Problem:Threat seems to only be detected in a hidden restore file or shadow copy. This seems to be a known issue with any O/S that has System Restore functionality

Here is a short description on the problem:

Excerpt From >http://support.microsoft.com/kb/831829


"During a restoration, an active antivirus program scans for infected files. If the antivirus program detects any infected files, the antivirus program tries to modify, move, or delete the infected files. If the antivirus program successfully cleans the infected files, System Restore restores the cleaned files. However, if the antivirus software cannot clean a file, the antivirus software deletes or quarantines the file. As a result, the restoration does not work because these actions to the file cause an inconsistent restoration state. As a result, System Restore reverts to the state immediately before the restoration.

Signature files for antivirus programs are updated as viruses become known. As a result, a restoration that did not work several days ago might succeed after the antivirus program is updated. However, if you undo and retry a restoration to a point that succeeded before, the restoration may not work if a new signature or definition detects a virus that the antivirus program cannot clean on a backed-up file."


Further information on how to deal with this type of issue can be found here>


http://support.microsoft.com/kb/831829

http://support.microsoft.com/kb/q263455

http://antivirus.about.com/od/windowsbasics/a/systemrestore.htm

http://www.tech-recipes.com/windows_tips8.html




(Thanks To Ernie D for his valued input)



Legacy Forum Name: System Restore Functionality and AV,
Legacy Posted By Username: lfacey