Jump to content

Cannot restore before August

Guest E. T.

By Guest E. T.
in Windows XP

 Share

Recommended Posts

Guest E. T.

Guest E. T.

Posted
Posted

On June 15th, my ZAP log mentions some:

OSFW,2008/06/15,11:04:32 -7:00 GMT,UNKNOWN(0),Microsoft Windows Malicious

Software Removal

Tool,C:\WINDOWS\system32\MRT.exe,PROCESS,OPENPROCESS,DST,\SystemRoot\System32\smss.exe

I realise it now, looking into my ZAP logs file.

 

Later in the summer this line multiplied dozens of times in the log and I

realize that too now, but before, I started having ZAP alerts, the violet

ones saying

Generic Host Program for win32 services is trying to act as a server

and red alerts saying

LSA Shell Export Version is trying to communicate with

C:\Windows\system32\Zonelabs\UpdClient.exe by opening its process,

application Isass.exe.

among other things.

I always denied them but did not find the time to check this problem.

I have lots of problems in my p/c's function and today I tried to restore

before this date (June 16th) basically in order to avoid those alerts and

eventual trojan provoking them but I cannot restore before August (when I

press the left arrow of restore system calendar being in August it does not

function to lead me to July).

Why is that?

Tks for immediate response.

  • Replies 3
  • Created
  • Last Reply

Popular Days

Popular Days

Guest M.I.5¾

Guest M.I.5¾

Posted
Posted

Re: Cannot restore before August

 

 

"E. T." <ET@discussions.microsoft.com> wrote in message

news:02C675AF-8B33-4B64-B744-D7F40856379B@microsoft.com...

> On June 15th, my ZAP log mentions some:

> OSFW,2008/06/15,11:04:32 -7:00 GMT,UNKNOWN(0),Microsoft Windows Malicious

> Software Removal

> Tool,C:\WINDOWS\system32\MRT.exe,PROCESS,OPENPROCESS,DST,\SystemRoot\System32\smss.exe

> I realise it now, looking into my ZAP logs file.

>

> Later in the summer this line multiplied dozens of times in the log and I

> realize that too now, but before, I started having ZAP alerts, the violet

> ones saying

> Generic Host Program for win32 services is trying to act as a server

> and red alerts saying

> LSA Shell Export Version is trying to communicate with

> C:\Windows\system32\Zonelabs\UpdClient.exe by opening its process,

> application Isass.exe.

> among other things.

> I always denied them but did not find the time to check this problem.

> I have lots of problems in my p/c's function and today I tried to restore

> before this date (June 16th) basically in order to avoid those alerts and

> eventual trojan provoking them but I cannot restore before August (when I

> press the left arrow of restore system calendar being in August it does

> not

> function to lead me to July).

> Why is that?

 

Restore only keeps a limited number of restore points. As new ones are

created the older ones are deleted. The reason you cannot get into July is

that there are no restore points available prior to August. You can

increase the space available for restore points but this won't solve your

current problem

Guest Mick Murphy

Guest Mick Murphy

Posted
Posted

RE: Cannot restore before August

 

Download, install, update and scan your System with Malwarebytes, and Spybot

Search & Destroy.

Do it in Safe mode if necessary, and do it with your Anti-virus as well,

while in Safe Mode..

All info below.

 

http://www.spybot.info/en/index.html

 

Spybot Search & Destroy 1.6 is a very good, FREE Anti-Spyware Program.

Download, install, update, and immunize your System with it.

Then SCAN with it.

Update it, and scan your System once a fortnight.

 

http://www.malwarebytes.org/mbam.php

 

Malwarebytes is as the name says, a Malware Remover!

For the Free version scroll down their page to either download from

Download.com, or Major Geeks.com

 

Download, install, and update.

 

Important re: Safe Mode

If you happen to find a problem that you can’t uninstall / delete, reboot

the computer, and go into Safe Mode.

To get into Safe mode, tap F8 right at Power On / Startup, and use UP arrow

key to get to Safe Mode from list of options, then hit ENTER.

RESCAN your computer with your Anti-Virus, Malwarebytes and Spybot S & D

while in Safe Mode.

 

--

Mad Mike

 

 

"E. T." wrote:

> On June 15th, my ZAP log mentions some:

> OSFW,2008/06/15,11:04:32 -7:00 GMT,UNKNOWN(0),Microsoft Windows Malicious

> Software Removal

> Tool,C:\WINDOWS\system32\MRT.exe,PROCESS,OPENPROCESS,DST,\SystemRoot\System32\smss.exe

> I realise it now, looking into my ZAP logs file.

>

> Later in the summer this line multiplied dozens of times in the log and I

> realize that too now, but before, I started having ZAP alerts, the violet

> ones saying

> Generic Host Program for win32 services is trying to act as a server

> and red alerts saying

> LSA Shell Export Version is trying to communicate with

> C:\Windows\system32\Zonelabs\UpdClient.exe by opening its process,

> application Isass.exe.

> among other things.

> I always denied them but did not find the time to check this problem.

> I have lots of problems in my p/c's function and today I tried to restore

> before this date (June 16th) basically in order to avoid those alerts and

> eventual trojan provoking them but I cannot restore before August (when I

> press the left arrow of restore system calendar being in August it does not

> function to lead me to July).

> Why is that?

> Tks for immediate response.

>

Guest PA Bear [MS MVP]

Guest PA Bear [MS MVP]

Posted
Posted

Re: Cannot restore before August

 

Even if you had an earlier Restore Point available, using it prolly wouldn't

address your problems.

 

Unexplained computer behavior may be caused by deceptive software

http://support.microsoft.com/kb/827315

 

Run a /thorough/ check for hijackware, including posting your hijackthis log

to an appropriate forum.

 

Checking for/Help with Hijackware

http://aumha.org/a/parasite.htm

http://aumha.org/a/quickfix.htm

http://aumha.net/viewtopic.php?t=5878

http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction

http://mvps.org/winhelp2002/unwanted.htm

http://inetexplorer.mvps.org/data/prevention.htm

http://inetexplorer.mvps.org/tshoot.html

http://www.mvps.org/sramesh2k/Malware_Defence.htm

http://defendingyourmachine2.blogspot.com/

http://www.elephantboycomputers.com/page2.html#Removing_Malware

 

When all else fails, HijackThis v2.0.2

(http://aumha.org/downloads/hijackthis.exe) is the preferred tool to use (in

conjunction with some other utilities). HijackThis will NOT fix anything on

its own, but it will help you to both identify and remove any

hijackware/spyware with assistance from an expert. **Post your log to

http://spywarehammer.com/simplemachinesforum/index.php?board=10.0,

http://forums.spybot.info/forumdisplay.php?f=22,

http://aumha.net/viewforum.php?f=30, or another appropriate forum for review

by an expert in such matters, not here.**

 

If the procedures look too complex - and there is no shame in admitting this

isn't your cup of tea - take the machine to a local, reputable and

independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair shop.

--

~Robear Dyer (PA Bear)

MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002

AumHa VSOP & Admin http://aumha.net

DTS-L http://dts-l.net/

 

 

E. T. wrote:

> On June 15th, my ZAP log mentions some:

> OSFW,2008/06/15,11:04:32 -7:00 GMT,UNKNOWN(0),Microsoft Windows Malicious

> Software Removal

> Tool,C:\WINDOWS\system32\MRT.exe,PROCESS,OPENPROCESS,DST,\SystemRoot\System32\smss.exe

> I realise it now, looking into my ZAP logs file.

>

> Later in the summer this line multiplied dozens of times in the log and I

> realize that too now, but before, I started having ZAP alerts, the violet

> ones saying

> Generic Host Program for win32 services is trying to act as a server

> and red alerts saying

> LSA Shell Export Version is trying to communicate with

> C:\Windows\system32\Zonelabs\UpdClient.exe by opening its process,

> application Isass.exe.

> among other things.

> I always denied them but did not find the time to check this problem.

> I have lots of problems in my p/c's function and today I tried to restore

> before this date (June 16th) basically in order to avoid those alerts and

> eventual trojan provoking them but I cannot restore before August (when I

> press the left arrow of restore system calendar being in August it does

> not

> function to lead me to July).

> Why is that?

> Tks for immediate response.

 Share
Go to topic listing
×
×
  • Create New...