folder on my PC called "System Volume information" don't know how it got there, and all access to it is denied even for viewing.when i gointo safe mode to have a look or try to delete it, it is not shown, My OS is xp home, can anyone tell me anything on this

Answer:System Volume information

Do NOT delete it as Windows needs this file/folder..

2 more replies
Relevance 68.47%

Hi guys and gals

This is just strange I have found a virus in one of my restore points but No problems are currently in existed. So I have a basic question.. How did a virus get in to my restore points? odd?

File C:\System Volume Information\_restore{736B8453-93FE-477D-9F4C-E9DBA07C5B6E}\RP400\A0039023.exe is infected by Win32:PSWtool-S [PUP], Moved to chest this is what the entry stated

After I found that I reset my System Protection. Going to create a Manuel Restore Point. and re run the select area tests.

Thanks

Answer:System Volume Information

Create a New Restore Point[/COLOR][/URL][/B] to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state. The easiest and safest way to do this is:Go to Start > Programs > Accessories > System Tools and click "System Restore".Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.Then use Disk Cleanup to remove all but the most recently created Restore Point.Go to Start > Run and type: CleanmgrClick "Ok". Disk Cleanup will scan your files for several minutes, then open.Click the "More Options" tab, then click the "Clean up" button under System Restore.Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"Click Yes, then click Ok.Click Yes again when prompted with "Are you sure you want to perform these... Read more

4 more replies
Relevance 68.47%

hi, i remember having viruses that couldnt be removed and heard that alot of spyware could be stored in this folder, obviously it restricts my access to it, im wondering if there is 1 way to take off this restriction so that i may access it. also curious about the permanent effects of deleting this folder. thanks

More replies
Relevance 68.47%

Is this the directory for the Windoze System Restore? If so....can it all be safely deleted? I don't use it anymore as I use GoBack exclusively.
 

Answer:C:\System Volume Information???

Yes and yes. You can clear your restore points . see here http://www.majorgeeks.com/vb/showthread.php?p=342176#post342176
 

11 more replies
Relevance 68.47%

I took the ownership of System Volume Information folder.then i created a folder in it.but now i cant delete that folder.in xp i could do it but not in 7.please help me..

Answer:System Volume Information

  
Quote: Originally Posted by vajeen


I took the ownership of System Volume Information folder.then i created a folder in it.but now i cant delete that folder.in xp i could do it but not in 7.please help me..



Why on earth would you want to take ownership of "System Volume Information" and make a folder in it?

"System Volume Information" = system only and should remain hidden.

Hide it and forget about that folder, messing with "System Volume Information" could get you only deeper into trouble.

2 more replies
Relevance 68.47%

Vista is dumping System Volume information on every HDD ive got and its dumping it all over the place and i carnt defrag nore can i delete any of the files. Theres about 40gb in total..
There is no system protection enabled on the HDDs as i use Vista's backup tool once a week (then store it to a different HDD).
How can i unlock and delete these files, as it seem every other day it grows in size..

Answer:System Volume Information

Hi and welcome to TSF

First I would like you to go to "Folder Options". Click on the view tab and scroll all the way down. When you see " Simple file sharing (recommended) " uncheck that box. The go to each drive that has the System Volume Information. Right click the folder and go to the Security Tab. Click " Add... " and in the text box type in " Everyone ". Click chack names then hit Ok, Apply, and then Ok again. Then go through the folder System Volume Info -> Go through the next folder -> Delete everything that has a blue tint (meaning all the compressed folders.

* Personally I just shut off System Restore function because all it does is hug up drive space and it never fixes anything for me; If you turn it off then all the files will be deleted automatically without the above steps *

3 more replies
Relevance 68.47%

I have an extremely large file (system volume information) which contains a file named:
"_restore (224E0294-7FFD-9D04-A63B49402B20)". In that file are daily "snapshots" of my files. Each daily snapshot is in a separate folder - consecutively numbered (example: RP460 up to RP561.

Each of these folders contain over 130mb of files and are using up my storage capacity on C drive.
Can I delete all but the last few of these folders?

Answer:System Volume Information

Quote:




Can I delete all but the last few of these folders?




NO.

By default the contents of the system volume information folder is not accessible to even an admin account. And for good reason. Any direct deletion or modification of it's contents can, and probably will, corrupt the system restore facility and render it useless.

The disk cleanup utility can delete old restore points and you can also specify how much disk space can be used but do not attempt direct modification of the folder.

Actually I would recommend setting the security attributes of the folder back to what they were to prevent accidental modification. There is really no need to to access the folder at all.

3 more replies
Relevance 68.47%

Hi:

I am having problems trying to remove Trj/CI.A from the system volume information folder. I can't execute any .exe commands or even get to the command prompt (even in safe mode). My combofix results are listed below. Any help is greatly appreciated.
ComboFix 11-01-29.03 - Sports Xpress 01/30/2011 13:51:35.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.766.180 [GMT -6:00]
Running from: c:\documents and settings\Sports Xpress\My Documents\Downloads\ComboFix.exe
AV: Norton Internet Security *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Sports Xpress\Application Data\Mozilla\Firefox\Profiles\vh8oec4d.default\extensions\{369ff373-e69e-472c-a5fd-9f264422d0f0}
c:\documents and settings\Sports Xpress\Application Data\Mozilla\Firefox\Profiles\vh8oec4d.default\extensions\{369ff373-e69e-472c-a5fd-9f264422d0f0}\chrome.manifest
c:\documents and settings\Sports Xpress\Application Data\Mozilla\Firefox\Profiles\vh8oec4d.default\extensions\{369ff373-e69e-472c-a5fd-9f264422d0f0}\chrome\xulcache.jar
c:\documents and settings\Sports Xpress\Appl... Read more

Answer:Trj/CI.A in system volume information

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!These instructions have been specifically tailored to your computer and the issues you are experiencing with your computer. It... Read more

2 more replies
Relevance 68.47%

I built a new computer with a 160 gig drive in it. This drive has 2 partitions, one with Win XP Prof on it. I took my old 80 gig drive out of my old computer(which also has 2 partitions) to transfer files to the new drive. This drive had win 98 on one partition but I did not have it bootable. I've had it in the new computer for about 5 months now and want to reformat it to clean it all off. I noticed that there is a folder there that is called System Volume Information. The sub-folders are restore folders with current files in it. Why are the restore files being stored on this drive and not the new one with XP on it and is it all right to delete these files?
 

Answer:System Volume Information

I don't know why it would create the current files in those folders, but Iknow that the Vol Info on my C: drive is not accessible.

If you aren't sure what will happen if you reformat the secondary drive, just unplug it and run the PC as normal...give it some time, and if it all works properly, I wouldn't worry about it - just make sure that it is set to cable select or slave, replug it in, and reformat.

MBN
 

2 more replies
Relevance 68.47%

I've checked three of my four computers and only one of them has a folder named "RECYCLER". All the others have a folder named "Recycled", and there is the little recycle bin icon where there would otherwise be a folder icon.

If that's the case, you probably have two files in your root directory named "auto.exe" and "autorun.inf". These are malicious little buggers that seem impossible to get rid of, and they seem to be causing other types of problems in the operating system.

The only way I've been able to get them off of attached devices is to disconnect the host computer from any outside connection, i.e., cable modem, telephone. Then turn off the computer and unplug it for 30 seconds. Also, disconnect the attached device from the computer. Then plug in the host computer and boot it up. Make sure you do not have the above named files in the host. (They may be hidden in the Prefetch folder.)

Once you're sure they are completely out of the host, do the 'turn off', 'unplug', etc. cycle again. Reboot. (You may notice that the computer works a little differently. In my computer, the submenues started showing up when I run the cursor near any particular icon on the desktop. The submenues started working in other places too... but I digress.)

Recheck the host computer and verify that the two above named files are actually gone. If they are, your host computer is clean.

Here's the sad news. I still haven't figured out how to... Read more

Answer:System Volume Information

One other note... When I tried to download a file folder into the mass storage device on my laptop (from the host computer via the wireless router), BitDefender (anti-virus program) recognized "auto.exe" as a virus... I'm still researching that avenue...

4 more replies
Relevance 68.47%

I have recently come up against this message:-The file or directory \System Volume Information \1 {3808876b-c176-4e48-b7ae-04046e6cc752} in corrupt and unreadable.This maeeage occures when I unlock a WesternDigital 'My Book essential 1TB' external USB Drive.I am advised to run chkdsk on this drive, but when i do windows advises me to restart windows to continue, but the drive automatically locks.Any help would be gratefully received.thanks in advance...

Answer:system volume information

It's system restore, if you disable it and reboot and then re-enable it it will most likely be fixed. If you do not use system restore then i would keep it disabled.

8 more replies
Relevance 68.47%

This post is my first; I'd like a second opinion from B C folks before I proceed to fool with VISTA's System Restore Points for the first time.

I run Home Premium 32-bit on a partitioned Gateway laptop with 221 GB allotted to C/ and 57 GB of C/ is in use. Of that 57 GB, 31GB is filled exclusively with -- guess what -- System Volume Information files! I'd like to prune this back a little, but only if doing so won't throw VISTA into a tizzy.

Anybody out there done this already? Anybody wanna try it first? I've searched the B C forums for this topic and haven't found one yet specifically adressing this issue. Here are my sources --

According to this page at TechRepublic:

<<http://techrepublic.com.com/5208-6230-0.html?forumID=228428&start=0&taq=rbxccnbdisc1>>

VISTA's SRP is set to delete old files after 136 years although its XP predecessor did so after a mere 90 days.

Indrajit Chatterjee's Blog 3/25/08 "Reclaiming disc space from 'system volume information' offers the following instructions:
<<http://indrajitc.wordpress.com/2008/03/25/reclaiming-disk-space-from-system-volume-information/>>

Thanks for your attention, folks.

Answer:System Volume Information

Here's a very similar link from the person I consider to be an authority on all things System Restore: http://bertk.mvps.org/html/diskspacev.htmlShouldn't be any problem.

7 more replies
Relevance 68.47%

Help ! My System Volume Information folder on my PC has started increasing in size and gets bigger every time I reboot.It has now reached a size of over 20GB and still increasing. This is where all the restore points are held. I've run Norton anti-virus scan but no viruses have been found.Can this folder be recreated from scratch ?Has it somehow got corrupted ?Any ideas would be greatly appreciated.Mio

Answer:System Volume Information

You can disable system restore, reboot the machine and then set a new restore point. All the old ones will be gone.

3 more replies
Relevance 68.47%

I have this directory named System Volume Information on my hard drive. You can't even access it. So, what good is it and what is it?

Answer:System Volume Information

http://support.microsoft.com/kb/309531

2 more replies
Relevance 68.47%

what is system volume information? this has 12.6gb against it and when i opened it, it shows 12.6gb of _restore against it. when i opened restore folder, it shows folders giving size and number starting with RPxxxxx.

Answer:system volume information

madaboutplants,Some infoclick hereHTH

7 more replies
Relevance 68.47%

I could do with a bit of help here. While doing a bit of analysing I discovered that on my notebook the System Volume Information folder was using 12gb. This rather staggered me but I discovered this was caused by System Restore. I turned off System Restore and rebooted. This emptied the folder as I expected. I then turned it back on, set a restore point and all is fine. About 600mb now.
The thing that has me baffled though is that my desktop computer was showing zero in that folder. System restore was turned on and many restore points had been set. So where is all that information gone. I should point out that both computers are running Vista Home Premium with SP1 and all updates. I turned off System Restore, rebooted then turned System Restore on again, set a couple of restore points, but the folder is still zero. I tested a Restore point and that worked fine. I'm afraid I'm at a loss. Obviously the information is somewhere. Suggestions would be greatly appreciated.
 

Answer:System Volume Information

Read:--> How to gain access to the System Volume Information folder

Also:

Clear system restore points


Clear your existing system restore points and establish a new clean restore point:
Go to Start > All Programs > Accessories > System Tools > System Restore
Select Create a restore point, and Ok it.
Next, go to Start > Run and type in cleanmgr
Select the More options tab
Choose the option to clean up system restore and OK it.
This will remove all restore points except the new one you just created.

 

5 more replies
Relevance 68.47%

Hi, I'd just like to know how to access system volume information on my hard drives if anyone knows how and if it's possible. Thanks.

Answer:Need help on system volume information

Windows XP Professional and Home Edition - FAT32 File System

In Windows Explorer click [Tools] [Folder Options]
Click the [View] tab, click [Show Hidden Files and Folders]
Clear [Hide protected operating system files (Recommended)] check box.
Click [Yes] on the change confirmation box and click [OK] to exit.
Double-click the System Volume Information folder to open.

Windows XP Professional using the NTFS File System on a Workgroup or Standalone Computer

In Windows Explorer click [Tools] [Folder Options]
Click the [View] tab, click [Show Hidden Files and Folders]
Clear [Hide protected operating system files (Recommended)] check box.
Click [Yes] on the change confirmation box and click [OK] to exit.
Right-click the System Volume Information folder in the root folder.
Click [Properties] and select the [Security] tab. Click [Add]
Enter the name of the user you are allowing access to the folder.
Click [OK], and then click [OK].
Double-click the System Volume Information folder to open.

Windows XP Professional Using the NTFS File System on a Domain

In Windows Explorer click [Tools] [Folder Options]
Click the [View] tab, click [Show Hidden Files and Folders]
Clear [Hide protected operating system files (Recommended)] check box.
Click [Yes] on the change confirmation box and click [OK] to exit.
Right-click the System Volume Information folder in the root folder.
Click [Properties] and select the [Security] tab. Click [Add]
Enter the name of the user y... Read more

3 more replies
Relevance 68.47%

XP pro - p4 2.8AVG antivirus detecting worm (Lovsan.A) in C:\System Volume Information\_restore ......AVG will not delete this worm file.Can anyone please steer me to access this folder and delete file (Access Denied via My Computer route).Many thanksTerry

Answer:XP pro System Volume Information

The worm is hidden in your System Restore files which virus checkers don't have access (that's why you are getting the message that AVG cannot remove it.The cure is to turn off Systm Restore temporarily, run your A/V to remove the worm and then re-instate System Restore. It means you will have lost your restore points but that is a small price for getting rid of the nasties.?d

3 more replies
Relevance 68.47%

Hi,

I'm running Vista HP 64-bit on my home build PC, and I was trying to clean up my C: drive when I noticed how large the System Volume Information folder was (31Gb on a 120Gb HD). I investigated and I've tried to delete these files.

I've tried searching the problem and most of the answers are that the problem is system restore. I've turned System Restore off, so I know that these files are not associated with this. I've tried to take ownership and delete them. I've tried deleting them in Safe mode, I've tried using a file shredding software, and no joy.

I really need some advice!!!

Answer:System Volume Information

Hi -

Add TakeOwnership to your context menu. Download the .reg file, run it and allow Registry merger to occur -

http://jcgriff2.com/0x2/takeown_icac...ows7_Vista.reg

Bring up an elevated administrative cmd/DOS prompt -
START | type cmd.exe | RIGHT-click on cmd.exe above under "Programs" | select "Run as Administrator" | Paste the following -

Code:

attrib -h -s c:\system information volume\*.* /s /d

Go to the folder, RIGHT-click on it, select "Take Ownership"

See if you can open it now.

Regards. . .

jcgriff2

`

19 more replies
Relevance 68.47%

I have Windows XP Home and I have a problem accessing the System Volume Information folder. My System Restore will not work at reboot, so I would like to do a manual restore with which I am familiar. I tried the cmd prompt command: C:\ cacls "C:\System Volume Information" /E /G SKYNEST:F and I get a corresponding good reply of: process dir: C:\System Volume Information. From what I know it should unlock the folder, but it doesn't. Access is still denied even after a reboot. So, after searching diligently I have come to majorgeeks.com because your community is the best! Can you get my system straightened out? Just so you know, I have no security tab under folder options in My Computer. Also, I cannot clear "Use simple file sharing" in the folder options View tab because it is not there! So, you see I have come a ways and am stuck.

I know I can do a manual restore using Windows Mini XP to access the folder from a CD, but it just seems to be such a round about way when I could just use Resore or get into the System Volume Information Folder.
 

Answer:System Volume Information

skynest said:





I have Windows XP Home and I have a problem accessing the System Volume Information folder. My System Restore will not work at reboot, so I would like to do a manual restore with which I am familiar. I tried the cmd prompt command: C:\ cacls "C:\System Volume Information" /E /G SKYNEST:F and I get a corresponding good reply of: process dir: C:\System Volume Information. From what I know it should unlock the folder, but it doesn't. Access is still denied even after a reboot. So, after searching diligently I have come to majorgeeks.com because your community is the best! Can you get my system straightened out? Just so you know, I have no security tab under folder options in My Computer. Also, I cannot clear "Use simple file sharing" in the folder options View tab because it is not there! So, you see I have come a ways and am stuck.

I know I can do a manual restore using Windows Mini XP to access the folder from a CD, but it just seems to be such a round about way when I could just use Resore or get into the System Volume Information Folder.Click to expand...

You may need to restart the computer to safe mode by pressing F8.

This is from the Microsoft site:

The following steps also work if you restart the computer to Safe mode because simple file sharing is automatically turned off when you run the computer in Safe mode.

Open My Computer, right-click the System Volume Information folder, an... Read more

10 more replies
Relevance 68.47%

C:\System Volume Information

I have system protection(restore) turned off.
And it has 4GB of data in C:\System Volume Information.

How can this be. It is also allowing me to go back to a restore point.

Windows 7RC 64Bit.

Answer:C:\System Volume Information

Its part of the system restore feature. So if you dont use that you could disable it and it should remove that folder.

9 more replies
Relevance 68.47%

I killed my Linux partition using Partition Magic, everything went as planned, however, now I have a folder under C:/ called "F Drive" which contains the contents of my Linux partitons. I however can't access or delete this folder, any ideas on why? I looked up the System Vol Info, and as far as that is concerend, I have system restore off.
 

More replies
Relevance 68.47%

Hi All,Plz explain what is System Volume Information and how to clean the viruses from System Volume Information.[/font][/size]Regards SSK

Answer:System Volume Information

Hello, It is a part of System Restore; the tool that allows you to set points in time to roll back your computer. The System Volume Information folder is where XP stores these points and associated information that makes them accessible. The Elder GeekCreate a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state. The easiest and safest way to do this is:Go to Start > Programs > Accessories > System Tools and click "System Restore".Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.Then use Disk Cleanup to remove all but the most recently created Restore Point.Go to Start > Run and type: CleanmgrClick "Ok". Disk Cleanup will scan your files for several minutes, then open.Click the "More Options" tab, then click the "Clean up" button under Sys... Read more

1 more replies
Relevance 68.47%

My system volume information folder is HUGE...it takes almost 20GB of storage, why is it so big?! can i delete stuff in it somehow? i dont want to screw anything up, so some help woul db every nice, thanks

Answer:System Volume Information

It's a very important folder used by System Restore...it's probably so big due to the amount of restore points you have but 20GB is a bit extreme.

You won't be able to access the folder unless you change the security permissions...but I would stronly advise against doing so.

What may help is if you disable System Restore which will delete the restore points, then re-enable it and change the settings.

You can do all that by right clicking 'My Computer' either on your Desktop or Start Menu then select 'Properties'. Choose the System Restore tab and you can turn it off by removing the tick and clicking Appy. When you re-enable, you can click the Settings button and reduce the amount of disk space usage.

Hope that helps :-)

6 more replies
Relevance 68.47%

My computer has been sluggish lately. I've scanned with everything. My active scan logs and HJT logs are clean and I've scanned for rootkits.

And Anivir's on access scanner has been detecting trojans in the System volume information
folder but I can't open the folder because access is denied.

This is one of three I've quarantied from the same location

C:\system volume information\_restore{082A6CE9-706C-4F27-9BC0-3693FCF3DE9E}\RP1052\
ao220720.dll

I've turned off and on system restore but that didn't seem to clear it out.

Should I try to delete this folder \RP1052\ with because that's where the 3 files were been found.

Any help would be appreciated
 

Answer:system volume information

http://support.microsoft.com/kb/263455
 

3 more replies
Relevance 68.06%

I bought my computer used and have never been able to make a System Image disc for back-up purposes and I've had some other problems with "Backup and Restore" as well. I always get this error: "The backup application could not start due to an internal error: Server execution failed (0x80080005)." By doing research I discovered that this happens because the SYSTEM does not own the "System Volume Information" file, the user does instead (me).
When I got the computer I took ownership of the entire C drive because I kept having permission problems. Now I know better and would not do that again, but I guess the only problem it caused was with "Backup and Restore" - two years on and I haven't had any other problems.
Anyways, I've tried changing ownership of System Volume Information, but it won't let me. I've found several ways to take ownership, but how can I get Windows to let me give ownership back to the SYSTEM? Or is there a way to return the file to its default state, or maybe copy a new version and delete the old one? Thanks for your help.

Here is the post where I found the solution to my backup problem:
Starting Windows 7 Backup : Server execution failed(0x80080005) ????

I apologize if I'm not supposed to post links - I'm new here

Answer:Need to give ownership of System Volume Information to SYSTEM

Links are OK as long as they're not advertising, objectionable material, solutions that would harm a computer etc.

2 more replies
Relevance 67.65%

Hi, Windows will not defrag system volume information and it is 1.6GB. This is obviously slowing my computer down. If I delete the volume information what will happen? Can I delete it?
 

Answer:System Volume Information Defrag

No, you can't delete System Volume Information, in fact you normally can't access it at all, that's where Windows stores the data for System Restores. The fact that it's defragged shouldn't slow down your system since the only time you read those files is when you do a System Restore, which is usually a rare occurrence.

Post a HJT log and maybe something else will show up that's slowing down your system.
 

2 more replies
Relevance 67.65%

Hey guys, so I keep getting this error pop up when I'm running my font explorer software. Does anyone knows how to fix this?

Thanks in advance
 

Answer:System Volume Information is not accessiblle

System Volume Information is where System Restore keeps its restore points. Most people never need to directly access the data in those folders, so by default there are no user permissions granted on the folders.

No to sure why a your font explorer would need access to it. Can you configure the software not to access that folder?
 

more replies
Relevance 67.65%

Can't get to system volume Information directory to delete files so I can rid computer of about:blank annoyance.
Also, can't find sql.dll file in system32 directory. Just doesnt show itself.

I have run Hijack this but the problem still exits.

Can you help please?

Thank You

On-Demand Virus Scanner Results:

Run: 9/18/2004 5:17:44 PM

Drives scanned:
C:\
Categories checked:
Boot Sectors
Executables
Macros

Results:

Found virus
In File: C:\System Volume Information\_restore11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928\RP631\A0027686.exe
Name: TROJ_STARTPAG.AC
Requested action: Remove virus.
Results: Failed. Removal attempt failed. File still infected. See recommendation below.

Found virus
In File: C:\System Volume Information\_restore11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928\RP693\A0031002.dll
Name: TROJ_STRTPAGE.IX
Requested action: Remove virus.
Results: Failed. Removal attempt failed. File still infected. See recommendation below.

Found virus
In File: C:\System Volume Information\_restore11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928\RP705\A0032326.dll
Name: TROJ_STRTPAGE.IX
Requested action: Remove virus.
Results: Failed. Removal attempt failed. File still infected. See recommendation below.

Found virus
In File: C:\System Volume Information\_restore11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928\RP705\A0032328.dll
Name: TROJ_STRTPAGE.IX
Requested action: Remove virus.
Results: Failed. Removal attempt failed. File still infected. See recommendation below.

Found virus
In File: C:\System ... Read more

Answer:Can't get to system volume Information directory

Turn off system restore by following instructions here
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001111912274039 for Xp
or here
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001012513122239 for ME

That will purge the restore folder and clear any malware that has been put in there. Then reboot & then re-enable sytem restore & create a new restore point.

go to http://www.thespykiller.co.uk/files/HijackThis.exe and download 'Hijack This!'.
make sure it is placed into it's own folder, not a temporary folder. Then doubleclick the Hijackthis.exe.
Click the "Scan" button, when the scan is finished the scan button will become "Save Log" click that and save the log.
Go to where you saved the log and click on "Edit > Select All" then click on "Edit > Copy" then Paste the log back here in a reply.
It will possibly show issues deserving our attention, but most of what it lists will be harmless or even required,
so do NOT fix anything yet.
Someone here will be happy to help you analyze the results.
 

2 more replies
Relevance 67.65%

I've gotten this once before and I thought I got the patch for it... but.. w/e
It's back.. !

Ran Ad-ware
Ran Spybot

Heres HJT log:

Logfile of HijackThis v1.99.0
Scan saved at 5:44:46 PM, on 12/15/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Alias\Maya6.0\docs\Wrapper.exe
C:\Program Files\Alias\Maya6.0\docs\jre\bin\java.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\Desktop\New Folder (3)\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F... Read more

Answer:System Volume Information Hijacker

You AVG is old there is a new version

AVG 7 http://free.grisoft.com/freeweb.php/doc/2/

Fix
O4 - HKCU\..\Run: [Tsa2] C:\PROGRA~1\COMMON~1\tsa\tsm2.exe

And remove the TSA folder

I'd get rid of these downloaders - most are trouble
 

1 more replies
Relevance 67.65%

I have followed advice given in previous posts but still cannot access my SVI folder. I have WINXP Home with NTFS I have followed the advice on click here however I can only get as far as right clicking the SVI Folder and choosing 'Sharing & Secuity'. The next stage says choose the security tab but the only tabs available are general/sharing/customize. Is there something else I need to switch on somewhere? BTW I am trying to track this down as my system restore wont work. It shows dates highlighted but when you choose to restore is finally comes up restore failed no matter which point I choose so I am starting with trying to look into my SVI folder. Many Thanks

Answer:Accessing System Volume Information?

May be a silly question but, when you are attempting to gain access to this property you are logged in as Administrator?

5 more replies
Relevance 67.65%

C:\System Volume Information" /E /G Zombie :F

None of the cmd commands would work at all I've tried everything and its says the commands aren't real.

The command above is my example it did nothing.

I have a virus inside my Sysem Volume Information folder I wanted to see what VirusTotal.com would say if I sent the file to them. But dumb enough I'm not allowed to get into that folder even know I can see it. The OS doesn't allow me to just click into the folder its self.

C:\System Volume Information\_restore{7DC0BD25-810A-4646-9B02-25E7BB3740C2}\RP38\A0014125.exe (The A0014125.exe is the virus and the only file in the folder.

Anybody have any ideas what I should do?

Because this "virus" or spying .exe file came from FreeMake Video Converter.

Yet, I can only view with add now Quarantined Items.

Answer:Trying to get into System Volume Information Folder.

How to gain access to the System Volume Information folder

3 more replies
Relevance 67.65%

Hi - I've got an empty folder on the desktop, size 0 bytes, created in 2008 (it hasn't been on the desktop for that length of time) and when I try to delete it, I get the above message, followed by 'Access denied. Make sure the disk is not full or write-protected and that the file is not currently in use.'Any idea what it is? Running XP Home.

Answer:Cannot delete System Volume Information

Not sure but as it is empty it should be all right to delete it.Maybe drag it to the Recycle Bin and drop it in there.But to be in the safe side wait for further comments from others.

9 more replies
Relevance 67.65%

Hi All
I've got this virus C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP294\A0017770.EXE and I would like to know what it does and how it appears. I note from other postings it is quite popular but no one has explained how dangerous it is.
Paul
 

Answer:what does c system volume information virus do?

7 more replies
Relevance 67.65%

I have a 418mb frag on my computer i will post the log from defrag and hijackthis. i am trying to remove or repair this fragment. I have a copy of SDfix already but i want to consult somebody first before i use it.

Defrag log:
Volume Windows (C
Volume size = 18.64 GB
Cluster size = 4 KB
Used space = 10.93 GB
Free space = 7.71 GB
Percent free space = 41 %
Volume fragmentation
Total fragmentation = 2 %
File fragmentation = 4 %
Free space fragmentation = 0 %
File fragmentation
Total files = 70,892
Average file size = 246 KB
Total fragmented files = 2
Total excess fragments = 409
Average fragments per file = 1.00
Pagefile fragmentation
Pagefile size = 1.41 GB
Total fragments = 1
Folder fragmentation
Total folders = 3,784
Fragmented folders = 1
Excess folder fragments = 0
Master File Table (MFT) fragmentation
Total MFT size = 89 MB
MFT record count = 75,001
Percent MFT in use = 82 %
Total MFT fragments = 3
--------------------------------------------------------------------------------
Fragments File Size Files that cannot be defragmented
9 418 MB \System Volume Information\_restore{41EF47F8-A08E-463E-882B-3D130BBCF183}\RP217\A0038065.exe

Hijackthis log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:32:27 AM, on 5/26/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services... Read more

More replies
Relevance 67.65%

Hi,

I have a 40gb hd. Found a folder on it called 'System Volume Information'. It's 3.5gb

Is this where all my sys restore info goes? Explorer wont let me look at the files

Any ideas?
cheers

Answer:System Volume Information folder

i believe u r correct. really wanna find out since it wont let u in is delete all but the most recent restore point in disk clean up and see what the size of the folder is afterwards. that is alot of restore points to be using up 3.5 gigs and my restores fail neways when i try to go back to more than a week or 2 prior. so i would reclaim ur disc space to use for better things than holding useless old restore points.

2 more replies
Relevance 67.65%

In my c: drive about 10 gig is used for "System Volume Information" files like these: {da7a5c31-892c-11e1-941e-1103d399dd94}{3808876b-c176-4e48-b7ae-04046e6cc752}. What are these files and are they all needed?

Answer:System Volume Information files

From MSDN:-
In the root of every drive is a folder called "System Volume Information". If your drive is NTFS, the permissions on the folder are set so not even administrators can get in there. What's the big secret?
The folder contains information that casual interference could cause problems with proper system functioning. Here are some of the things kept in that folder. (This list is not comprehensive.)
?System Restore points. You can disable System Restore from the "System" control panel.
? Distributed Link Tracking Service databases for repairing your shortcuts and linked documents.
? Content Indexing Service databases for fast file searches. This is also the source of the cidaemon.exe process: That is the content indexer itself, busy scanning your files and building its database so you can search for them quickly. (If you created a lot of data in a short time, the content indexer service gets all excited trying to index it.)
?Information used by the Volume Snapshot Service (also known as "Volume Shadow Copy") so you can back up files on a live system.
?Longhorn systems keep WinFS databases here.

3 more replies
Relevance 67.65%

My Vista is pretty new. OK....maybe....what? a month old?
I have programs on here. Not too many though. Along with not too many files.

I was very surprised when I start up and 19 out of 105 GB was all that was left.
So i ran Tree Pro 4 and the size of my System Volume Information folder had literately 5x itself to 50.2GB.

Im astonished and appalled. O


If anyone has ideas, bring it forth cuz i need it.
 

Answer:System Volume Information on Vista

Those are your system restore points. You could lower the amount of drive used for it, or nuke the contents of the folder altogether by turning off the System Restore service and rebooting.
 

5 more replies
Relevance 67.65%

As there are malware to be removed in my System Volume Information folder, I must access the folder to remove them. The solution for access, provided by MS is incomplete. It states that once I have provided access to the Hidden Files, etc, I click on Properties & then on the Security Tab. However, there is NO Security tab.I am running XP Pro SP3. Anyone have a resolution?

Answer:System Volume Information folder

The link below ahould be of some help.System Volume Information Folderhttp://www.theeldergeek.com/system_...As far as getting rid of the infected files in that folder the normal way is to turn off System Restore, restart the computer then turn on System Restore again. This will purge all of the System Restore files including the virus infected files."Make sure that you turn System Restore on again. How to turn off and turn on System Restore in Windows XPhttp://support.microsoft.com/kb/310405Tufenuf

4 more replies
Relevance 67.65%

Recently i have found a file named 'System Volume Information' in my c:/.The file is not created by me or process of installing software.It is a empty file.When i opened it a window popped out saying:'c:/system volume file is not accessible.Access is denied.'I feel very strange since i never see such this file.

Almost each big file and subfile in my c:/ and MyDocument contain a system configuration file called 'Desktop.ini'.These damn files are so annoying because there is approximately hundreds Desktop.ini in my pc.Below is 1 of the Desktop.ini found in my window media player directory in program files:
[.ShellClassInfo]
IconFile=%ProgramFiles%\Windows Media Player\wmplayer.exe
IconIndex=0
What is it mean?????

Forgot to mention another file named RECYCLE is in my c:/.What are these strange files???

Any advice would be greatly appreciated.

Answer:System Volume Information file????

Hello,

its nothing to worry about

System Volume Information is the folder, should be a folder, that contains your system restore info. If you really want to see it you need to give yourself permission to see inside it, not really recommended.

Recycler is just a folder that lets you see whats in the recycle bin, I think. It may serve another purpose.

Desktop.ini is just a config file for windows stores some setting that are used in different views, like icon view for the example you gave. Like the thumbs.db file that appears in folders with pictures is used for showing thumbnails in thumbnail view.

2 more replies
Relevance 67.65%

Hello all!

I've screwed up, I don't know how it happened but I was moving around some stuff and something happened with the open windows (got stucked to the cursor) and when I got it to stop (I've got a new mouse with some small buttons on the side, and I've not managed to get used to them .. however I will disable those)

Well the problem is that when I got to unhook that window from my cursor my 300Gb + mp3 folder was gone .. man it almost gave me a heartattack, cause I've been working on that thing for years basically ...

I found it, it's somehow inside the "D:\system volume information" folder, and if I dragg it out to the root of the D drive it dissapears from the sys vol dir, but doesn't show up in the root at the D drive .. ?? and then if I go out from the sys vol dir and go back in again (basically refresh) then there it is again ..

summary: ... cannot move my mp3 folder back to the D:\ folder since it accidently got moved to d:\system volume information ..

please help .. I'm nervous like a cat on a hot tin roof

Thanks

//Ken1

Answer:system volume information folder

  
Quote: Originally Posted by Ken1


Hello all!

I've screwed up, I don't know how it happened but I was moving around some stuff and something happened with the open windows (got stucked to the cursor) and when I got it to stop (I've got a new mouse with some small buttons on the side, and I've not managed to get used to them .. however I will disable those)

Well the problem is that when I got to unhook that window from my cursor my 300Gb + mp3 folder was gone .. man it almost gave me a heartattack, cause I've been working on that thing for years basically ...

I found it, it's somehow inside the "D:\system volume information" folder, and if I dragg it out to the root of the D drive it dissapears from the sys vol dir, but doesn't show up in the root at the D drive .. ?? and then if I go out from the sys vol dir and go back in again (basically refresh) then there it is again ..

summary: ... cannot move my mp3 folder back to the D:\ folder since it accidently got moved to d:\system volume information ..

please help .. I'm nervous like a cat on a hot tin roof

Thanks

//Ken1


Lets try the easy way first. Just go to back up and restore, to a point prior to the problem, and restore. If you are not sure how thats done just follow instructions below:



Just go to help and information, and type back up and restore, follow instructions. You will be good to go in no time. In the case of problems, just return and we will... Read more

9 more replies
Relevance 67.65%

Moved a few drives from a server running winxp to one running 2k.
Any special way you guys know of to delete these folders? I cannot uncheck the 'Hidden' attribute because it is greyed out.
 

Answer:System Volume Information folder

turn off system restore

http://support.microsoft.com/default.aspx?scid=kb;en-us;309531
 

4 more replies
Relevance 67.65%

I have a Virus, it resides in a folder called "Sytem Volume Information" and is a Trojan.I am running XP SP1.........can anyone help me out?This Virus seems to be detected by my Virus checker once every half an hour or so. Each time I delete it, it comes back as a slightly differen file name with lots of numbers in.

Answer:A Virus in "System Volume Information".

WrathMaster2, when you have done a virus scan and deleted the virus, have you turned off system restore?If I remember correctly, system volume information is the hidden system folder where your restore point data is held. If the virus is in there, anti-virus s/w wont be able to delete it as it's a system protected folder.From advice given on this forum(and elsewhere),if your anti-virus s/w does find a virus, you should turn off your system restore function to make sure the virus is removed totally as, as it looks like with your system, the virus can lodge in your restore point data.Hope this helps, dagwoood.

3 more replies
Relevance 67.65%

I hope someone has seen this before and has a remedy for it.Every 30 minutes or so, I get a warning window appearing telling me of a virus. It says the virus is in C:\\System Volume Information.... restore....., and to use my AVG anti-virus to remove the file. AVG does not find it, nor does my adware removal software.I have searched for the file myself, and cannot find any System Volume Information in the restore folders, or anywhere.It doesn't seem like any harm is being dome to the PC, but it is annoying every half hour getting these warnings.Any ideas anyone?Thanx in advance.

Answer:System Volume Information Virus

Turn off System Restore, then turn it back on and create a Restore point.

1 more replies
Relevance 67.65%

I'm just wondering why I can't delete the "System Volume Information". Yet isn't it that you can easily delete these folder by just unchecking the hide button on the file option.

I've tried opening the folder by using "cacls" on CMD. All folders and files are easily remove except for one file name "change.log". This "change.log" bothers me a lot, upon accessing the file I started to notice that it increase it file size by 1b/second.

Can anyone have suggestions on how could I remove this folder? This may seemed new but this thing bothers me a lot and now I suspected this folder a reason why my computers' network and performance are malfunctioning.

Answer:How to Delete: System Volume Information

Have you tried just turning off system restore?

That should delete all the contents of the folder, including the change log

Btw, that file should not be effecting anything on your system.

If you deleted the files in SVI that file should have been deleted too.

Is it only the change file in the most recent restore point you are having trouble deleting?

14 more replies
Relevance 67.65%

Hello everyone. I can't access to System Volume Information on xp home, NOT PROFESSIONAL. I read Microsoft tutorials, but nothing. Could any help me, please?
A jpg of what I see.
Thankyou

Answer:System Volume Information on Xp sp3 home

Hello everyone. I can't access to System Volume Information on xp home, NOT PROFESSIONAL. I read Microsoft tutorials, but nothing. Could any help me, please?A jpg of what I see.ThankyouIs there a reason you want to access this folder? It is kept locked out because of its sensitive nature in dealing with system restore.

1 more replies
Relevance 67.65%

According to my virus checker i have a virus in the above folder but,when i try to open the folder it tells me access is denied, and if i run the virus checker manually it doesnt find it it just tells me its in there on start up

Answer:virus in system volume information

ME or XP?click here

2 more replies
Relevance 67.65%

I delete it, but it stays there, nothing happened. How can I delete it?
And is it safe to do?

Answer:tell me how to delete System Volume Information on D:

Windows needs that. Well, it certainly wants it.


See: http://indrajitc.wordpress.com/2008/...e-information/

9 more replies
Relevance 67.65%

I need help with the following Norton finds it and reports quarantine succeeded but comes back at each scan. Also just where is it I tried to find the directory or file and I could not. See the message from Norton message I get below.
Thanks in advance
Bill Roland

Message:
Scan type: Realtime Protection Scan
Event: Virus Found!
Virus name: W32.Spybot.Worm
File: D:\System Volume Information\_restore{1CC32E8B-5326-4E78-9F19-27BDE193ED7D}\RP105\A0025853.exe
Location: Quarantine
Computer: BILL-2ZBIRW2GCN
User: SYSTEM
Action taken: Clean failed : Quarantine succeeded : Access denied
Date found: Sat Aug 14 22:57:39 2004
 

Answer:Virus in System Volume Information?????????

Hi Bill ,

Cannot repair, quarantine, or delete a virus found in the _RESTORE or System volume information folder
 

2 more replies
Relevance 67.65%

I just finished reformatting my machine and when I run a full scan with Avast it see this in the logs "C:\System Volume Information [E] Access is denied". Doesn't Avast scan this folder? I actually get the same messege when I try and open the Sys Vol Info folder as well (double clicking on it)... As far I as I can remember I should have access to opening this folder... Any ideas?
 

Answer:System Volume Information folder

XP does not allow write access to that folder for AVs.

That's why if you discover you have a virus you need to dump your restore points to prevent reinfection.
 

2 more replies
Relevance 67.65%

I have nearly 2 GB of files in my System Volume Information directory. This is the System Restore directory in WinXP, but best as I can tell Win 2k SP4 does not include this utility. The files have been created periodically, consistent with various program installations that I've made over the last few months. I have Norton AV, Zone Alarm, a hardware firewall and run Spybot and AdAware. None of these have notified me of problems. I can't find any info on the Microsoft support site or the MS KB about this directory or function for Win 2k. Can anyone fill me in and let me know if and how I can delete some of these files?
 

More replies
Relevance 67.65%

Since System Volume Information is a locked file, obviously it can't be defragged, but on my secondary computer it is broken into 25 pieces, which are scattered across the volume. This inteferes with proper organization of other data, and I'm wondering if there is a means to put the pieces
together?

EDIT: If I'm not mistaken SVI is also where shadow copies are located, but I used system cleanup to remove any extra shadow copies, so that there are now only 3.

Answer:System Volume Information *Defrag*

Disable System Restore. Delete all restore points. Re-enable.

1 more replies
Relevance 67.65%

HI:
I'm new in using the combofix.
My PC's problem was the RECYCER and VOLUME SYSTEM INFORMATION
Those 2 files or whatever they're called were in my PC for a long time
I hope it ends after running combofix

Answer:RECYCER and VOLUME SYSTEM INFORMATION

Hello I have moved you from the XP forum to the Am I Infected forum.How is your computer running now? You should not run Combofix on your own. It is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. Next run MBAM (MalwareBytes):NOTE: Before saving MBAM please rename it to zztoy.exe....now save it to your desktop.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an u... Read more

4 more replies
Relevance 67.65%

I ran Ad-Aware and it found a BFK installation exe in C:\System Volume Information\_restore{B9823275-D858-498B-A4DC-C4EEDA322F67}\RP29 So I found the file and it was renamed "A0018604.exe" . I looked around in the registry where it is supposed to be but did not see anything familiar with what a keylogger removal website was telling me. So I am a bit confued as to why an installation file would be on my computer but it is not installed. I understand the process part of the hijack this log but I cannot read the rest. So I was wondering if I was missing something.
"Hijack this log"

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:05:54 PM, on 11/8/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Program Files\Viewpoint\Common\ViewpointService.... Read more

Answer:BFK Keylogger In C:\System Volume Information

I scanned again today and found another bfk installer. This one was still located in the system volume folder but was renamed and in another file. Anyone have any ideas?
 

1 more replies
Relevance 67.65%

my internet is running really slow, now iget alot of pop ups and when i did a virus scan with Bitdefender i got the following virus.
Remaining issues:Object Name Threat Name Final Status
C:\System Volume Information\_restore{BF77C4A3-DCD7-4250-A4CF-63F66DEE0489}\RP606\A0092881.msi=](Embedded EXE) Adware.SpyClean.K Delete Failed (file was in an archive)

is there a way to go in and delete all the System volume Information restore points, will this clear up all the restore points. any help would be appreciated. thanks Don
 

Answer:System Volume Information\restore

Do a Disk Cleanup and select the More Options tab, System Restore Clean up button.

This will remove all but the most recent Restore Point. If you wish, you can disable Restore, reboot and then re-able it to remove all Restore Points.

As a BTW, a virus, etc in the Restore files will only come into play when/if you actually do a System Restore and select that particular date.
 

1 more replies
Relevance 67.65%

Pls help me to delete virus in System Volume Information

Answer:Virus in System Volume Information

Disable/Enable the System Restore Utility to flush old infected restore points1) Right click the My Computer icon on the Desktop and click on Properties.2) Click on the System Restore tab.3) Put a check mark next to Turn off System Restore on All Drives4) Click the OK button.5) You will be prompted to restart the computer. Click the Yes button.Now re-enable System RestoreTo re-enable the System Restore Utility, follow steps one to five and on step three remove the check mark next to 'Turn off System Restore on All Drives'.1) Right click the My Computer icon on the Desktop and click on Properties.2) Click on the System Restore tab.3) Remove the check mark next to Turn off System Restore on All Drives4) Click the OK button.

5 more replies
Relevance 67.65%

Hi, I'm having a problem quite similar to the one Radder1 in post http://forums.techguy.org/hardware/493525-need-recover-backup-hdd-files.html
is having.

I'm running an XP Pro SP2 machine with an 80GB Maxtor as the Master, a 250GB Samsung as the Primary Slave, and a 250GB Maxtor on an Ultra133 TX2 IDE controller Card. The issue is with the 250 on the controller card.

In the process of writing files to the drive, several messages popped up saying that different System Volume Information files were corrupt. The drive was no longer readable/writable but still showed up in both My Computer and Disk management as an NTFS drive.

Solution Attempt 1:
I attempted to run chkdsk /r without success. I rebooted my machine and the drive still appeared in Disk Management and My Computer, but no longer as NTFS. Also, no Volume information such as Disk Space, etc were available. It now read as a RAW drive. I tried chkdsk /r and /f once again, now only in Safe Mode with Command Prompt. This was still unsuccsessful.

Solution Attempt 2:
I thought this may be a Windows exclusive issue, so I grabbed my handy Bactrack Security Suite Live Linux CD (SLAX). I explored a bit with Konquerer and the shell and found that /mnt/hdg1 (The HD in question) was there, but again, I was having the same issues as in Windows. Frustrated to no wnd at this point, I tried a diferent tactic.

Solution Attempt 3:
I finally caved and bought Recover My Files http://www.recovermyfiles.com/ as this program s... Read more

Answer:System Volume Information Corrupt

9 more replies
Relevance 67.65%

I recently upgraded to Vista Home Premium. I Run Nod32 V3 virus software,but find that it does not scan System restore files. I have taken ownership of the folder and sub files but still cannot scan for malware. I used to use XP pro and had no problems scanning the restore files. The message in the Nod32 log file reads "error opening". Any help with this matter would be most welcome.
Thanks

Answer:System Volume Information Files

You might consider that if Nod32 can't open them, neither will malware, so
there really is no point to scanning them. Vista buttons down the system
much tighter than XP -- and I cannot stress enough it is NOT XP - so please
don't keep trying to make it work like XP. Learn how Vista works, and come
to appreciate that much of the third party tools you had to install in prior
versions is already there in Vista, or there is greatly reduced need for it.
Much now runs automatically in the background, and except for the disk
light, you won't even know it's running. It's possible that Nod32 comes in
a Vista compatible version that understands Vista a bit better than the
version you are using.
Good luck.
"jswas" <[email protected]> wrote in message
news:[email protected]
>
> I recently upgraded to Vista Home Premium. I Run Nod32 V3 virus
> software,but find that it does not scan System restore files. I have
> taken ownership of the folder and sub files but still cannot scan for
> malware. I used to use XP pro and had no problems scanning the restore
> files. The message in the Nod32 log file reads "error opening". Any help
> with this matter would be most welcome.
> Thanks
>
>
> --
> jswas
> ------------------------------------------------------------------------
> jswas's Profile: http://winvistaclub.com/forum/member.php?userid=569
> View this thread: http://winvistaclub.com/forum/s... Read more

3 more replies
Relevance 67.65%

How can I stop the recycle bin and the system volume information being placed on any attached devices - HDD etc.

Thanks in advance for your help

Answer:Recycle Bin and & System Volume Information

Hello mchampi, Welcome to TSF!

You cannot prevent the System Volume Information and Recycler Folders/Files from being placed on external Drives.
These two are essential for Windows? to recognise the size and makeup of the Drive; with the 'Recycler' for any files/folders that are intentionally deleted by you on the particular Drive.
Without these two Folder/Files your external Drive/s would not operate.
Hope this answers the query.

Kind Regards,

3 more replies
Relevance 67.65%

I intend to delete the file below but cannot find it on my computer ( Windows XP Pro )
# C:\System Volume Information\_restore{A9810597-5075-486E-AD8B-945DDC602D99}\RP565\A0119712.exe
Can anybody explain where this file is located and how to find it ?

Thanks

Anton ABC
 

Answer:Where to find c:\System Volume Information

10 more replies
Relevance 67.65%

hi

i'm on win2k pro and have ntfs file system; i just installed an additional 300g seagate on my pc as storage; however, i notice that it doesnt have a system volume information folder like all my other hd's; should i worry? in the past, after i create a partition to set it up, this hidden folder shows after a reboot except this time

i wonder why

thanks
 

Answer:no system volume information folder on new hd

Check Device Manager to see if the drive is designated as "removable".

You need only worry if you want System Restore to monitor that drive so that you can restore it. That may not be necessary in this case.
 

3 more replies
Relevance 67.65%

hey guys.
I have a problem... I am using a portable hdd.
and theres a problem- all of a sudden when I connect it to the usb, it asks me to format the drive. There are files on the drive. My guess is- it is because I deleted the "system volume information" folder via the hard disk itself, and not from windows. so now, I can't read the drive.
What can I do, to extract those files for safe keeping? PLS help

Answer:help! System volume information? format?

a fairly fail safe way is to try and put it IN a pc by removing the hdd from the case and installing it

5 more replies