Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

System Restore Keeps Turning Off


  • Please log in to reply
15 replies to this topic

#1 nine inch nails

nine inch nails

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:28 PM

Posted 27 May 2006 - 01:43 PM

I love to do system restoring because I'm always downloading something. If something goes wrong, I do the system restore method. Right now, I'm issuing a problem. I went to restore system but a window appeared, saying that it has been turned off. So I turned it on. Turned out that there were no other checkpoints available for me.

When I turned the computer off and back on, it was still off. Even 20-40 minutes later, it turned off by itself.

This problem started since MSN spammed "is this you? imfriendIM=?[email address of a person receiving the message]" Everyone IMed me saying yes and I was puzzled by it? I didn't send anything. Strange things happened ever since- Occasionally, the internet browser changes its homepage to "Messenger Site." I ran the Norton Virus Scan and found none.

I just really want my system restore to be on. GRRRR.
Posted Image

BC AdBot (Login to Remove)

 


#2 Albert Frankenstein

Albert Frankenstein

  • Members
  • 2,707 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Michigan, USA
  • Local time:01:28 PM

Posted 27 May 2006 - 03:53 PM

Welcome to BC! :thumbsup:

I love to do system restoring because I'm always downloading something. If something goes wrong, I do the system restore method

Doing a system restore will restore your computer to like it was at an earlier time, warts and all. If your computer had problems at the time that the restore point was created, your computer will have the same issues after restoring.

So I turned it on. Turned out that there were no other checkpoints available for me.

When system restore is turned off all restore points are deleted. So what you saw is normal, in that when you turned system restore back on there were no restore points.

Now your computer is showing signs of being infected. And if I had to guess based on the small amount of information I have so far I would say it is because of this:

I'm always downloading something


I think it would be wise to get your system looked at by an expert in the HiJackThis (HJT) forum here at BleepingComputer.com:

First: Read the Preparation Guide found HERE. It is very important that you follow ALL of the instructions found within. (There are many important steps in this guide that may clean your computer.)

Second: Post your system information along with a brief description of the problems you are having, and your HJT log in the HJT forum found HERE.

NOTE: Please, after you post your HJT log DO NOT make another post in the HJT forum until it has been responded to by a member of the HJT Team. The first thing they look for, when looking for logs to reply to, is 0 replies. If you make another post there will be 1 reply. The team member glancing over the replies might think someone is already helping you out and will not respond. So, just make your post and let it sit there until a team member responds. The volunteers who work that forum are very busy, so please be patient and wait. It can sometimes take a few days for a response. If after 5 days you still have gotten no response, then post a link to your HJT log HERE.

Third: If, after finishing your work with the folks at the HJT forum you have issues with Windows related to the removal of the infection, then come to the other forums and let us help you get your computer back to normal.

You are in good hands! Good luck!

Edited by Albert Frankenstein, 27 May 2006 - 03:53 PM.

ALBERT FRANKENSTEIN
I'M SO SMART IT'S SCARY!


Currently home chillin' with the fam and my two dogs!


#3 nine inch nails

nine inch nails
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:28 PM

Posted 27 May 2006 - 07:27 PM

lol. what a full of useless bleep. it's not THAT bad. lol, you're one funny einstein. well.. never mind.
Posted Image

#4 Enthusiast

Enthusiast

  • Members
  • 5,898 posts
  • OFFLINE
  •  
  • Location:Florida, USA
  • Local time:12:28 PM

Posted 27 May 2006 - 09:03 PM

If you think Albert's suggestion is not useful or appropriate, maybe you can disinfect your infected computer by some other method, but I agree that the methodology that he suggested has the best chance of being efficacious.

#5 Albert Frankenstein

Albert Frankenstein

  • Members
  • 2,707 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Michigan, USA
  • Local time:01:28 PM

Posted 27 May 2006 - 09:11 PM

That doesn't seem like a nice thing to say to someone who is trying to help you, for free I might add.

Perhaps if I expand on my earlier comments we can make some sense of this.
  • Even 20-40 minutes later, it turned off by itself.
  • This problem started since MSN spammed "is this you? imfriendIM=?[email address of a person receiving the message]"
  • Occasionally, the internet browser changes its homepage to "Messenger Site"
Those are all signs of malware installed on your computer.

I ran the Norton Virus Scan and found none.

Once malware is installed sometimes the Antivirus program is disabled, or not able to update, so will not work properly. Also, no one program can find or see everything, so even if Norton is working perfectly it may not neccessarily see everything that is going on in your computer.

Another clue that you may have malware is this statement:

I'm always downloading something

Now granted, I don't know exactly what that means, but I can tell you that malware is often bundled with downloads, especially from Peer to Peer (P2P) sites. So if you are downloading anything free, such as music, movies, porn, software, screen savers, etc, chances are pretty high that somewhere along the way you picked up malware.

But I am not going to argue with you about it. Clearly it is your computer and you can do what you want. But it does make me wonder why you asked for advice if you weren't willing to take it.

Wishing you all the best...

Edited by Albert Frankenstein, 27 May 2006 - 09:14 PM.

ALBERT FRANKENSTEIN
I'M SO SMART IT'S SCARY!


Currently home chillin' with the fam and my two dogs!


#6 Enthusiast

Enthusiast

  • Members
  • 5,898 posts
  • OFFLINE
  •  
  • Location:Florida, USA
  • Local time:12:28 PM

Posted 27 May 2006 - 09:17 PM

Symantec, in fact, may be the cause of his problems:

Symantec vulnerability 5 06
The company that released a temporary workaround
for a critical Internet Explorer bug has some pretty bad news for Symantec, one of the largest producers of security solutions.

eEye Digital Security has posted a security advisory on its site about a serious bug in the Symantec Antivirus application which doesn’t require any end user interaction for exploitation and can compromise affected systems, allowing for the execution of malicious code with SYSTEM level access.

The security company said that from the initial research, the bug has been found in Symantec Antivirus 10.x and Symantec Client Security 3.x, but that other products of the Cupertino-based company might be affected as well.

Marc Maiffret, chief hacking officer at eEye Digital Security, demonstrated an attack based on the vulnerability for The Associated Press and said that the Aliso Viejo, California-based company already has a product which protects vulnerable systems and operates alongside Symantec's anti-virus products.

At the end of last week, Symantec sued Microsoft for misappropriating its intellectual property and for breaching the contract. The lawsuit filed by the Cupertino-based security company seeks an injunction to stop Microsoft from selling Vista.
http://news.softpedia.com/news/Symantec-03...ity-24819.shtml


"Symantec Products Vulnerable to Exploits
According to warnings issued by the Secunia security company, Symantec's line of anti-virus software is vulnerable to attack and still there is no patch available for this flaw. All Symantec did was to release an advisory in which it described what was to be done in order to avoid being hacked.

Secunia labeled the vulnerability as "highly critical", while Symantec admitted the risk users are exposed to is "high". The problem is a bug in a shared library which can cause a heap overflow, that may afterwards
allow an attacker execute additional code. What that means is that a vulnerable computer that is stricken by the bug could be completely compromised.

All editions of Symantec's Norton Internet Security and Norton AntiVirus, including AntiVirus for the Macintosh, are at risk, as are other products which include the affected library. Those include enterprise-specific lines such as AntiVirus Corporate Edition, Brightmail Anti-Spam, Client Security, and Gateway Security.

Symantec has not issued a patch for the vulnerability, but the DeepSight alert recommended that users disable scanning of RAR archive files."
http://news.softpedia.com/news....6.shtml

#7 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,714 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:12:28 PM

Posted 27 May 2006 - 09:38 PM

NIN,

Do not attempt to bypass the curse filters again like you did previously. That previous post has now been removed. If you do not like the advice being given then do not ask for help here at BC, or respond in a more mature manner.

#8 nine inch nails

nine inch nails
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:28 PM

Posted 28 May 2006 - 09:18 PM

I'm sorry that I laughed at the fact that you waste time posting all these information when I know there's a simple answer to this issue. The MSN was just a background. I know my computer is not infested.
Windows Help and Support Center says:

-To resume System Restore monitoring
Open System Properties.
-Ensure that the Turn off System Restore check box is cleared.
-Under Drive settings, select the drive or partition by clicking it, and then click Settings.
-Ensure that the Turn off System Restore on this drive check box is cleared.

I don't see "Drive Settings" anywhere in this system property window. Where is it?
Posted Image

#9 Enthusiast

Enthusiast

  • Members
  • 5,898 posts
  • OFFLINE
  •  
  • Location:Florida, USA
  • Local time:12:28 PM

Posted 28 May 2006 - 09:42 PM

I don't know where it is in yours, but I see it in mine.

#10 nine inch nails

nine inch nails
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:28 PM

Posted 28 May 2006 - 11:10 PM

this is what appeared.

Posted Image
Posted Image

#11 Herk

Herk

  • Members
  • 1,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:S.E. Idaho, USA
  • Local time:01:28 PM

Posted 28 May 2006 - 11:27 PM

By "Drive Settings" they mean the part where it says, "C: monitoring." On some computers, there is more than one drive. In order to change the settings for each drive, you would click on the drive in question, such as C: or D:, then change the settings for that drive. In your case, the setting is maxed out. You really don't need almost nine gigabytes of space for System Restore. I usually set it at around 1 to 1.5 gigs. It was originally designed when drives were a bit smaller on average, and the default setting of 10% is too much for a large drive. If you have to go back that far in restore points, you're already in trouble.

#12 nine inch nails

nine inch nails
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:28 PM

Posted 29 May 2006 - 11:05 AM

maybe i accidently set the arrow on the way right. what % should i place it.
Posted Image

#13 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,714 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:12:28 PM

Posted 29 May 2006 - 11:06 AM

Not sure what your problem is...the image shows that system restore is monitoring the C: partition. Do you have other partitions?

1gb should be more than enough.

#14 Elendil

Elendil

  • Members
  • 660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The US
  • Local time:01:28 PM

Posted 29 May 2006 - 01:39 PM

From the screenshot, it looks as though System Restore is running normally. Perhaps you are actually infected like several EXTREMELY experienced computer experts have said. Albert Frank. is incredibly knowledgeable and his advice isn't to be taken as a joke.
Stanford '14
B.S. Candidate | Computer Science

#15 Harry83

Harry83

  • Members
  • 257 posts
  • OFFLINE
  •  
  • Location:State College PA
  • Local time:01:28 PM

Posted 29 May 2006 - 08:05 PM

A knowledgable HJT helper will be able to determine very quickly if there is an infection interfering with your System Restore. It is quite possible that this could be the case, since no one seems to know what is causing your problems. Why not post a log in that forum, based upon Albert Frankenstein's advice? It won't take very long. That way, while we are trying to determine what is wrong with your computer here, you can simultaneously make sure that the problem isn't caused by malware, as you have stated. Providing a HJT log also gives us a more in depth look at the nuances of your system, which could further help us figure out what is causing you problems.
--
Harry83
Posted Image
Liberating America From Spyware - 1 Computer at a time...




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users