Change the flag while it’s in replace mode. I’m not sure you even need to do it
though. You can delete r/o files from the command line, (del /f) I just don’t
know what gp would do with it. I suspect it would take care of it but I’ve
never needed to try. Actually, I’m thinking just removing / disabling the link
should reverse the process if you check the remove when no longer applied box.
--
There are 10 kinds of people in the world...
those who understand binary and those who don't.
From: [email protected] [mailto:[email protected]] On
Behalf Of Michael Leone
Sent: Wednesday, June 28, 2017 12:15 PM
To: [email protected]
Subject: Re: [NTSysADM] Using GPP to fight Petya
On Wed, Jun 28, 2017 at 11:16 AM, J- P
<[email protected]<mailto:[email protected]>> wrote:
kaspersky detected perfc.dat as a malicious file
anyone else get that?
Yep, seeing the same warnings. And all on the perfc.dat file that I created
using GPP, to stop "Petya". LOL
Guess I didn't need to create that file, anyway. Oh, well, maybe tomorrow I'll
change the entry to "Delete", rather than "Replace". After figuring out how to
change the read-only flag ...
