Trojan Removal From System Restore

Let's start off with the simple. As time permits, I'll add additional pertinent information to this page.

I've receive at least 10 e-mails a week regarding viruses, mainly because people have problems removing them. One of the biggest problems is the virus scanner removes or heals the infected file, only to have it pop up in System Restore.

The answer is simple. Shut off System Restore. This will purge all of the files set aside for this function. So, after you've run through the removal process using your AV or worm removal tool, just proceed with the following:

REMEMBER!!!!!

Pros: If you have infected files, this will remove them.

Cons: All of your previous restore points are gone!

In order to delete the files located in System Restore's folder you'll need to disable this feature.




For Windows XP:

1. Right click the My Computer icon on the Desktop and click on Properties;
2. Click on the System Restore tab;
3. Check the box Turn off system restore for all drives.

4. Click Apply. Up pops this box:


click "Yes", and after a moment of hard drive activity, your Restore points are gone.

Now to restore the feature, just uncheck the Turn off system restore for all drives box.


Same procedure, different approach For Windows ME (taken from here)

Manually Purge the Data Store

To completely and immediately remove the infected file or files in the data store, disable and re-enable the System Restore feature.


WARNING: Using the following steps will completely remove all restore points from the data store. Do not use this method if this will cause problems. When you enable the System Restore feature again, the System Restore feature will create a new restore point and then resume monitoring your computer.

  1. Click Start, point to Settings, and then click Control Panel.

  2. Double-click System, and then click the Performance tab.

  3. Click File System, and then click the Troubleshooting tab.

  4. Click to select the Disable System Restore check box, click Apply, click to clear the Disable System Restore check box, click Apply, and then click OK.

  5. Restart the computer when you are prompted to do so. When the computer restarts, the data store is purged and the System Restore feature begins monitoring the system again.

0 comments:

Post a Comment