System Restore

Post by **Paul** » June 22, 2007, 12:03 am

I was bombarded from adware this evening from a website called Thailand Chat which caused me no end of headaches and pop up messages galore.
amongst other things I used to combat this attack was the 'system restore' facility - where I restored to yesterday and with the other methods I used, seem to have abolished all the crap.
Is there anything else I need to do now I have gone back in time 24 hours (so to speak) or will the restore facility just continue and 'catch up again ' to the current date in readiness for the next time I (might) need to use it ?

Post by **izzix** » June 22, 2007, 2:19 am

strange dont you have zonealarm running ? or firefox with all the necessary addons to stop that crap ? i abolished all this stuff years ago from my PC.

Post by **BangkokButcher** » June 22, 2007, 3:31 am

Yep, Paul sounds like you definitely need a firewall.

Zonealarm and comodo are both free so go grab a copy and get it installed.

Post by **UdonExpat** » June 22, 2007, 7:23 am

System restore will not "catch up". Basically, it restored your computer to a state that existed at the time and date you used, although it did not alter some files created since that time. For example any documents you created, or backup files you did after that time.

Since you have system restore turned on it will regularly create restore points. Some programs will also create a restore point when you run them, such as the Registry Mechanic I use to clean up the registry.

I've used system restore many times on several computers and it has always performed well and corrected the problem I was trying to fix, usually something that came from the internet and made it through my firewall, virus program, pop up blocker, and ad blocker. I'd hate to think of how often I'd have to use it if I didn't have those safeguards.

Post by **Paul** » June 22, 2007, 8:06 am

so having used system restore and restored to the previous day then do I need to do anything else - like telling it to come forward one more day now back to the present time or will it go on thinking we are now one day behind.
I know I am not explaining it very well but I know what I mean LOL
Basically - do I need to adjust anything now or just leave it alone?

On the advice here too, I will pop down the complex for a copy of Zone alarm (pro)

Thanks

Post by **Doc** » June 22, 2007, 8:19 am

There is an inherent problem with using system restore and that is the infected files will remain on the computer, but remain in the restore files. It is a good idea to remove those files with a good virus detection program.

Having created a successful system restore, the next step should be to create a new restore point. You can do this on the same panel that you did the system restore initially. Tick the box that says "create system restore point."

Post by **PopsIcafe** » June 22, 2007, 8:34 am

Paul, go to this website and have them do a scan online, www.fileresearchcenter.com . It helped me out after I ran my anti-virus, anti-spy/adware and ccleaner. It located the spyware my files and located the clsid in the registry. It also gave the MD5 checksum/fingerprint.

Pop's

Post by **Doc** » June 22, 2007, 9:37 am

As an after thought - the infected files in your system restore can also be gotten rid of by simply deleting all of the previous system restore points.

Post by **Paul** » June 24, 2007, 6:14 pm

I got hold of a disc in the complex called Anti-Virus 2007.
This disc has dozens of programmes to both protect and remove just about anything that is thrown at it. Zone alarm pro seems a particularly good all round programme and AVG anti-spyware plus seems to be doing a good job too.

I am running now in the (maybe misguided) knowledge that nothing short of a nuclear bomb is going to get past my defences now.

I know it was a case of too little too late - but hopefully my future surfings will be problem free.

Pops: I don't understand most of your jargon in that post - however on your recomendation I will give the programme a try in the next day or two and let you know the result.

What has suprised me is that not all programmes find all the adware/spyware and it has taken 2 or 3 different programmes to find everything. A minus is that AVG lite (anti virus) did not stop the viruses in the first place.
NOD32 is working brilliantly as is zone alarm and avg anti-spyware.
I have also used other removal tools including one called trojan remover which seems pretty useful but not quite sure if its relaible as it says.

Still I am back online and hopefully safe again.
Thanks for all the advice/replies

Post by **arjay** » June 24, 2007, 8:03 pm

I think a lot of these anti spyware, anti adware type programmes tend to find things just to justify their existence. For example, AdAware always seems to find a few "negligible risk" entries, (in fact it's just found 7 such entries). I don't believe that many of these are particularly dangerous.

I also wonder at times if some of these programmes erroneously identify things as threats (trojans, adware, Spware etc) when they aren't. I had that with my AV software recently. It told me something was a "trojan" and was a high risk threat and should be removed at once. Then when I allowed it to do so, up popped windows telling me that some file essential to the running of windows was missing. I had to get the AV programme to put it back. Then I emailed the AV company and to their credit they replied saying that it was a mistake and that a patch had been issued to correct the situation.

Post by **Paul** » June 24, 2007, 10:06 pm

Well what caught me out the other day was I had a very official looking message pop up which looked like a windows message telling me I had been infected and that I should 'click here' to solve the problem - which I did, resulting in quite a few programmes being loaded onto my pc as well as tons of adware and spyware. i now know that the initial warning was a spoof and on any other day I might not have been caught out - however having just reformatted 3 days earlier I was a little on edge and when I saw the words 'virus' (again) I panicked and followed the 'suggested' advice - resulting in 4 days trying to get rid of all the spyware and adware. What it also did was changed my background to a bright red screen wth a picture of the devil on it and words to the effect of "Warning Infection Detected - Click here to remove"

Like I said though - I think its all gone now (I hope) and its all back to normal

Post by **Pakawala** » June 24, 2007, 10:07 pm

I was just wondering if Dakota or some of the other Macintosh users (like myself) are reading this. I'm not laughing at you folks, just wondering if you will ever understand why we Mac users are such addicts to our system.

Post by **izzix** » June 24, 2007, 10:19 pm

the problem is the registry ,makes sure you get it all out of there as these things can just keep replicating themselves.

this is usefull too
https://addons.mozilla.org/en-US/firefox/addon/1865

Post by **farang** » June 25, 2007, 12:08 am

Paul wrote:Well what caught me out the other day was I had a very official looking message pop up which looked like a windows message telling me I had been infected and that I should 'click here' to solve the problem - l

when i get pop ups like that i never click on them .
i just,, ctrl,alt,delete
click`end task`... and its gone...
and start again with the search i was doing at the time.

Post by **Paul** » June 25, 2007, 2:23 am

Pakawala wrote:I was just wondering if Dakota or some of the other Macintosh users (like myself) are reading this. I'm not laughing at you folks, just wondering if you will ever understand why we Mac users are such addicts to our system.

Thats really useful - thanks for your input and hope you have a huge laugh. I have spent hours and hours and hours trying to clean my system
I hope that you never have to go through what I have just been through.
Mac or no Mac !

Post by **Paul** » June 25, 2007, 2:26 am

farang wrote:when i get pop ups like that i never click on them .
i just,, ctrl,alt,delete
click`end task`... and its gone...
and start again with the search i was doing at the time.

I didnt realise at the time it was a pop up. It was very official looking and I really believed it was from windows - it was only afterwards when I saw all the crap that was getting downloaded onto my pc that I began to get suspicious

Post by **Doc** » June 25, 2007, 2:30 am

Give it all time - eventually the hackers will find a way to mess with Mac - and they y'all wil be crying in your beer... Or - since you are Mac users - your milk....

Post by **Pakawala** » June 25, 2007, 7:14 am

Paul, what part of "I'm not laughing at you folks", don't you understand? Like many of you, I spend 2-3 hrs. a day at my computer and would be devastated if it were to get a virus. This is precisely why I use a Mac. As a retired IT professional, I knew when I came to LOS for retirement that I would be using my computer as my primary means of communications and a secondary means of entertainment and I wanted the safest and most secure system I could get my hands on. After all, what else does a retiree have to look forward to?

Again I'm sorry for your troubles... but there is another solution.

Post by **fremmel** » June 25, 2007, 7:56 am

Since Macs have such a small share of the market (deservedly so, I might add

) they don't get as much attention from the bad guys but that doesn't mean they don't get any. Mac users should check out products like McAfee VirusScan for Mac, Norton AntiVirus for Macintosh, Sophos Endpoint Security and Control, BrickHouse for Mac OS X firewall, etc. Don't let the Mac ads lull you into believing you don't need anything. Pakawala, you've been in the game for a while so you probably already have something in place but for recent Mac converts, keep in mind that it's a hostile world out there for everyone.

Post by **uncle tom** » June 25, 2007, 9:00 am

DOC wrote

Give it all time - eventually the hackers will find a way to mess with Mac - and they y'all wil be crying in your beer... Or - since you are Mac users - your milk...

.

Thats what I believe too. However in the 6 years since I've had my eMac I've had no viruses and don't believe I'll have any in the near future - that's why I am so happy with my old machine. Maybe I'll buy an anti virus program some day. Don't need it now.

Last week I was crying in my Pepsi for a few hours. Accumulated corrupted files were causing havoc with my hard drive. I did reformat and was lucky enough to have good back up files. Even though, I became aware of another problem that can happen to both PC and Mac users. I didn't have the serial numbers handy for all the applications . I've learned my lesson and now have them recorded in a secure location.

I don't laugh at any one with computer problems, I do laugh at people making anti mac comments. They are strange indeed.

Not having viruses is not the only reason for choosing Mac. The computer and hardware is the best quality. I hear that there are people buying Macs to run windows programs. Also, the Mac operating system is second to none its fast user friendly and doesn't crash. Apparently PC owners consider this a minor consideration. Also, Apple programs like Safari run beautifully with no problems.

Lastly, when by ourselves we Mac heads rarely talk about about viruses or other computer problems, there are so many fun things to discuss in the world of computing.

I'm sorry, we Mac owners tend to get obnoxious from time to time, but its hard to be humble when you got the best.