Ekhart GEORGI (last name last) wrote: > OK, then besides the (still) erroneous forward slashes instead of > backslashes, we now found another reason why you got error messages when > running the attrib command, John: You also need to put (double i.e. " ") > quotation marks around the path name in DOS commands when using names > longer than 8 characters or with spaces. Did I do that (slapping hand)? > George, you're indeed right that the fastest and simplest way to get rid > of malware in that folder is to temporarily turn off System Restore. > However, many malware experts advise against removing all restore points > in the situation that most computers are in when attacked by malware for > the following reason: > > Even a malware-infected restore point is better than none at all, at > least for most users. Instead of deleting all restore points, it's best > to simply ignore malware found by antivirus scans in System Volume > Information (because malware in there is completely harmless unless you > use an old restore point) and to simply not use the restore points > (unless you don't have any choice - and then you can get rid of the > "resurrected" malware the normal way). The infected restore points are > automatically removed when enough new ones have been made automatically > or manually. > > As Scott has pointed out before, antivirus programs that do not know how > to access and clean restore points are simply badly written. They should > either use the method Scott described to automatically access System > Volume Information or shut up and not blurt out their incompetence and > not simultaneously worry users unnecessarily :-) The very least they > could do is explain to users that their computer has been cleaned of and > is in no danger from the malware whose copy is in some restore point, > but that they should not use restore points unless absolutely necessary. > They should then advise users to make a new restore point and then use > Disk Cleanup to remove all but the most recent restore point once the > computer has run well for a few days. That reveals some good thinking. I will try to work out a way to apply it to my system as time allows (busy day today). -- Regards, John Durham <http://modecideas.com/contact.html?sig> ICQ number 571215671 Fax/Phone 64 4 5286786 PC-HELPERS list subscribe/unsub at http://modecideas.com/discuss.htm?sig Blog http://pc-tech-upper-hutt.blogspot.com/ Get a copy of my novel entitled "Return" at http://stores.lulu.com/store.php?fAcctID=1382737 Good advice is like good paint- it only works if applied. -- -------list-services-below----------- Regards, John Durham (list moderator) <http://modecideas.com/contact.html?sig> Freelists login at //www.freelists.org/cgi-bin/lsg2.cgi List archives at //www.freelists.org/archives/pchelpers PC-HELPERS list subscribe/unsub at http://modecideas.com/discuss.htm?sig Latest news live feeds at http://modecideas.com/indexhomenews.htm?sig Good advice is like good paint- it only works if applied.