Friday, 20 November 2009
Home arrow Reference arrow Tech Talk arrow Infected Restore Points

Advertisement
See Our Latest Ads

Click here to check out our new ads!

 

iShield
Related Items
Main Menu
Home
Products
Reference
Support
Company
Downloads
FreeScan
Purchase
Infected Restore Points
Written by Crecia Scovill   

What is a Restore Point?

Restore Points are components of the Microsoft Windows utility called System Restore. They are "snapshots" of a computer's data at the time it was created. When a restore point is created, your computer makes a backup copy of all data from the time of creation. Restore Points can be created manually, or automatically if the System Restore utility is set to do so.

Vulnerable Operating Systems

System Restore is a utility included with Windows ME (Mellenium) and Windows XP. Windows Vista will have a similar function called System Protection and will have a different interface.


How does a Restore Point get infected?

Since a restore point is a backup of all the data on a computer from a specific time, if the computer was infected at the time of creation, the Restore Point would have a backup copy of the infection. So if the restore point was made while you were infected, it itself will be carrying the infection.

How do I get rid of it?

The easiest way to clear out a restore point infection is to reset your restore points. Disabling System Restore will delete all previous restore points, which would clear out the infected Restore Point(s), and then if your computer is in a clean state, you can turn System Restore back on to create a new restore point that will not be backing up any infection.

I would recommend scanning your computer with an Anti-virus program, such as Stop Sign, and making sure that you are not currently infected. After you verify that your computer is currently clean, you can then manually reset the restore points. I will include instructions below on how to do so, but please be aware that this is a Windows utility and we cannot support it. You can go to the Microsoft website for further information about, or support for, the System Restore utility.

RESETTING SYSTEM RESTORE MANUALLY:

TURNING OFF SYSTEM RESTORE
 
A) Right-click MY COMPUTER, select PROPERTIES. 
 
B) Click the PERFORMANCE tab, then click the FILE SYSTEM button. 
 
C) Click the TROUBLESHOOTING tab, then check the DISABLE SYSTEM   
   RESTORE box.   
 
D) Click APPLY, then CLOSE. 
 
E) Restart the computer. 

TURNING SYSTEM RESTORE BACK ON

F) Right-Click MY COMPUTER, Click the PERFORMANCE tab, then click
   the FILE SYSTEM button. 
 
G) Click the TROUBLESHOOTING tab, then uncheck the DISABLE SYSTEM   
   RESTORE box.   
 
H) Click APPLY, then CLOSE. 
 
I) Restart the computer when you are prompted to do so.   

***IF you do not see PERFORMANCE tab mentioned in step C and F, look for the SYSTEM RESTORE tab and click on that. You will see a check box saying, "Turn off System Restore on all drives," this will be how you disable System Restore, and uncheck it to re-enable.***

Turning off system restore will clear out its backup files, and turning it back on will create a new restore point. So long as your computer is clean at the time that you create a restore point, the new restore point will not be infected.


More Articles on System Restore:
http://www.microsoft.com/windowsxp/using/helpandsupport/learnmore/systemrestore.mspx
http://searchwinit.techtarget.com/sDefinition/0,,sid1_gci827077,00.html
http://www.theeldergeek.com/system_restore.htm
http://en.wikipedia.org/wiki/System_restore

 
Design by Team StopSign | Powered by eAcceleration.com
© 2009 StopSign.com

Top!