Related to this question I posted a few days ago...
http://answers.yahoo.com/question/index;_ylt=Ag4LBvh_lXQYtnRlNRuyiLrsy6IX;_ylv=3?qid=20071115150331AAZ3lKp
I've been running SuperAntiSpyware and Spyware Doctor, and have run several complete McAfee scans on my laptop, but my computer is still running so slow that it's taking about 15 minutes from the time I click the "on" button to the time I get a logon window for my wireless connection. I'm getting various popup windows from McAfee and Spyware Doctor (and a few but not as many from SuperAntiSpyware) saying that malicious programs are being stopped from running, but they still aren't getting removed and I'm starting to wonder if using System Restore on Windows is my best way to go. The problems started about a week and a half ago, and I've been trying to set a System Restore date of Nov. 1, but I'm not getting the option to set a date before Nov. 14--the first time I tried to use System Restore.
2007-11-19 21:47:50 · 7 answers · asked by Pastor Chad from JesusFreak.com 6 in Computers & Internet ➔ Security
Is this my best option for getting back to a point before I got hit with spyware about a week and a half ago, and if so, how can I get Windows to let me set a date before Nov. 14 and restore at that point?
2007-11-19 21:49:08 · update #1
I've been backing everything up periodically on a flash drive and on a CD, but if I do a backup now, will it save the malware along with it? Or is there a way I can save only the non-malicious files from my hard drive to a flash drive or CD if I do the system recovery? Is there a middle option to keep me from having to go back to the original condition when I bought the laptop?
2007-11-19 22:13:14 · update #2
Ok, it looks like everyone has given you the correct programs to help remove Vundo and other trojans. It doesn't look like anyone has told your ONE VERY IMPORTANT ITEM.
Here is the truth. Windows can not clean the System Restore Folder while it is active! --
I repeat, you nor your system can clean the RESTORE folder while it is active!!!
So right click on "MY COMPUTER" then click on "Properties" once there click on the "System Restore" tab and under that turn off the RESTORE! (it is a check box to disable system restore) Then clean the system! The bad part is that this will also clear the restore points. BUT you can't use them anyway they will be corrupt (with many trojans and Vundo is one!)
This is the ONLY WAY you can clean the junk out of the RESTORE folder which will come back everytime you boot unless that folder is cleaned!
Now contrary to everyone else, I will tell you that the best tools I have found for cleaning a really bad system are, Windows Malicious Software Removal Tool and Windows Defender!
http://www.microsoft.com/security/malwareremove/default.mspx
http://www.microsoft.com/athome/security/spyware/software/default.mspx
(I like the tools you have been told about and I use them and they do usually work very well so use them also.) The reason I say this is "Who wrote and knows the code for your operating system?" Since the code has never been released you get the idea. Surely they also know how to clean it back up after they let junk get in it too! So if you haven't used those two tools DO SO! (After you turn off system restore!)
This also applies to the Vundo removal tools which several recommended - the symantic one is good
http://www.symantec.com/security_response/writeup.jsp?docid=2004-112210-3747-99
(I don't like the virus tools -- too resource intensive, but I do like the removals IF the malicious tool fails!)
You can also run online scans like
http://housecall.trendmicro.com -- pretty good tool really.
AGAIN be sure restore is OFF so you can clean that folder also!
Then ONCE you have everything clean and can run a clean scan *do run more than one* then re-enable SYSTEM RESTORE.
It should then work normally!
And IF you have malicious software (Vundo) on a system that has shared folders--- every machine on the network with a share will ALSO HAVE IT! If you read the information about it you will see that you need to REMOVE it from the NETWORK. And if we ever catch the folks behind it, Guitmo is too good for them! I think we should treat cyber terrorism the same as any other terrorism don't you!
One other item.. anything you copied or backed up since the infection should also be considered CONTAMINATED! Hope you have one from earlier! Or if you do have to resort to a complete restoration CLEAN THEM FIRST before putting them on your system!
2007-11-19 23:31:44 · answer #1 · answered by Tracy L 7 · 0⤊ 0⤋
I'm not so sure if a restore is an option for you at this time. There could be a number of reason why you are not getting the option to restore for that particular date
System Restore "restore points" are missing or deleted
http://support.microsoft.com/kb/301224/
Troubleshooting missing restore points
http://bertk.mvps.org/html/missingrps.html
One thing that I suggest you do is run HijackThis if you have not done so yet. This is a great tool in finding suspicious files that alot of antispyware/antiviral programs just can not
Prior to running and installing read the tuts. Also use the link that I have it listed under to download as I believe it's the latest version
HijackThis 2.0.2
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis
HijackThis Tutorial - How to use HijackThis to remove Browser Hijackers & Spyware
http://forums.majorgeeks.com/showthread.php?t=74216
http://www.spywareinfo.com/~merijn/htlogtutorial.php
http://www.bleepingcomputer.com/tutorials/tutorial42.html
http://aumha.org/a/hjttutor.htm
HijackReader 1.03 Beta - This is a must to run the program on your own!
http://www.majorgeeks.com/HijackReader_d5385.html
Please feel free to let me know how this works for you! =)
2007-11-19 23:26:19 · answer #2 · answered by techchick 7 · 0⤊ 0⤋
Go to Start /Control Panel /System /System Restore and in diskspace to use give it more space. It's like a lot of PC problems simple, when you know how. Bye Bye now.
2016-05-24 07:33:14 · answer #3 · answered by diann 3 · 0⤊ 0⤋
Try something different here. It sounds like you have a combination of spyware and ad-ware, and possibly some registry things causing problems. Download and run Microsoft's Live OneCare Cleanup Scan, which will reset your system restore points. Then download, install and run Ad-Aware. I use SuperAntiSpyware and Ad-Aware, and between the two of them, I keep my computer cleaned up.
http://onecare.live.com/site/en-US/center/cleanup.htm
http://www.lavasoftusa.com/software/adaware
2007-11-19 22:40:20 · answer #4 · answered by Anonymous · 1⤊ 1⤋
Whenever my computer starts to slow down, I do a system recovery which will erase everything and put stuff back on as though you just bought it from the store. Be sure to back everything up. When you're booting up your computer hit F10
2007-11-19 21:57:09 · answer #5 · answered by †ღ†Jules†ღ† 6 · 0⤊ 0⤋
Try this.
I dont recommend system restore because you had/have Vundo.
First run this vundo removal tool:
http://www.bleepingcomputer.com/forums/topic18610.html
Then run smitfraud removal tool:
http://www.bleepingcomputer.com/forums/topic17258.html
Now download & run these two programs:
http://www.iobit.com/advancedwindowscareper.html
http://www.ccleaner.com/
Now download this free program for real time protection (it works a lot better than windows Defender):
http://www.comodo.com/boclean/boclean.html
2007-11-20 00:05:01 · answer #6 · answered by Sly_Old_Mole 7 · 0⤊ 0⤋
That Windows and System Restore, man!
Woo-Hoo! It seems to get picky about working right just about EVERY SINGLE TIME you 'need' it to do its thing.
Not a very dependable 'tool', is it?
Hehe.
2007-11-19 21:58:21 · answer #7 · answered by omnisource 6 · 0⤊ 0⤋