I have 15,000+ files in the _RESTORE folder in the windows directory. They are .cpy files. They are hidden, and won't let me delete them. Are they normal or do I have a trojan horse eating my system? I went to DOS with a boot disc, went to the _RESTORE directory, and put in del *.*, it said it deleted everything, apparently not. I can't see the files even in DOS, they are hidden. I also can't remember the correct syntax to change attrib so I can see them and delete them that way,, HELP? Also,, the last time I had them like that, even changing the attrib to make them visible didn't help. When we tried to delete them in DOS, I got the message that they were locked and needed the system admin to remove them. I can't even change the attributes of the _RESTORE folder in windows, I just get an error that it couldn't be done,, that alone sounds fishy to me. They take up just over 350 megs. I don't think they are normal because I had an unsigned variant of the Jerusalem B trojan about a year ago, I had over 65,000 files then, about 2.5 gigs, and the only way to get them out was to erase the first 10 cylinders on the drive, and of course, the pleasures of reinstalling it all again.

Any Ideas?
I ran a scan for the trojan, and I don't find anything, but that doesn't mean much honestly.:eek:

Unless I'm wrong the files are there, so when something goes wrong with your computer you can use the system restore feature, to go to an earlier date and correct the problem. If you don't want the files I would check at the Microsoft web site for help. Good Luck:)

I'll check with Microsloth, thanks:)

OK, check with the Microsoft site, found the FAQ's about ME and did a bit of looking.

There is one titled hard drive space slowly dissapears. GOOD! It describes my problem exactly. I just needed to get the directory name to get to those files. It was c:\_RESTORE\TEMP,, from there a del *.* and they will go away.

I'm going to try it later, as it's going to take a while to delete them.
I already have disabled system restore, I don't use it, if I mess up the system that bad, I usually need to fdisk and start from scratch anyway:)

Thanks,, I'll let you know once it's done, might have to let it run over night to do this with that many files to delete:x

Well, tried the suggestion from Microshaft. It doesn't give me any error messages, it just won't let me delete them, locks up the system. The hard drive light is on solid but nothing is happening. I can restart, but no changes have been made.

Guess that unless they continue to grow, I'll have to live with them unless anyone here has any other ideas.:eek:

Late last night (2am) I was still looking at this thing. I noticed a file marked restore on my D drive as well. I was in Explorer. I right clicked and meant to click properties to see how big it was also. I clicked on delete instead, the system prompted me to see if I really wanted to do it, I said yes just to see what happened. IT DID IT. All gone now. Hmmm I said, went to the C drive in exporer and tried it the same way, and a few minutes later, all those files are now history. I gained back almost 700 mb of drive!!! When nothing else would work, including DOS, explorer did it. I don't know how or why but it did. Thanks for the tips.:D

Glad to help, have a good day. I might need to remove the same files sometime in the future, have 20GB HD that's not to full yet. G Ray88:t

the first method you suggested would work, you just didn't do it right by my guess.
You should make a system disk (format a disk and copy system files)
Reboot the machine with a: as your first boot device
navigate to the folder using the DOS switches (i.e. cd somefolder)
then type del *.*

Windows isn't loaded so no restrictions are in place - i.e. Windows can't stop you deleting the files because it only exists on the HD not the memory.

The only consideration would be if the files are read-only or are set to not be deleted then you should use the attrib command to set them correctly (I think this is NT / Win2000 specific tho not entirely sure)

Stefan