Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

System Restore Problems


  • Please log in to reply
21 replies to this topic

#1 Joscar

Joscar

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:29 AM

Posted 08 September 2009 - 06:44 AM

Well, first of all nice meeting you all...

I' ve big serious problem going on, but fortunately i've got my laptop to provide help from you guys, I need some serious urgent help to say it in other words!

Last weekend I was on my computer and Security centre (An antivirus) was scanning the computer and suddenly found three viruses and i'm sure that i'm infected. NOD 32 is outdated and do not know what to do...Now the problem is that I tried resotring the system, but I cannot for some sort of reason...There no restoring points to choose. The computer stays on for some time, but after a few minutes the computer freezes and I have to restart it. When I go to make a new system restore point it always says that we need to restart the computer maybe it comes after that.

PS : I am visiting from my laptop...

Urgent help guys ASAP.

THANKS :thumbsup:

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,469 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:29 PM

Posted 08 September 2009 - 07:09 AM

NOD 32 is outdated and do not know what to do

Start by updating NOD32 or remove it and replace with another anti-virus. If cost is a factor then use a free alternative. (choose and install only one)
avast! 4 Home Edition (comes with built-in anti-rootkit and anti-spyware protection)
Avira AntiVir Personal - Free Antivirus (provides some rootkit detection and removal))
AVG Anti-Virus Free Edition 8.5

I tried resotring the system, but I cannot for some sort of reason...There no restoring points to choose

Some types of malware infection will disable SR.

After installing a new anti-virus or updatin NOD32, do this:

Please download Malwarebytes Anti-Malware (v1.40) and save it to your desktop.
alternate download link 1
alternate download link 2

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

-- If Malwarebytes Anti-Malware results in any error messages, please refer to Fixes for common problems and Error Codes. Some issues with errors can be related to malware infection but others are not.

-- Some types of malware will disable Malwarebytes Anti-Malware and other security tools. If MBAM will not install, try renaming it first.
  • Right-click on the mbam-setup.exe file file and rename it to mysetup.exe.
  • Double-click on mysetup.exe to start the installation.
  • If that did not work, then try renaming and changing the file extension. <- click this link if you do not see the file extension
  • Right-click on the mbam-setup.exe file, rename it to mysetup and change the .exe extension to .scr, .com, .pif, or .bat.
  • Then double-click on mysetup.scr (or whatever extension you renamed it) to begin installation.
If after installation, MBAM will not run, open the Malwarebytes' Anti-Malware folder in Program Files.
  • Right-click on mbam.exe, rename it to myscan.exe.
  • Double-click on myscan.exe to launch the program.
  • If that did not work, then right-click on the file and rename it to winlogon.exe.
  • If that still did not work, then try renaming and change the .exe extension in the same way as noted above.
  • Double-click on myscan.scr (or whatever extension you renamed it) to launch the program.
If using Windows Vista, refer to How to Change a File Extension in Windows Vista.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Joscar

Joscar
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:29 AM

Posted 08 September 2009 - 07:19 AM

But how will these be deleted? after i do that will restoring the system be possible?

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,469 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:29 PM

Posted 08 September 2009 - 07:30 AM

If your restore points were removed, they are lost and you cannot get them back. Further, SR will back up the good as well as malicious files, so when malware is present on the system it gets included in restore points as an A00***** file. Using SR with infected files can reinfect your system if it is used so its best to purge them anyway and set a new one after cleaning your system.

If you don't want to try to clean your computer, the other alternative is to reformat your system and perform a clean install of the OS or use the manufacturer's Recovery Disk or Recovery Partition for performing a clean "factory restore".
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 Joscar

Joscar
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:29 AM

Posted 08 September 2009 - 08:20 AM

So if I understood correctly, I need to get Malware Bytes, perform a full scan, and then restore the system?

Does malware bytes remove viruses?

#6 Joscar

Joscar
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:29 AM

Posted 08 September 2009 - 08:25 AM

Norton Security Scan just scanned my computer and found two heuristic viruses...

Threat Name: Packed.Generic.200
Target Type : Infected

Threat Name: Packed.Generic.200
Target Type : Browser Cache

Should I go into the infected file and delete the file? I know exactly where the file is...

Edited by Joscar, 08 September 2009 - 08:28 AM.


#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,469 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:29 PM

Posted 08 September 2009 - 08:55 AM

Malwarebytes Anti-Malware will detect and remove numerous types of malware variants.

When compared to other security tools like Spybot S&D and Ad-Aware, the advantage of MBAM is that it uses a proprietary low level driver similar to some anti-rootkit (ARK) scanners to locate hidden files and special techniques which enable it to detect a wide spectrum of threats including active rootkits. IMO it has proven more effective than many of the stand-alone ARK tools which are available. MBAM does not search for and remove cookies which pose no threat. Scanning is performed quickly while other tools can take hours.

MBAM is designed to remove malware as effectively with a Quick Scan as it will with a Full Scan which takes much longer to complete. Both do full heuristics, memory, load points and multiple other malware checks. The Quick Scan looks at the most prevalent places for active malware so scanning every single file on the drive isn't always necessary. The Full Scan only has the ability to catch more traces in rare circumstances.

So yes, scan with MBAM. You will not being doing a system restore as you already said there are no Restore Points.

If Norton is detecting those items, then let Norton remove them or move to quarantine.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 Joscar

Joscar
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:29 AM

Posted 08 September 2009 - 09:00 AM

If Norton is detecting those items, then let Norton remove them or move to quarantine.


But to remove them or just use the proram I need to buy it...Should I remove the virus by myself? It is in system23....

#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,469 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:29 PM

Posted 08 September 2009 - 09:13 AM

But to remove them or just use the proram I need to buy it

Keeping an anti-virus you cannot use remove malware is pointless and a security risk. Further, did you remove NOD32? Using more than one anti-virus program is not advisable. The primary concern with doing so is due to conflicts that can arise when they are running in real-time mode simultaneously and issues with Windows resource management. Even when one of them is disabled for use as a stand-alone scanner, it can affect the other. Anti-virus software components insert themselves into the operating systems core and using more than one can cause instability, crash your computer, slow performance and waste system resources. When actively running in the background while connected to the Internet, they both may try to update their definition databases at the same time. As the programs compete for resources required to download the necessary files this often can result in sluggish system performance or unresponsive behavior.

Each anti-virus may interpret the activity of the other as malicious behavior and there is a greater chance of them alerting you to a "False Positive". If one finds a virus or a suspicious file and then the other also finds the same, both programs will be competing over exclusive rights on dealing with that virus or suspicious file. Each anti-virus may attempt to remove the offending file and quarantine it at the same time resulting in a resource management issue as to which program gets permission to act first. If one anit-virus finds and quarantines the file before the other one does, then you encounter the problem of both wanting to scan each other's zipped or archived files and each reporting the other's quarantined contents. This can lead to a repetitive cycle of endless alerts that continually warn you that a virus has been found when that is not the case.

Anti-virus scanners use virus definitions to check for malware and these can include a fragment of the virus code which may be recognized by other anti-virus programs as the virus itself. Because of this, most anti-virus programs encrypt their definitions so that they do not trigger a false alarm when scanned by other security programs. Other vendors do not encrypt their definitions and they can trigger false alarms when detected by the resident anti-virus.

All you have provided is a Threat Name: Packed.Generic.200.
Again without knowing the specific file name associated with that threat I don't know what it is or what you are dealing with.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#10 Joscar

Joscar
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:29 AM

Posted 08 September 2009 - 09:29 AM

But it isn't giving me any chance downloading...It freezes

#11 Joscar

Joscar
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:29 AM

Posted 08 September 2009 - 09:35 AM

Managed to download it...now?

#12 Joscar

Joscar
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:29 AM

Posted 08 September 2009 - 09:44 AM

I installed it but it won't open :thumbsup:

#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,469 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:29 PM

Posted 08 September 2009 - 09:50 AM

Which anti-virus did you download and try to install? Did you remove all others prior to attempting to install the new one?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#14 Joscar

Joscar
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:29 AM

Posted 08 September 2009 - 10:01 AM

Accidently forgot Norton...Am going to fix that...

#15 Joscar

Joscar
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:29 AM

Posted 08 September 2009 - 10:47 AM

still it isn't opening :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users