Since: 14.1.02 From: Ottawa Ontario, by way of Walkerton
Since last post: 6 days Last activity: 17 min.
#1 Posted on 1.8.04 0943.05 Reposted on: 1.8.11 0943.41
I'm having some virus problems. I ran Norton, and it says I'm clean (the definitions are all uptodate). But I went online and I ran this program called "BitDefender" (an online virus scanner) and it says I have several infected files in a directory called C:\_RESTORE\TEMP. The file extention is *.CPY
There's well over 23000 (twenty three THOUSAND) of these files. And they're all named something weird. C:\_RESTORE\TEMP\A0066695.CPY is an example.
(the message BitDefender pops up is C:\_RESTORE\TEMP\A0066695.CPY=>(CAB Sfx r)=>Save.exe infected: Application.Adware.SaveNow.A).
Whenever I try to find the folder or files I have to cut and paste it and run a search. I can't MANUALLY find them by looking through folders (even though I have "show hidden files and folders activated). When I do find them I can't delete them becauseit says their source file is in use (even when I go into safe mode).
The operating system is Windows ME. Any and all help to get rid of these files would be appreciated.
#2 Posted on 1.8.04 1137.21 Reposted on: 1.8.11 1137.27
I've never heard of Bit Defender, so I don't know how reliable it is. However, it seems to be telling you that these files are hidden Adware files, which is why Norton wouldn't get them because they're not actually virus files.
Since last post: 1963 days Last activity: 1941 days
#4 Posted on 2.8.04 0107.15 Reposted on: 2.8.11 0107.41
I use BitDefender antispam, installed, not the online version. It's pretty good at finding shit like that, but it does go through EVERYTHING, backups of deleted items from email things like that. Technically these things are still on your system, but as Guru said just don't restore them and you should be fine. And maybe narrow the scan for next time. :)
Since last post: 1691 days Last activity: 19 hours
#5 Posted on 2.8.04 2226.15 Reposted on: 2.8.11 2227.24
Originally posted by Guru ZimIf they are in the system restore directory, as long as you don't choose to restore the system states that have them, you should be fine.
I wouldn't put an extreme amount of faith in a product that didn't explain that to you.
I have Windows ME and Guru is right. However, if you would really like to get rid of them, you need to disable System Restore, reboot, and (if you want to...) re-enable System Restore. This will remove all previous restore points and the should delete the files that Bit Defender is finding in that directory.
I don't remember off the top of my head how to disable SR, (I'm at work...) but it should be easy to look up....