Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

System Restore Points Question?.


  • Please log in to reply
2 replies to this topic

#1 bluesjunior

bluesjunior

  • Members
  • 761 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:25 PM

Posted 12 May 2008 - 02:01 PM

I am not sure if I have some weird type of infection on my PC or not but would like the opinion of you guys here.

My operating system is XP Home edition SP2 and I use Comodo Firewall Pro, BoClean, Avira Antivir and SpywareBlaster as real time protection. I also use AVG 7.5 Antispyware and SuperantiSpyware manually on a weekly rota basis. All these programs are kept up to date.

My query is in regard to System Restore and how often it makes restore points. I clean up my pending files in CFP on a daily basis and in the last couple of weeks I have noticed that I seem to be getting a lot of restore point files in my pending tray in CFP. When I highlight the file it says the following.

Fifoed\System volume info\_restore:A0059955.exe

The number changes for each one but other wise the info is the same for around all 320 files. I had thought previously that I seemed to be getting a lot of restore points but as my security scans are clean apart from 5 or 6 tracking cookies I thought no more about it until doing a scan with AVG Antispyware today. It found the usual tracking cookies which I deleted and then signed out of my PC. When I signed in again this evening I checked the Pending Files in Comodo and found I had 313 files pending, all with the same info as above . I thought that is strange as I had purged a similar amount when I signed in this morning. Suddenly I remembered something I had read here about certain types of malware hiding in the system restore files and as I had just deleted the tracking cookies which the scan had unearthed wondered if it had something to do with this.

A long time ago I found and followed an article here on BC.com about emptying the System Restore files and starting again with a new restore point but can't remember how to do it. Can anyone help with this or offer advise?. Thank you.
Motherboard: Gigabyte GA-MA770T-UD3, CPU: AMD Athlon II X3 450 Processor, Memory: OCZ 4GB (2x2GB) DDR3 1333MHz,Graphics: PowerColor HD 5750 1GB GDDR5,
PSU: Corsair 430W CX PSU 4x SATA 1x PCI-E, Hard Drive:Samsung SpinPoint F3 500GB Hard Drive SATAII 7200rpm 16MB Cache.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,566 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:25 AM

Posted 15 May 2008 - 01:26 PM

Hello. It occurs at varying intervals dependant on certain occurances.
You can find that Information here in the BC Tutorial, Windows XP System Restore Guide

Purging System Restore Points
This is our basic proceedure for this after malware removal...
Now you should Set a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since System Restore is a protected directory, your tools can not access it to delete these bad files which sometimes can reinfect your system. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then go to Start > Run and type: Cleanmgr
  • Click "OK".
  • Click the "More Options" Tab.
  • Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:10:25 AM

Posted 15 May 2008 - 03:17 PM

Try to integrate flushing old restore points with running disk clean up and defrag.

Take out the trash, defrag and then test that everything works fine, after a while flush the old restore points out and then repeat the disk clean up and defrag.
Chewy

No. Try not. Do... or do not. There is no try.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users