Mike,

I am sorry but common practise nowadays is turning off system restore =
before scanning and cleanup.

If you leave system restore on, many of the latest nasty intruders will =
immediately restore upon the first reboot.

This applies to WinME as well as to WinXP.

Regarding winsock corruption, it's also generally suggested to download =
the fixing tool before cleaning.

I always suggest this winsock fix by Option^Explicit (compatible with =
Win95, 98, Me, 2000 and XP):

http://downloads.subratam.org/WinsockFix.zip

Anyway, this has been working for me this way, and you will see it =
recommended in most, if not all, forums on the subject.

Cheers,

Zee




"Mike M" wrote in message =
...
Zee,
=20
Best practice is not to turn off system restore until AFTER the system =
is=20
clean (other than for the archive) and working correctly at which =
point=20
system restore should be reset so as to clear the archive and create a =

good new reference point.
=20
Disabling system restore prior to cleansing is never to be =
recommended.=20
Users run the risk whilst cleaning of damaging their system, perhaps=20
leaving it in an unusable state such as perhaps with a damaged winsock =
and=20
unable to access the net. In such cases system restore can be the =
life=20
line that saves the user and allows them to get back a usable system - =

either by restoring to a checkpoint created before infection or at =
worst a=20
system that can connect to the net albeit still infected at which =
point=20
the necessary winsock repair tool (such as LSPfix) can be downloaded =
for=20
use after cleaning.
--=20
Mike Maltby MS-MVP

=20
=20
oops!! wrote:
=20
Mike Maltby thoroughly explains the reasons for your findings.

Please be aware that it is considered good practise to turn off
system restore BEFORE cleaning your system of virus, spyware, =
malware
and similar nasties.

This will avoid the "problems" you're facing, as well as seeing =
those
nasties using that Windows feature to restore themselves!