|
-
August 19th, 2004, 02:44 PM
#1
Registered User
System Restore Windows ME
Hello everyone.
I have a Win ME machine that had the Netsky. A scan with McAfee online reveals over 26 files infected with Netsky... in _Restore\temp folder. My understanding is that when you turn off system restore, another dialog box is supposed to ask if you want to purge the old files. I can turn off System Restore, but that next dialog box does not come up. All my attempts to delete them have failed. My DOS is very rusty, but I even booted up with Start up disk and surfed to them and tried to delete them... I got no error message, but the computer seemed to be in some kind of endless loop. The sounds (rhythm) coming from the hard drive repeated every couple of seconds. So after about 15 minutes I abandoned that... maybe I should have been more patient. (not one of my virtues).
Any ideas would be helpful.
Thanks, Dean
PS Netsky removed, Norton AV reinstalled and updated, full system scan - clean. However, follow-up scan at McAfee freescan detects 26 files infected... all in _Restore\temp. 
What evil lurks in the hearts of computers? Only The Noo Noo knows!!!
-
August 19th, 2004, 03:39 PM
#2
Registered User
boot with your startup disk..when you get to the a prompt, type in
C:
when you get to the C prompt, type in
del _RESTORE
windows will rebuild the entire restore file on rebooting
-
August 19th, 2004, 04:12 PM
#3
Registered User
Thanks Geoscomp. That worked! Not sure why the above deletion did not work.
Dean 
What evil lurks in the hearts of computers? Only The Noo Noo knows!!!
-
August 19th, 2004, 09:55 PM
#4
Registered User
I can't verify it right now, but I believe the correct command would be:
deltree _RESTORE
That will ensure it delete everything inside that folder, including other folders and the files in those. I believe the del command will only delete the files in the folder, and not subfolders. I could be wrong...I know when I do that from a DOS bootdisk it takes hours sometimes to finish that if there is a lot of junk in there.
Also, there used to be this great application that would remove the complete usage of System Restore from ME, as well as some other minor tweaks...for those who never use it and hate it (That's Me!) then it's pretty useful. The only error I have ever seen was one that just plain wouldn't let it run at all so nothing ever changed. Alas, the website that made it points to a dead link and I can't find it anywhere else. However, in my infinite wisdom I have made a backup up of it so here you go:
www.inthewayboy.net/download.html
Of course I have no idea about how to contact the author or anything...and it goes without saying I'm not gonna support it...so use at own risk!
Last edited by InTheWayBoy; August 19th, 2004 at 10:22 PM.
-
August 20th, 2004, 11:34 AM
#5
One way I do it is to remove the drive and install it into a different machine that has updated AV software on it. They scan the drive as a slave. The result seems more effective to me. You could also just delete all the restore files when the drive is plugged in as a slave.
Indeterminism. There's nothing you can do about it.
-
August 20th, 2004, 12:00 PM
#6
Registered User
Hello all. Funny thing is that on reboot after the "del" command, the folder came back and so did everything in it. I attempted to "del _restore\temp\*.*" Maybe I wasn't patient enough (as I read Inthewayboy's post), but after a couple of hours it was still running, I let it run another hour and shut it down as it seemed to be going no where. I restarted in normal mode and turned system restore on and off again, finally, I right clicked on the _restore file and hit delete. Message said "file too large for recycle bin" so I permanently deleted it. It has not come back. I also loaded Norton System works and ran speed disk... both in hopes of over-writing the deleted files. No way to know if that happened, but _restore\temp folder is back and empty.
I've read a lot of discussions about best and worst this and that. I am a loyal Norton man, but I have to wonder about McAfee Freescan scanning the _restore folder, and Norton did not... or at least not reporting the 26 files with the Netsky. I'm temped to say that ME's system restore almost never works anyway, so the threat of infection from a system restore is almost 0.... but I know that Symantec would not think that way. 
But, just to be sure, I am allowing McAfee Freescan to have one more go at it.
Thanks everyone. Dean
What evil lurks in the hearts of computers? Only The Noo Noo knows!!!
-
August 20th, 2004, 06:36 PM
#7
Registered User
Update: Even McAfee says it's clean. Thanks everyone. Dean
What evil lurks in the hearts of computers? Only The Noo Noo knows!!!
-
August 20th, 2004, 07:43 PM
#8
Registered User
 Originally Posted by InTheWayBoy
www.inthewayboy.net/download.html
Of course I have no idea about how to contact the author or anything...and it goes without saying I'm not gonna support it...so use at own risk!
Nice! Interesting links on your site! 
What evil lurks in the hearts of computers? Only The Noo Noo knows!!!
Similar Threads
-
By 70-240 in forum Certification
Replies: 14
Last Post: February 20th, 2012, 03:35 AM
-
By ringo2143z in forum Windows XP
Replies: 25
Last Post: November 2nd, 2004, 01:28 AM
-
By Araman in forum Windows NT/2000
Replies: 3
Last Post: August 6th, 2001, 04:24 AM
-
By Budd in forum Tech-To-Tech
Replies: 2
Last Post: March 22nd, 2001, 02:59 PM
-
By Bjorn in forum Windows NT/2000
Replies: 3
Last Post: February 17th, 2001, 12:58 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
Bookmarks