A Windows 98 & ME forum. Win98banter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » Win98banter forum » Windows ME » General
Site Map Home Authors List Search Today's Posts Mark Forums Read Web Partners

Restore \temp infected file



 
 
Thread Tools Display Modes
  #1  
Old June 17th 04, 02:34 PM
Mary
external usenet poster
 
Posts: n/a
Default Restore \temp infected file

Can anyone help me? I ran my AVG scan, I have an infected
file called BKDR Ruledor.d in C:\
restore\temp\A0011243/cpy. AVG says it can't be cleaned or
removed....I ran Trend and it said it can't be cleaned or
deleted because its in use. What can i do to get rid of it?
What is a backdoor virus, how did it get in my computer?
  #2  
Old June 17th 04, 05:08 PM
Mike M
external usenet poster
 
Posts: n/a
Default Restore \temp infected file

There is no need to be concerned about any virus or trojan in the _RESTORE
archive as they are harmless there and can only cause problems if you later
choose to restore to a checkpoint created AFTER infection and BEFORE you
cleaned your system. Something I'm sure you won't be doing after reading this
post. Any worms, trojans and viruses in the _restore archive will
automatically be discarded in time as newer data is archived and older files
discarded The problem with disabling system restore is that it flushes the
_restore archive and whilst that removes any virus remnants it also removes
any good usable checkpoints you might have and you never know when you might
want to use that lifebelt. If you do want to clear this folder I wouldn't
advise doing so until _after_ you have thoroughly cleaned your system and got
it working again just in case you need to use system restore. Once your
system is clean and fully functional you can clear the folder.

Moving on yo how to clear the archive. There are two approaches to resolving
your problem:
Firstly try reducing the space allocated to the System Restore archive as this
could flush out these unwanted files. Do this using the slider found at
System | Performance | File System | Hard Disk and reduce the allocated space
until you flush out the unwanted files.

If that fails, reset System Resto
System | Performance | File System | Troubleshooting and check "Disable
System Restore", Apply and IMMEDIATELY reboot. This will flush you restore
folder and erase all checkpoints, then,
System | Performance | File System | Troubleshooting and uncheck "Disable
System Restore", Apply and again IMMEDIATELY reboot. This should now
automatically create a new checkpoint immediately following the restart.
Finally adjust the space allocated to the restore folder,
System | Performance | File System | Hard Disk and adjust the restore slider
to your preferred setting. A figure of 200MB is normally more than adequate
for day to day use allowing perhaps a week of checkpoints to be available
although increasing this to perhaps 400-500MB for a few days during periods of
large installs such Microsoft Office is advisable.

See also MS KB 263455 - "Antivirus Tools Cannot Clean Infected Files in the
_Restore Folder" (http://support.microsoft.com?kbid=263455).
--
Mike Maltby MS-MVP



Mary wrote:

Can anyone help me? I ran my AVG scan, I have an infected
file called BKDR Ruledor.d in C:\
restore\temp\A0011243/cpy. AVG says it can't be cleaned or
removed....I ran Trend and it said it can't be cleaned or
deleted because its in use. What can i do to get rid of it?
What is a backdoor virus, how did it get in my computer?



  #3  
Old June 17th 04, 06:47 PM
Linda
external usenet poster
 
Posts: n/a
Default Restore \temp infected file

What you are saying makes complete sense when you think
about how system restore works. Someone should rap the
knuckles of the people that wrote the article on running
the stinger for virus removal from archives. They tell you
to disable your system restore. Real bad advice.
-----Original Message-----
There is no need to be concerned about any virus or

trojan in the _RESTORE
archive as they are harmless there and can only cause

problems if you later
choose to restore to a checkpoint created AFTER infection

and BEFORE you
cleaned your system. Something I'm sure you won't be

doing after reading this
post. Any worms, trojans and viruses in the _restore

archive will
automatically be discarded in time as newer data is

archived and older files
discarded The problem with disabling system restore is

that it flushes the
_restore archive and whilst that removes any virus

remnants it also removes
any good usable checkpoints you might have and you never

know when you might
want to use that lifebelt. If you do want to clear this

folder I wouldn't
advise doing so until _after_ you have thoroughly cleaned

your system and got
it working again just in case you need to use system

restore. Once your
system is clean and fully functional you can clear the

folder.

Moving on yo how to clear the archive. There are two

approaches to resolving
your problem:
Firstly try reducing the space allocated to the System

Restore archive as this
could flush out these unwanted files. Do this using the

slider found at
System | Performance | File System | Hard Disk and reduce

the allocated space
until you flush out the unwanted files.

If that fails, reset System Resto
System | Performance | File System | Troubleshooting and

check "Disable
System Restore", Apply and IMMEDIATELY reboot. This will

flush you restore
folder and erase all checkpoints, then,
System | Performance | File System | Troubleshooting and

uncheck "Disable
System Restore", Apply and again IMMEDIATELY reboot.

This should now
automatically create a new checkpoint immediately

following the restart.
Finally adjust the space allocated to the restore folder,
System | Performance | File System | Hard Disk and adjust

the restore slider
to your preferred setting. A figure of 200MB is

normally more than adequate
for day to day use allowing perhaps a week of checkpoints

to be available
although increasing this to perhaps 400-500MB for a few

days during periods of
large installs such Microsoft Office is advisable.

See also MS KB 263455 - "Antivirus Tools Cannot Clean

Infected Files in the
_Restore Folder" (http://support.microsoft.com?

kbid=263455).
--
Mike Maltby MS-MVP



Mary wrote:

Can anyone help me? I ran my AVG scan, I have an

infected
file called BKDR Ruledor.d in C:\
restore\temp\A0011243/cpy. AVG says it can't be cleaned

or
removed....I ran Trend and it said it can't be cleaned

or
deleted because its in use. What can i do to get rid of

it?
What is a backdoor virus, how did it get in my

computer?


.

  #4  
Old June 17th 04, 07:00 PM
Mike M
external usenet poster
 
Posts: n/a
Default Restore \temp infected file

Thanks Linda.

Unfortunately there are many that feel the first thing they should do when
infected is to remove their lifeboat, parachute and any other recovery tools
they might have and then start cleaning their system. IMO a more logical and
far safer approach is to repair the system first and only when that is fully
functional as intended start worrying about any holes in the lifeboats and
parachutes and at that time, and not before, think about fixing those problems
by clearing the restore archive.

Regards,
--
Mike Maltby MS-MVP



Linda wrote:

What you are saying makes complete sense when you think
about how system restore works. Someone should rap the
knuckles of the people that wrote the article on running
the stinger for virus removal from archives. They tell you
to disable your system restore. Real bad advice.



  #5  
Old June 18th 04, 12:17 AM
Mary
external usenet poster
 
Posts: n/a
Default Restore \temp infected file

Thank you , Mike, I did what you suggested, ran another
scan, and the nasty little guy is gone.:-)

-----Original Message-----
There is no need to be concerned about any virus or

trojan in the _RESTORE
archive as they are harmless there and can only cause

problems if you later
choose to restore to a checkpoint created AFTER infection

and BEFORE you
cleaned your system. Something I'm sure you won't be

doing after reading this
post. Any worms, trojans and viruses in the _restore

archive will
automatically be discarded in time as newer data is

archived and older files
discarded The problem with disabling system restore is

that it flushes the
_restore archive and whilst that removes any virus

remnants it also removes
any good usable checkpoints you might have and you never

know when you might
want to use that lifebelt. If you do want to clear this

folder I wouldn't
advise doing so until _after_ you have thoroughly cleaned

your system and got
it working again just in case you need to use system

restore. Once your
system is clean and fully functional you can clear the

folder.

Moving on yo how to clear the archive. There are two

approaches to resolving
your problem:
Firstly try reducing the space allocated to the System

Restore archive as this
could flush out these unwanted files. Do this using the

slider found at
System | Performance | File System | Hard Disk and reduce

the allocated space
until you flush out the unwanted files.

If that fails, reset System Resto
System | Performance | File System | Troubleshooting and

check "Disable
System Restore", Apply and IMMEDIATELY reboot. This will

flush you restore
folder and erase all checkpoints, then,
System | Performance | File System | Troubleshooting and

uncheck "Disable
System Restore", Apply and again IMMEDIATELY reboot.

This should now
automatically create a new checkpoint immediately

following the restart.
Finally adjust the space allocated to the restore folder,
System | Performance | File System | Hard Disk and adjust

the restore slider
to your preferred setting. A figure of 200MB is

normally more than adequate
for day to day use allowing perhaps a week of checkpoints

to be available
although increasing this to perhaps 400-500MB for a few

days during periods of
large installs such Microsoft Office is advisable.

See also MS KB 263455 - "Antivirus Tools Cannot Clean

Infected Files in the
_Restore Folder" (http://support.microsoft.com?

kbid=263455).
--
Mike Maltby MS-MVP



Mary wrote:

Can anyone help me? I ran my AVG scan, I have an

infected
file called BKDR Ruledor.d in C:\
restore\temp\A0011243/cpy. AVG says it can't be cleaned

or
removed....I ran Trend and it said it can't be cleaned

or
deleted because its in use. What can i do to get rid of

it?
What is a backdoor virus, how did it get in my

computer?


.

  #6  
Old June 18th 04, 12:39 AM
Mike M
external usenet poster
 
Posts: n/a
Default Restore \temp infected file

Thanks for the feedback Mary,

Glad to read your PC now comes up all clean.
--
Mike Maltby MS-MVP



Mary wrote:

Thank you , Mike, I did what you suggested, ran another
scan, and the nasty little guy is gone.:-)



 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Please help! Display settings !! Mitzi Monitors & Displays 12 July 11th 04 05:19 AM
Windows Temp file Czarnee Improving Performance 4 July 1st 04 06:04 PM
How to restore SYSTEM.INI file laverne Software & Applications 2 June 27th 04 03:26 AM
Win98SE - problem with USB printer HBYardSale Software & Applications 2 June 20th 04 06:27 PM
Winlogon.exe file infected Dave General 2 June 9th 04 08:58 PM


All times are GMT +1. The time now is 08:48 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 Win98banter.
The comments are property of their posters.