HELP! How to delete restore files in WinME...virus infected

Toggle sidebar Toggle sidebar
M

msh111

Senior member
Nov 13, 2000
339
0
0
Help...in a bind! My brother is running WinME on this machine, and he got the Klez worm. We cleaned it from the machine, but using the Klez remove tool, it is still infected in the restore area of C, and he's only using one drive. I can't for the life of either of us, figure out how to delete the restore files (points) in WinME. I looked for file folder _restore, but it comes up nothing. Tried exploring to see what would be relevant, and can't figure out where the restore files are hidden in this OS. Can someone be our guide? TIA :)
 
Bartman39

Bartman39

Elite Member | For Sale/Trade
Jul 4, 2000
8,867
51
91
You can go under the system properties/performance/file system/trouble shooting and disable it...? As to delete it...? Dont think you can unless you format and reinstall...?
 
R

RPB

Senior member
Oct 16, 1999
335
0
76
use a dos bootdisk

if the file is hidden unhide it and delete it.

 
M

msh111

Senior member
Nov 13, 2000
339
0
0
We thought there might be a trick to getting these restore files out of hiding before resorting to format/restore. Tried dos boot and all files are visibleand still cannot identify restore files. Did disable the restore feature during klez cleaning, and am leaving it disabled, just didn't want those 5 infected files left somewhere on the hard disk, even if not accessible unless restoring to a previous saved restore point. I believe a reformat is all that's left (unless someone else has a stroke of genious to share?) and being sure to disable the restore feature immediately so damn infections can't be saved in a restore file to further infect later on a restore. My brother is a real novice when it comes to pc's so he would do something like restoring to a previous point without knowing the consequences. He has deleted shortcuts off the desktop thinking he uninstalled programs, if that is any indication of his pc expertise :) ( no offense to my brother)
 
daveybrat

daveybrat

Elite Member
Super Moderator
Jan 31, 2000
5,807
1,021
126
i've been here many times, and it can be cleaned.
You need to boot to a dos prompt, and then go to c:
type in cd _restore
type in cd temp

then do a directory and you'll see lots of *.cpy files which are all temp files.
there will probably be thousands of files and it will take a long time to delete.
You must then type del *.* at the prompt to delete ALL the .cpy files.
And since these are merely restore files, they aren't needed.
this process will take several hours to complete as it's a lot of files and dos is slow
in deleting them. Just let it run till it's done and you'll be virus free.
:)
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom