Cannot disable system restore
|
Original Message
|
Name: snapper
Date: December 4, 2002 at 06:39:25 Pacific
Subject: Cannot disable system restore
OS: ME
CPU/Ram: P4
|
Comment: I have 155 Klez infected files all in the C:\_system\Restore\. I cannot seem to disable system restore to delete these files. Box is checked and PC rebooted many times. Nothin running. The box to disable system restore is always checked when I view it. What next? Thanks..
Report Offensive Message For Removal
|
|
Response Number 1
|
Name: snapper
Date: December 4, 2002 at 08:14:26 Pacific
|
Reply: (edit)Let me put it another way. SYSTEM RESTORE disable box IS checked and may very well be disable. but when I run the virus removal tool it states that the infected files cannot be deleted or quarantined and suggests that I disable SYSTEM RESTORE. Will I be able to delete these files manually under safe mode?
 Report Offensive Follow Up For Removal
|
|
Response Number 2
|
Name: capt
Date: December 4, 2002 at 08:21:07 Pacific
|
Reply: (edit)Have you ever actually used "System Restore" in the past year and three months or so succesfully? There is a patch Q290700 to fix "System Restore" if it will not reset to a previous restore date. One last question are you, although I am certain you have done it this way, using the Control Panel>System>Performance>File System>Troubleshooting>Disable System Restore>OK>Close>Restart to disable "system restore"?
Report Offensive Follow Up For Removal
|
|
Response Number 3
|
Name: capt
Date: December 4, 2002 at 08:26:03 Pacific
|
Reply: (edit)yes exactly as shown. I also find it hard to believe that the ONLY infected files on my ayatem are ALL in this folder. Doesnt make sense to me. I know for sure I have seen the file "WINKLYN.EXE" in the windows\system directory as a hidden file and I did manage to delete once, but it comes back. Thanks for the adv will adv
John
Report Offensive Follow Up For Removal
|
|
Response Number 6
|
Name: wawadave
Date: December 4, 2002 at 11:10:28 Pacific
|
Reply: (edit)hello
you will need to delete these files from dos. reboot with m.e bootdisk in drive and chose with out cd-rom suport.
and at the
a:deltree*.* c:\windows\systemrestore
and click enter.
you may have this system restor some where else on drive inwitch case point deltree to it by useing the corect dos path. and the last folder in path is the one deltree will delete with all sub folders.
make sure its pointing to system restore.
should you not have system restore as last file in path it will delete any thing else
thats at the end becarefull this is permanent.
system restore will create a new folder once you reable it.but it will be empty untill you set a new restore point.
Report Offensive Follow Up For Removal
|
|
Response Number 7
|
Name: JackG
Date: December 4, 2002 at 13:15:14 Pacific
|
Reply: (edit)Use a Windows ME boot diskette, as noted, and do a:
Deltree C:\_RESTORE
to remove the System Restore files. AV programs and you may delete files, but they are saved in the Windows ME hidden System Restore folder (_RESTORE). You may also have to do the same if your AV is keeping copies in a folder such as C:\_SYSTEM\RESTORE.
Report Offensive Follow Up For Removal
|
|
Response Number 8
|
Name: Snapper
Date: December 5, 2002 at 07:18:00 Pacific
|
Reply: (edit)Thanks ALL. That did it! I have restored some 5 gigs of space and after running the Klez removal tool it showed 'o' virus and no files infected. I feel great. One word however, deleting that _restore folder can be a bit tricky. I had to try several methods even changed the attribs on the folder. But it did work. Thanks again.....
Report Offensive Follow Up For Removal
|
Use following form to reply to current message:
