Posted 30 November 2011 - 04:56 PM
I still wouldn't worry, as I mentioned before the System Volume Information folder is locked by the OS so accessing any data in there requires higher privileges than a standard administrator account. XP has a habit of thinking that a removable drive needs to be included in the system restore thus the 'system volume information' folder gets created on the drive. Again, I wouldn't loose any sleep over the fact that an infection was found in that folder.
I work with infected computers every day, I have a flash drive that I use as a toolbox, I was concerned about the flash drive being used to carry infections from one computer to another so what I did was create a folder on the root of the drive and named it autorun.inf ad changed the properties of the folder to read-only. That way if a virus tried to place itself onto the flash drive, it wouldn't be able to create the autorun entry that is needed to execute the payload. It doesn't prevent the virus from placing itself on the drive but prevents the auto run features in windows from executing the virus.... Learned that the hard way several years ago.