Re: w32/sdbot

• Previous message: Robert Moir: "Re: w32/sdbot"
• In reply to: john: "w32/sdbot"
• Next in thread: rick: "w32/sdbot"
• Messages sorted by: [ date ] [ thread ]

Date: Sun, 15 Aug 2004 13:55:20 -0400

Please read the following URL:
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm

The objective:
------------------
- Turn off the System Restore function
- Reboot the PC
- Using your AV package, perform a full scan of all files on the platform and clean/delete
       infectors found
- Turn on the System Restore function, and re-apply any System Restore preferences,
       e.g. HD space to use
- Reboot the PC
- Create a new System Restore point.

If you have problems, it can be done manually....

Use the WinME floppy boot disk and boot from drive "A:"
When you get to a DOS prompt enter the following command

attrib -r -s -h c:\_RESTORE
rename c:\_RESTORE c:\RESTORE.old

Reboot the PC.

In Windows delete the folder; c:\RESTORE.old

Please report back your results.

Dave

"john" <anonymous@discussions.microsoft.com> wrote in message
news:683e01c482e5$abcd59e0$a601280a@phx.gbl...
| i have one file(C:\restore\temp\ (a10017605.cpy)infected
| with a worm. msafee is unable to clean this file as it is
| write protected.any suggestions please.

• Previous message: Robert Moir: "Re: w32/sdbot"
• In reply to: john: "w32/sdbot"
• Next in thread: rick: "w32/sdbot"
• Messages sorted by: [ date ] [ thread ]