Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't Do A System Restore


  • Please log in to reply
6 replies to this topic

#1 Oowo

Oowo

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:46 PM

Posted 17 June 2007 - 06:15 AM

For the last two weeks I have been having a lot of trouble with my computer - "Powered by Zedo" pop ups and other wares. My computer has been very very sluggish and slow. Thankfully, I submitted a Hijackthis log here to Bleeping Computer and that got rid of my pop up problem. However, the last two days, my computer has still been very sluggish and I am now receiving all sorts of "Error" messages, my internet connection goes off frequently, programs are slow to load, and this morning, no pictures on IE would load - just red "X"'s where photos should be.

I tried to do several System Restores (including one I created after I was instructed to by someone from here who helped me with my pop up problem.) The problem is, any System Restore I try to make, after rebooting tells me that it can't be done because "No changes have been made since that date". This is incorrect - several Restore points were created from either deleting or adding additional programs.

I checked Start > My Computer > Properties > System Restore tab and the box that says "Turn of System Restore on all Drivers" is unchecked. Disk space usage is also set at maximum for System Restore. So, why isn't it working? I have NO idea what's going on. Help, please!

I am running Windows Xp SP1 Home.

BC AdBot (Login to Remove)

 


#2 zbd

zbd

  • Members
  • 390 posts
  • OFFLINE
  •  
  • Local time:11:46 PM

Posted 17 June 2007 - 10:01 AM

Try making and using system restore from Erunt backups.
You can easily make a restore point any time.

http://www.majorgeeks.com/download1267.html

#3 Papakid

Papakid

    Guru at being a Newbie


  • Malware Response Team
  • 6,616 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:46 PM

Posted 17 June 2007 - 11:42 AM

Most likely you have a corrupted Restore Point. When that happens, the subsequent RP's will be corrupted also and to fix this you have to purge your system of all RP's. Unfortunately, that means you can't use System Restore to go back to an earlier state to fix your problem--you'll have to find some other way for that. But I had the exact same message once and Purging RP's by turning off SR then turning it back on again fixed it--so it should fix your SR problem.

Go ahead and put a check by "Turn off System Restore", OK out and reboot, then go back in and uncheck it again.

erunt is a nice little program, but it is not the same thing as System Restore. In a way it is much better in that it does a complete backup of your registry that SR and other methods don't. But it isn't quite as user friendly in that it doesn't make automatic backups on a schedule by default like SR and SR also backs up some system files--erunt is a registry backup only. Plus if you don't already have an erunt backup made from before your problems, then it's not going to help with them.

I still recommend erunt since you can never have too many backups and it is great for disaster recovery. I would just recommend you read the information on it first by going to their homepage: http://www.larshederer.homepage.t-online.de/erunt/erunt.txt

The thing about people

is they change

when they walk away.--Mipso


#4 Oowo

Oowo
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:46 PM

Posted 17 June 2007 - 06:11 PM

Thanks for the advice. I really appreciate you both taking the time to help me out. I turned off System Restore and rebooted. I suppose I shall see if that works when the time comes to do a System Restore (which I hope is not at all soon). :thumbsup:

I will definitely look into erunt! I am rather paranoid about system crashes and losing everything, so you really can't have enough back up.

Cheers!

#5 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:12:46 AM

Posted 17 June 2007 - 06:28 PM

I'd suggest reading up on disk imaging software (I use Acronis True Image). The concept is that it makes an exact copy of your hard drive (at a certain point in time). Then, if the software crashes, you can be back up and running within 20 minutes by restoring the image. The drawbacks are the size of the image and the fact that you're restoring back to when you made the image (so you'll need to update everything after that).

Because of the size it's not a good idea to use this to backup your data - but for restoring the system after a crash, it's the greatest! I make an image of my hard drive after I install Windows, all the Windows Updates, my "anti" programs and my "gotta have" programs. Then, I point my data stores to a separate hard drive (which I also backup) - then I make the disk image. That way the data pointers point to the data drive - so when I restore the image all my data is still current (this includes all of my email and browser stuff so that I'm ready to work as soon as I get back online).
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#6 Papakid

Papakid

    Guru at being a Newbie


  • Malware Response Team
  • 6,616 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:46 PM

Posted 17 June 2007 - 08:04 PM

Yep, Acronis is great!

I turned off System Restore and rebooted. I suppose I shall see if that works when the time comes to do a System Restore (which I hope is not at all soon). :thumbsup:

Well, you can test it to see if the problem is fixed easy enough. When you turn SR back on a new Restore Point is created (you may have to reboot again--not sure). Then you can run SR to go back to that Restore Point that will be only a few minutes or hours old. If successful Windows will tell you. I would recommend you do this as there may be another problem we can troubleshoot. Even if you've made some changes like installing a program, when the success message comes up you have an option to undo the restore.

However, the last two days, my computer has still been very sluggish and I am now receiving all sorts of "Error" messages, my internet connection goes off frequently, programs are slow to load, and this morning, no pictures on IE would load - just red "X"'s where photos should be.

The red X's in place of pictures sounds like a problem with Java. I looked over your log and see you don't quite have the latest version of Sun's Java installed. For some reason Sun will also leave older versions of Java behind, which is a security risk, because they are unpatched and still can be called on to run. Try this:

Updating Java:
-Go to Start > Control Panel double-click on the Software icon > add/remove programs.
-Search in the list for ALL installed versions of Java. (J2SE Runtime Environment.... )
It should have this icon next to it: Posted Image
Select each and click Remove.

You mentioned having run CCleaner--if still installed, run it to clear out your Java cache and other junk files--I don't trust the issues function, so suggest you uncheck it for now.

-Then Download and install the newest version from here: http://www.java.com/en/download/manual.jsp

Once done see if that helps with image rendering and let us know.

For the slowness, I was going to suggest a defrag and disk check. You should do that anyway, but re-reading your post, if you noticed a significant slowdown that just started a couple of days ago, you may have gotten re-infected. Could also be a hardware or unrelated software issue, and we could explore your errors thru event viewer, but you had a polymorphic malware and some elements of those are well hidden and easy to miss. So the probabilities are higher that some malware has come back on you.

Another contributing factor to slowness could be SpySweeper. It's top of the line but I hear it is heavy on resources and the latest version includes an Anti-virus, which could clash with AVG7.

What i suggest is that you post a new log and let me have a look. But instead of just HJT, use DSS that gives more information and a better overview of what is going on on your system. Instructions below, either start a new topic in the logs forum and then come back here and link me to it, or post it as a reply to this thread and I'll split it into it's own topic.

Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.
  • Close all applications and windows.
  • Double-click on dss.exe to run it, and follow the prompts.
  • When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
  • Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt and the extra.txt in your next reply. If you have any problems with the logs, both can be found in C:\Deckard\System Scanner.

The thing about people

is they change

when they walk away.--Mipso


#7 Papakid

Papakid

    Guru at being a Newbie


  • Malware Response Team
  • 6,616 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:46 PM

Posted 19 June 2007 - 12:14 AM

OK, I split your last reply with the DSS log off into it's own topic in the logs forum that can be found here: http://www.bleepingcomputer.com/forums/ind...mp;#entry548290

I suggest you subscribe to that thread so that you get email notifications when you get answers. Or you can also visit your My Topics link toward the top of most forum pages when you visit the forum to check on it.

I'm going to repost your comments here for those who are keeping up with this thread--not sure at this point if the connection is malware related or not and others may have some better ideas than I can give for you later:

Papakid,

Thanks so much for all of your help and advice. I followed all of your instructions. So far (today) my only problems have been (still) the frequent loss of connectivity to the internet and the fluctuating Wireless Network speeds running quickly from "Low" to "Very Good" to "Good" constantly.

I upgraded my Java, ran CCleaner, deleted AVG7.5 (as you said it may conflict with SpySweeper), did a disk defrag and downloaded and ran Deckard's System Scanner - however, I was unable to find the extra.txt file. I looked in the folder C:\Deckard\System Scanner and throughout the Deckard file and could not find it anywhere. The only file I could find was the main.txt file.


The thing about people

is they change

when they walk away.--Mipso





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users