webster72n
Wed May 05 11:01:58 CDT 2004
You are a 'Lifesaver', Mike.
Your analysis is detailed and gives me options.
Thank you a million times over.
Harry.
"Mike M" <No_Spam@Corned_Beef.Only> wrote in message
news:ORbeLSlMEHA.268@TK2MSFTNGP11.phx.gbl...
> There is no need to be concerned about any virus or trojan in the _RESTORE
> archive as they are harmless there and can only cause problems if you
later
> choose to restore to a checkpoint created AFTER infection and BEFORE you
> cleaned your system. Something I hope you won't be doing after reading
this
> post. Any worms, trojans and viruses in the _restore archive will
> automatically be discarded in time as newer data is archived and older
files
> discarded The problem with disabling system restore is that it flushes
the
> _restore archive and whilst that removes any virus remnants it also
removes
> any good usable checkpoints you might have and you never know when you
might
> want to use that lifebelt.
>
> However If you are worried about this, then there are two approaches to
> resolving your problem:
> Firstly try reducing the space allocated to the System Restore archive as
this
> could flush out these unwanted files. Do this using the slider found at
> System | Performance | File System | Hard Disk and reduce the allocated
space
> until you flush out the unwanted files.
>
> If that fails, reset System Restore:
> System | Performance | File System | Troubleshooting and check "Disable
> System Restore", Apply and IMMEDIATELY reboot. This will flush you
restore
> folder and erase all checkpoints, then,
> System | Performance | File System | Troubleshooting and uncheck "Disable
> System Restore", Apply and again IMMEDIATELY reboot. This should now
> automatically create a new checkpoint immediately following the restart.
> Finally adjust the space allocated to the restore folder,
> System | Performance | File System | Hard Disk and adjust the restore
slider
> to your preferred setting. A figure of 200MB is normally more than
adequate
> for day to day use allowing perhaps a week of checkpoints to be available
> although increasing this to perhaps 400-500MB for a few days during
periods of
> large installs such Microsoft Office is advisable.
>
> See also MS KB 263455 - "Antivirus Tools Cannot Clean Infected Files in
the
> _Restore Folder" (
http://support.microsoft.com?kbid=263455).
> --
> Mike Maltby MS-MVP
> mcmaltby@hotmail.com
>
>
> webster72n <hbethke@copper.net> wrote:
>
> > I have the feeling of a drowning person.
> > Here I thought to have everything under control, when I find out about
> > this pesty 'W32Netsky Virus' in my system.
> > I ran the 'McafeeAvertStinger' and it found a mess of that virus hidden
in
> > 'RESTORE\ARCHIVE\FS.CAB' files and the "Stinger" isn't taking care of
> > them, even though I tried
> > both, repair and delete in preferences.
> > When I tried to delete the files myself (they are WinZip files), I was
> > denied access, because 'the source file may be in use'.
> > My question is: how do you delete those files?
> > I know the FS numbers from the stinger's list.
> > Or is there another utility which can take care of the problem?
> > Only my C:\ drive's winzip archive files are infected,
> > the rest is clean.
> > How in the world could this have happened?
> >
> > Hopefully someone has the answers.
> >
> > Harry.
>
>
�����