+ Post New Thread
Results 1 to 7 of 7
Windows Server 2000/2003 Thread, Virus in Volume shadow copy... in Technical; when shadow copy is off! Virus/spyware 'Mal/Generic-A' has been detected in "\.\GLOBALROOT\Device\HarddiskVolumeShadowCopy10\ Documents and Settings\All Users\Application Data\Sophos\Sophos Anti-Virus\INFECTED\Swatch.exe.000". Cleanup unavailable. ...
  1. #1

    CHR1S's Avatar
    Join Date
    Feb 2006
    Location
    Birmingham
    Posts
    4,530
    Thank Post
    1,622
    Thanked 500 Times in 307 Posts
    Rep Power
    220

    Virus in Volume shadow copy...

    when shadow copy is off!

    Virus/spyware 'Mal/Generic-A' has been detected in "\\.\GLOBALROOT\Device\HarddiskVolumeShadowCopy10\ Documents and Settings\All Users\Application Data\Sophos\Sophos Anti-Virus\INFECTED\Swatch.exe.000".
    Cleanup unavailable.
    There is nothing in quarantine, is it safe to ignore as a false positive?

  2. #2


    Join Date
    Mar 2009
    Location
    Leeds
    Posts
    6,800
    Thank Post
    231
    Thanked 883 Times in 759 Posts
    Rep Power
    300
    just delete it out of c:\Documents and Settings\All Users\Application Data\Sophos\Sophos Anti-Virus\INFECTED\

    then it wont make the next shadow copy

  3. #3

    CHR1S's Avatar
    Join Date
    Feb 2006
    Location
    Birmingham
    Posts
    4,530
    Thank Post
    1,622
    Thanked 500 Times in 307 Posts
    Rep Power
    220
    But shadow copy is turned off.......

  4. #4

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,592
    Thank Post
    109
    Thanked 770 Times in 598 Posts
    Rep Power
    183
    If you turn it back on, will the shadow copy re-initialise?

  5. #5

    CHR1S's Avatar
    Join Date
    Feb 2006
    Location
    Birmingham
    Posts
    4,530
    Thank Post
    1,622
    Thanked 500 Times in 307 Posts
    Rep Power
    220
    Sorry guys perhaps I sould be more clear, shadow copy was never on in the first place, thats why this is weird.

  6. #6


    Join Date
    Mar 2009
    Location
    Leeds
    Posts
    6,800
    Thank Post
    231
    Thanked 883 Times in 759 Posts
    Rep Power
    300
    isnt it on by default?

    dont things like sql for wsus/sims etc turn it on?

  7. Thanks to sted from:

    CHR1S (4th May 2010)

  8. #7

    CHR1S's Avatar
    Join Date
    Feb 2006
    Location
    Birmingham
    Posts
    4,530
    Thank Post
    1,622
    Thanked 500 Times in 307 Posts
    Rep Power
    220
    @sted - Oh! I didnt realise that, Ill turn it back on then.

    Thanks

SHARE:
+ Post New Thread

Similar Threads

  1. Volume Shadow service
    By Oops_my_bad in forum Windows Server 2008
    Replies: 1
    Last Post: 14th January 2009, 05:06 PM
  2. Replies: 1
    Last Post: 17th November 2008, 02:28 PM
  3. Replies: 18
    Last Post: 13th March 2008, 01:20 PM
  4. Shadow Copy
    By Grommit in forum Windows
    Replies: 5
    Last Post: 29th May 2007, 02:01 PM
  5. Shadow Volume Copy and Hidden Share
    By MartinDixon in forum Windows
    Replies: 5
    Last Post: 29th March 2006, 07:30 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •