"System Restore" not a solution to remove sudden new infection???

G

Guest

At approx. 6:30 pm yesterday, I realized suddenly, my system had become
infected with something ... I now once again keep getting those "Only the
Best" darn things popping up. (I've been through this before a year ago ...
it was much worse then ... had to completely overhaul the entire hard drive)

Well, anyhow, what I tried to do this time is simply creat a restore point
and revert back to that. Surprisingly, that did not eradicate the presence of
this pop-up thing; I'm sure the restore point predates the pop-up
reappearance.

Wow, what's up with that?

Anyhow, am still trying my Spybot, Ad-Aware, and my up-to-date Norton ...

I would greatly appreciate any suggestions on the System Restore process,
since strangely, that did not preserve my set-up (apparently?) to what I had
before.

Thanks greatly,

Michael
 
G

GTS

Trojans and viruses often infect the system restore repository (the system
volume information directory tree). Running system restore sometimes make a
parasite problem worse by actually restoring some items you may have
cleaned. In general, it's best to clean the system, test it with a few
reboots (to make sure the cleaning process didn't impact major system files
and cause problems), and then delete all restore points by disabling and
then reeenabling SR.
 
L

Leythos

At approx. 6:30 pm yesterday, I realized suddenly, my system had become
infected with something ... I now once again keep getting those "Only the
Best" darn things popping up. (I've been through this before a year ago ...
it was much worse then ... had to completely overhaul the entire hard drive)

Well, anyhow, what I tried to do this time is simply creat a restore point
and revert back to that. Surprisingly, that did not eradicate the presence of
this pop-up thing; I'm sure the restore point predates the pop-up
reappearance.

Wow, what's up with that?

Anyhow, am still trying my Spybot, Ad-Aware, and my up-to-date Norton ...

I would greatly appreciate any suggestions on the System Restore process,
since strangely, that did not preserve my set-up (apparently?) to what I had
before.
Click to expand...

In general, if you reboot in safe mode, remove the bad RUN / RUN ONCE
entries in the registry and run AV and Ad-Aware Se, then reboot and
you're still compromised, then it's time to do a wipe and fresh/clean
install.

There are many ways to clean a machine without wiping it, but if you've
already got yourself compromised, twice, then you are better off
learning to wipe/reinstall and then to secure your machine before going
on-line again - there are a number of MS articles that explain how to
secure your computer before you go on-line.

If you have DSL or Cable, start by getting a NAT router.
 
G

Guest

Thanks for both replies.

I did a norton full scan last night in Safe mode; rebooted this morning;
problem's still there; then went and did the system restore disable; and then
re-enable.

Hmm, still there.

Is there some specific procedure you can share or direct me to, to get into
whatever files/paths/scripts that I may tinker wth to dissect and remove the
invading virus?

Norton's online info reference library is not specific about this particular
virus ... or at least I have not found it.

Again, the pop-up I am getting is that "Only the Best" ... which is hardly
an apt description of the thing (!)

Thanks much, Michael
 
M

Malke

Michael said:
Thanks for both replies.

I did a norton full scan last night in Safe mode; rebooted this
morning; problem's still there; then went and did the system restore
disable; and then re-enable.

Hmm, still there.

Is there some specific procedure you can share or direct me to, to get
into whatever files/paths/scripts that I may tinker wth to dissect and
remove the invading virus?

Norton's online info reference library is not specific about this
particular virus ... or at least I have not found it.

Again, the pop-up I am getting is that "Only the Best" ... which is
hardly an apt description of the thing (!)

Thanks much, Michael
Click to expand...
Michael, you'll need to go through these malware removal steps
systematically. It is crucial to do everything with updated tools in
Safe Mode. You may need to go as far as to run HijackThis and there are
instructions and links to forums where you can post those logs (not
here, please).

http://www.elephantboycomputers.com/page2.html#Removing_Malware

Malke
 
G

Guest

many thanks for directing me everyone ... ....sigh .... I got a feeling
strong coffee better start brewing ... though presently after a few more
reboots, I am no longer seeing the beast .. but I'm scarcly ready to wave the
checkered flag ....

,,, thanks everyone .... (Who's behind this "Only the Best" thing
anyhow????? geez, ought to run 'em outta town!)
 
G

GTS

You seem to have misunderstood my post. I was answering your specific
question about System restore and my advice was to clear it AFTER removal of
parasites and testing. Emptying SR in itself will not clean your system.
Spyware has gotten increasingly sophisticated and Spybot and Ad-aware,
though excellent, are often not sufficient to remove it. See
http://www.pchell.com/support/onlythebest.shtml for some specific info. re.
the 'only the best' pop up. Also, see the links Malke and others provided.
--
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

System Restore - How to save a restore point for a long time (XP H 1
Virus is System Restore 2
System Restore.... Restore Points 5
system restore 2
System Restore on WinXP is erratic 3
System Restore behaviour 1
System Restore Will Not Restore!!!???... 1
System Restore/Recovery not working 2

Top