-=PCTechTalk=- Re: AVG Virus Vault
- From: "Sandi Beach" <sandib2@xxxxxxxxx>
- To: <pctechtalk@xxxxxxxxxxxxx>
- Date: Sun, 25 Nov 2007 07:17:04 -0600
Thanks, Mike. The definition of the Trojan did mention a backup.
Sandi
----- Original Message -----
From: "Mike the mod" <mikebike@xxxxxxxxx>
To: <pctechtalk@xxxxxxxxxxxxx>
Sent: Saturday, November 24, 2007 8:42 PM
Subject: -=PCTechTalk=- Re: AVG Virus Vault
> Hi Sandi,
> it may have something to do with System Restore.
> I have this file saved:
>
> System Restore and Virus Removal in Windows ME and XP
> Windows ME and XP have a great little utility built into them, called=
> =93system restore=94.
>
> It=92s a cool idea, its designed to create backups of your important
> system=
> files and then restore them if you ever goof up your computer.
>
> There's one time, however when its not so cool to have those files backed=
> up....
>
> ....and that=92s when you=92ve got a virus in one of them.
>
> In this case, you can remove the virus, but then system restore will=
> dutifully put the virus right back where it was, if you should ever=
> restore to that point. Even if you never do, the virus will still be on=
> the hard drive.
>
> Here's how to get around this problem if you ever have a virus, and / or
> if=
> you=92re not sure whether or not it is affecting a system file that is=
> backed up by system restore.
>
> As soon as your virus scanner does its work and removed the virus, do the=
> following.
>
> 1. Click Start.
> 2. Right-click My Computer, and then click Properties.
> 3. Click the System Restore tab.
> 4. Select "Turn off System Restore" or "Turn off System Restore on all=
> drives" check box
> 5. Click Apply. There will be a short warning message, click YES.
> 6. This will delete all restore points. (and any viruses lurking in there)
> 7. Click OK
> 8. When you have removed all viruses, the reverse should be used to=
> re-enable system restore. (after a reboot at least).
>
> You have now ensured that your system will not backup the virus.
>
> From;
> http://www.msdn.microsoft.com/library/default.asp?url=3D/library/en-us/dnwxp=
> /html/windowsxpsystemrestore.asp
>
>
> ___________________________________________
>
> and:
> When a restore point is created while the system
> is infected with a virus, the virus is included along
> with the other files.
> Windows protects those files and will not allow
> anti-virus programs to delete or modify them in any way.
>
> Go to Control Panel and open "System".
> Click the Performance tab, the File System button,
> then the Troubleshooting tab.
> There, choose the option to "Disable System Restore".
> Click "OK" on the way out, close Control Panel and
> restart the computer.
>
> After the computer has restarted, update AVG
> manually by double clicking the AVG icon in the
> System Tray (by the clock).
> In the AVG Control Center click the
> "Update Manager" tab, then the "Update Now"
> button. The latest update is today.
>
> Next, right click the AVG icon in the System Tray
> and select "Run AVG Anti-Virus".
> When AVG opens click the "Run Complete Test"
> button. It will notify you if it finds anything
> during the test and afterwards, show the results
> of the test.
> If the system tests clean, proceed as described below.
>
> Now you need to reverse the procedure described
> above to re-enable System Restore, then restart
> the computer. Disabling System Restore as above
> clears all previous restore points.
> Go to Start Menu / Programs / Accessories /
> System Tools and click System Restore.
> Check to see if Windows created a restore point
> (System Checkpoint) after you enabled it.
> If not, click the "Back" button and create one manually.
>
> IHTH
>
> Mike the mod
---------------------------------------------------------------
Please remember to trim your replies (including this sentence and everything
below it) and adjust the subject line as necessary.
To unsubscribe or change your email settings:
//www.freelists.org/webpage/pctechtalk
To access our Archives:
http://groups.yahoo.com/group/PCTechTalk/messages/
//www.freelists.org/archives/pctechtalk/
To contact only the PCTT Mod Squad, write to:
pctechtalk-moderators@xxxxxxxxxxxxx
---------------------------------------------------------------
Other related posts:
