Jump to content

Can Zlob be removed by using a restore point?

Guest rod

By Guest rod
in Windows XP

 Share

Recommended Posts

  • Replies 46
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Plato

Guest Plato

Posted
Posted

Re: Can Zlob be removed by using a restore point?

 

rod wrote:

>

you cant remove trojans/viruses using system restore

Guest rod

Guest rod

Posted
Posted

Re: Can Zlob be removed by using a restore point?

 

OK. thanks

 

 

"Plato" <|@|.|> wrote in message

news:48d47d47$0$85713$bb4e3ad8@newscene.com...

> rod wrote:

>>

> you cant remove trojans/viruses using system restore

>

>

Guest David H. Lipman

Guest David H. Lipman

Posted
Posted

Re: Can Zlob be removed by using a restore point?

 

From: "Plato" <|@|.|>

 

| rod wrote:

 

| you cant remove trojans/viruses using system restore

 

 

That is a misleading statement.

 

It is not a black and white issue. There are greay areas.

 

While there are some viruses like Parite and Virut that can not be removed via a

restoration from a System Restore point, there are others such as email borne viruses that

can.

 

Likewise with trojans.

A RootKit or strongly embedded one can not be removed via a restoration from a System

Restore point, but a simple Dialer or BHO can.

 

--

Dave

http://www.claymania.com/removal-trojan-adware.html

Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

Guest DrTeeth

Guest DrTeeth

Posted
Posted

Re: Can Zlob be removed by using a restore point?

 

On Sat, 20 Sep 2008 18:52:37 +0800, "rod"

<pookiethai@NOSPAMiprimus.com.au> wrote:

>OK. thanks

>

>

>"Plato" <|@|.|> wrote in message

>news:48d47d47$0$85713$bb4e3ad8@newscene.com...

>> rod wrote:

>>>

>> you cant remove trojans/viruses using system restore

>>

>>

>

 

Yes you can! Any files will not be deleted BUT the crap that autoloads

it **will**l be gone. The virus/trojan will not be active and will not

reinitialise. You can then delete their files.

--

 

Cheers,

 

DrT

 

** Stress - the condition brought about by having to

** resist the temptation to beat the living daylights

** out of someone who richly deserves it.

Guest Alias

Guest Alias

Posted
Posted

Re: Can Zlob be removed by using a restore point?

 

David H. Lipman wrote:

> From: "Plato" <|@|.|>

>

> | rod wrote:

>

> | you cant remove trojans/viruses using system restore

>

>

> That is a misleading statement.

>

> It is not a black and white issue. There are greay areas.

>

> While there are some viruses like Parite and Virut that can not be removed via a

> restoration from a System Restore point, there are others such as email borne viruses that

> can.

>

> Likewise with trojans.

> A RootKit or strongly embedded one can not be removed via a restoration from a System

> Restore point, but a simple Dialer or BHO can.

>

 

First thing I do when cleaning an XP box is to disable system restore to

flush out anything that might be lurking there.

 

Alias

Guest DrTeeth

Guest DrTeeth

Posted
Posted

Re: Can Zlob be removed by using a restore point?

 

On Sat, 20 Sep 2008 14:28:17 +0200, Alias <iamalias@REMOVEgmail.com>

wrote:

>First thing I do when cleaning an XP box is to disable system restore to

>flush out anything that might be lurking there.

 

Why? Nothing can get out unless you let it.

--

 

Cheers,

 

DrT

 

** Stress - the condition brought about by having to

** resist the temptation to beat the living daylights

** out of someone who richly deserves it.

Guest David H. Lipman

Guest David H. Lipman

Posted
Posted

Re: Can Zlob be removed by using a restore point?

 

From: "Alias" <iamalias@REMOVEgmail.com>

 

 

| First thing I do when cleaning an XP box is to disable system restore to

| flush out anything that might be lurking there.

 

| Alias

 

I used to recommend that approach.

 

However, through communication with peers and experience, I no longer suggest this as a

first approach.

 

The reason is the System Restore is a valuable fall-back position.

 

If you remove malware and the OS becomes unstable or somehow corrupted, you can restore

the PC to its previous (albeit infected) condition and then change the motive operandi in

cleaning the system. After thorough examination and cleansing of the PC and you are

greatly assured the system is clean and operating in a stable manner, then dump the System

Restore cache. Reboot re-enable and then create a clean new restore point.

 

--

Dave

http://www.claymania.com/removal-trojan-adware.html

Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

Guest Alias

Guest Alias

Posted
Posted

Re: Can Zlob be removed by using a restore point?

 

DrTeeth wrote:

> On Sat, 20 Sep 2008 14:28:17 +0200, Alias <iamalias@REMOVEgmail.com>

> wrote:

>

>> First thing I do when cleaning an XP box is to disable system restore to

>> flush out anything that might be lurking there.

>

> Why? Nothing can get out unless you let it.

 

Yeah, sure, keep telling yourself that.

 

Alias

Guest Alias

Guest Alias

Posted
Posted

Re: Can Zlob be removed by using a restore point?

 

David H. Lipman wrote:

> From: "Alias" <iamalias@REMOVEgmail.com>

>

>

> | First thing I do when cleaning an XP box is to disable system restore to

> | flush out anything that might be lurking there.

>

> | Alias

>

> I used to recommend that approach.

>

> However, through communication with peers and experience, I no longer suggest this as a

> first approach.

>

> The reason is the System Restore is a valuable fall-back position.

>

> If you remove malware and the OS becomes unstable or somehow corrupted, you can restore

> the PC to its previous (albeit infected) condition and then change the motive operandi in

> cleaning the system. After thorough examination and cleansing of the PC and you are

> greatly assured the system is clean and operating in a stable manner, then dump the System

> Restore cache. Reboot re-enable and then create a clean new restore point.

>

 

If it gets to that point, I stop chasing ghosts and reinstall XP.

 

Alias

Guest David H. Lipman

Guest David H. Lipman

Posted
Posted

Re: Can Zlob be removed by using a restore point?

 

From: "Alias" <iamalias@REMOVEgmail.com>

 

| If it gets to that point, I stop chasing ghosts and reinstall XP.

 

| Alias

 

Well there is always the Cost-Benefit Analysis (CBA).

 

However, the point is...

Dumping the System restore cache should be the last item on the list, not the first.

 

--

Dave

http://www.claymania.com/removal-trojan-adware.html

Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

Guest DrTeeth

Guest DrTeeth

Posted
Posted

Re: Can Zlob be removed by using a restore point?

 

On Sat, 20 Sep 2008 15:07:56 +0200, just as I was about to take a

herb,Alias <iamalias@REMOVEgmail.com> disturbed my reverie and wrote:

>Yeah, sure, keep telling yourself that.

 

Instead of being sarcastic and infantile, why not post a like so that

I can be proven wrong and actually learn something?

--

 

Cheers,

 

DrT

 

** Stress - the condition brought about by having to

** resist the temptation to beat the living daylights

** out of someone who richly deserves it.

Guest Alias

Guest Alias

Posted
Posted

Re: Can Zlob be removed by using a restore point?

 

David H. Lipman wrote:

> From: "Alias" <iamalias@REMOVEgmail.com>

>

> | If it gets to that point, I stop chasing ghosts and reinstall XP.

>

> | Alias

>

> Well there is always the Cost-Benefit Analysis (CBA).

>

> However, the point is...

> Dumping the System restore cache should be the last item on the list, not the first.

>

 

Right. That way the blue meanies can keep raising their ugly heads out

of SR even though you've nuked them in Normal, Safe Mode or a boot scan.

 

Alias

Guest Alias

Guest Alias

Posted
Posted

Re: Can Zlob be removed by using a restore point?

 

DrTeeth wrote:

> On Sat, 20 Sep 2008 15:07:56 +0200, just as I was about to take a

> herb,Alias <iamalias@REMOVEgmail.com> disturbed my reverie and wrote:

>

>> Yeah, sure, keep telling yourself that.

>

> Instead of being sarcastic and infantile, why not post a like so that

> I can be proven wrong and actually learn something?

 

How does one post "a like"?

 

You can take my word for it or not. I am not going to do your research

for you and I don't really care if you believe me or not.

 

Alias

Guest Onsokumaru

Guest Onsokumaru

Posted
Posted

Re: Can Zlob be removed by using a restore point?

 

 

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message

news:uGibxSyGJHA.456@TK2MSFTNGP06.phx.gbl...

> From: "Alias" <iamalias@REMOVEgmail.com>

>

> | If it gets to that point, I stop chasing ghosts and reinstall XP.

>

> | Alias

>

> Well there is always the Cost-Benefit Analysis (CBA).

>

>

 

And that would be to restore from the last known good backup that would take

maybe an hour, (depending on machine specs of course).

Guest David H. Lipman

Guest David H. Lipman

Posted
Posted

Re: Can Zlob be removed by using a restore point?

 

From: "Alias" <iamalias@REMOVEgmail.com>

 

| David H. Lipman wrote:

>> From: "Alias" <iamalias@REMOVEgmail.com>

>> | If it gets to that point, I stop chasing ghosts and reinstall XP.

>> | Alias

>> Well there is always the Cost-Benefit Analysis (CBA).

>> However, the point is...

>> Dumping the System restore cache should be the last item on the list, not the first.

 

 

| Right. That way the blue meanies can keep raising their ugly heads out

| of SR even though you've nuked them in Normal, Safe Mode or a boot scan.

 

| Alias

 

Nope, not true. The System Restore cache is akin to a quarantine.

 

Please provide any facts (i.e., URLs) to any malware that actually runs from the System

Restore cache.

 

--

Dave

http://www.claymania.com/removal-trojan-adware.html

Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

Guest David H. Lipman

Guest David H. Lipman

Posted
Posted

Re: Can Zlob be removed by using a restore point?

 

From: "Onsokumaru" <onsok-sama@ninja.village.jp>

 

 

| "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message

| news:uGibxSyGJHA.456@TK2MSFTNGP06.phx.gbl...

>> From: "Alias" <iamalias@REMOVEgmail.com>

>> | If it gets to that point, I stop chasing ghosts and reinstall XP.

>> | Alias

>> Well there is always the Cost-Benefit Analysis (CBA).

 

 

 

| And that would be to restore from the last known good backup that would take

| maybe an hour, (depending on machine specs of course).

 

 

 

No, the last know good backup is only for system related boot files and that doesn't keep

a cronological history and it too can be loaded infected.

 

--

Dave

http://www.claymania.com/removal-trojan-adware.html

Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

Guest Frank-FL

Guest Frank-FL

Posted
Posted

Re: Can Zlob be removed by using a restore point?

 

 

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message news:OsZBsFyGJHA.3640@TK2MSFTNGP04.phx.gbl...

> From: "Alias" <iamalias@REMOVEgmail.com>

>

>

> | First thing I do when cleaning an XP box is to disable system restore to

> | flush out anything that might be lurking there.

>

> | Alias

>

> I used to recommend that approach.

>

> However, through communication with peers and experience, I no longer suggest this as a

> first approach.

>

> The reason is the System Restore is a valuable fall-back position.

>

> If you remove malware and the OS becomes unstable or somehow corrupted, you can restore

> the PC to its previous (albeit infected) condition and then change the motive operandi in

> cleaning the system. After thorough examination and cleansing of the PC and you are

> greatly assured the system is clean and operating in a stable manner, then dump the System

> Restore cache. Reboot re-enable and then create a clean new restore point.

 

I don't really see windows system restore as an asset to use at any time. I use ESATA

drives for complete system backups. I just happen to us acronis. I boot into linux

using the acronis back up and restore CD. This will delete the infected partition, reformat

and install the clean backup. No Rube Goldberg procedures.

Guest rod

Guest rod

Posted
Posted

Re: Can Zlob be removed by using a restore point?

 

Interesting,

So how long would a typical acronis backup like this take?

 

 

"Frank-FL" <bbunny@bqik.net>

I don't really see windows system restore as an asset to use at any time. I

use ESATA

drives for complete system backups. I just happen to us acronis. I boot

into linux

using the acronis back up and restore CD. This will delete the infected

partition, reformat

and install the clean backup. No Rube Goldberg procedures.

Guest DrTeeth

Guest DrTeeth

Posted
Posted

Re: Can Zlob be removed by using a restore point?

 

On Sat, 20 Sep 2008 15:29:38 -0400, just as I was about to take a

herb,"David H. Lipman" <DLipman~nospam~@Verizon.Net> disturbed my

reverie and wrote:

>Nope, not true. The System Restore cache is akin to a quarantine.

 

I've already asked him to do that but the schmuck refused...quel

surprise!

 

He's kerplunked anyway.

--

 

Cheers,

 

DrT

 

** Stress - the condition brought about by having to

** resist the temptation to beat the living daylights

** out of someone who richly deserves it.

Guest Frank-FL

Guest Frank-FL

Posted
Posted

Re: Can Zlob be removed by using a restore point?

 

Size matters. Twenty to forty minutes on the initial backup.

Ten to twenty minutes on the incremental.

 

"rod" <pookiethai@NOSPAMiprimus.com.au> wrote in message news:ei9KyZ9GJHA.740@TK2MSFTNGP03.phx.gbl...

> Interesting,

> So how long would a typical acronis backup like this take?

>

>

> "Frank-FL" <bbunny@bqik.net>

> I don't really see windows system restore as an asset to use at any time. I

> use ESATA

> drives for complete system backups. I just happen to us acronis. I boot

> into linux

> using the acronis back up and restore CD. This will delete the infected

> partition, reformat

> and install the clean backup. No Rube Goldberg procedures.

Guest rod

Guest rod

Posted
Posted

Re: Can Zlob be removed by using a restore point?

 

 

Thanks,

I have a fairly lean machine,

My big chunk 25Gb image database

I backup seperately.

I went shopping for a "see through" scanner today

and bumped into Acronis in the shop $69

I think I'll go for it.

 

 

"Frank-FL"

Size matters. Twenty to forty minutes on the initial backup.

Ten to twenty minutes on the incremental.

 

"rod" <pookiethai@NOSPAMiprimus.com.au> wrote in message

news:ei9KyZ9GJHA.740@TK2MSFTNGP03.phx.gbl...

> Interesting,

> So how long would a typical acronis backup like this take?

>

>

> "Frank-FL" <bbunny@bqik.net>

> I don't really see windows system restore as an asset to use at any time.

> I

> use ESATA

> drives for complete system backups. I just happen to us acronis. I boot

> into linux

> using the acronis back up and restore CD. This will delete the infected

> partition, reformat

> and install the clean backup. No Rube Goldberg procedures.

 Share
Go to topic listing
×
×
  • Create New...