System Restore Corruption!?
Hello all,
I had aquired a nasty virus called virtumonde or something.
I had a bunch of spyware and virus cleaners take care of it and now it is off of my system.
I am now aware that some of my registry files were removed and i think that this virus has corrupted the files of my system restore.
I would like to restore the computer to an earlier state just to be safe nothing is left that i am missing.
Now when i try to run the system restore i can get up to the point where the computer restarts and all, and the window then pops up saying that the Restore has failed.
I am aware the restore is on, and there is plenty of space for it to function.
So the only way i see this not working is becase some of the files are corrupt or were deleted.
At the moment i know of one solution. i think i can turn the restore off, then reboot, then put the restore back on, however by doing this would deleted all saved reset points. If i dont have the reset points prior to when my PC got the virus i dont see the point.
I was wondering if i could delete the file that had to do with the restore completely then put in my Xp windows cd and get the uncorrupted files of the "good" restore to be replaced and put on my computer?
If any one has any advice or thinks that there is another way besides deleting all my prior restore points please let me know.
I thank you.
Sir Ris
I had aquired a nasty virus called virtumonde or something.
I had a bunch of spyware and virus cleaners take care of it and now it is off of my system.
I am now aware that some of my registry files were removed and i think that this virus has corrupted the files of my system restore.
I would like to restore the computer to an earlier state just to be safe nothing is left that i am missing.
Now when i try to run the system restore i can get up to the point where the computer restarts and all, and the window then pops up saying that the Restore has failed.
I am aware the restore is on, and there is plenty of space for it to function.
So the only way i see this not working is becase some of the files are corrupt or were deleted.
At the moment i know of one solution. i think i can turn the restore off, then reboot, then put the restore back on, however by doing this would deleted all saved reset points. If i dont have the reset points prior to when my PC got the virus i dont see the point.
I was wondering if i could delete the file that had to do with the restore completely then put in my Xp windows cd and get the uncorrupted files of the "good" restore to be replaced and put on my computer?
If any one has any advice or thinks that there is another way besides deleting all my prior restore points please let me know.
I thank you.
Sir Ris
- Status
- Not open for further replies.
1 - 20 of 20 Posts
Virtumonde... The terror.
Install Spybot Search & Destroy and run a scan. That should fix things. It's the only AV I know of that has ever been able to remove (or even detect) Virtumonde.
Virtumonde is able to corrupt system restore, so you should get it removed ASAP.
Install Spybot Search & Destroy and run a scan. That should fix things. It's the only AV I know of that has ever been able to remove (or even detect) Virtumonde.
Virtumonde is able to corrupt system restore, so you should get it removed ASAP.
Have you tried on restoring in more earlier than the date you are trying to restore to?
i have tried to restart from every point, virtumonde corrupts it, i have also used spy bot and other things which has removed the virus, windows starts fine and all now its just that in the i think some of the registry files have been deleted and i want to know if there is any way to get a system reboot to work after virtumonde has apparently corrupted my restore?
will deleting everything that the restore has to do on my computer and then putting in a cd of my windows xp work? this way i can put the non corrupt files back on my computer?
will deleting everything that the restore has to do on my computer and then putting in a cd of my windows xp work? this way i can put the non corrupt files back on my computer?
Since it sounds like the virus has corrupted the system restore points you cannot use them. You will have to disable system restore and then reboot and then enable it. That should wipe out all previous restore points. I would recommend going to the security forum and go through the process of cleaning your system.
You said that you think that registry settings are missing. Why do you say that, is it acting strangely or something isn't functioning correctly?
You said that you think that registry settings are missing. Why do you say that, is it acting strangely or something isn't functioning correctly?
How about using some remover programs like Spy ware remover? Or anti virus programs and repair the infected files instead of deleting them.
When it comes to system restore trying to remove the infection is very unreliable. I have never seen it work without deleting the restore pointsHow about using some remover programs like Spy ware remover? Or anti virus programs and repair the infected files instead of deleting them.
Good point Lorjack,
Do you have your xp cd disc for the pc available?
Do you have your xp cd disc for the pc available?
So are we going to conclude a System Repair or Reformat then?
Do you have important data on the pc right now?
before we proceed...
before we proceed...
Like i said earlier since his PC is running he should go to the security forum and clean any malware out of his system. He'll still have to get rid of the restore points but he won't have to reformat the drive. I would suggest reformatting if he couldn't get it to boot, which is not the case.So are we going to conclude a System Repair or Reformat then?
i have gotten all the malware and viruses out of the computer, sometimes i can get it to go through and have the computer restart then it says restore failed, could it be that my anti virus stuff if getting in the way?
i found this file is not being read and is causing the problem: _filelst.cfg, any fix ideas?
Good point Undocked Windy,
I also agree with Lorijack too, as hesitant here in giving you any advice on
what to do knowing that you are or were infected, I cant say for sure that your pc is clean from your posts so being as that I would advice you to go to the virus Forum:
http://www.techsupportforum.com/f50/
Again if you have important data on the harddrive also go here and read this:
http://www.techsupportforum.com/f50/emergency-backup-procedure-306529.html
I also agree with Lorijack too, as hesitant here in giving you any advice on
what to do knowing that you are or were infected, I cant say for sure that your pc is clean from your posts so being as that I would advice you to go to the virus Forum:
http://www.techsupportforum.com/f50/
Again if you have important data on the harddrive also go here and read this:
http://www.techsupportforum.com/f50/emergency-backup-procedure-306529.html
i am 100% positive my pc is now clean, i have used a total of 7 different good spyware\antivirus protection tools. Thanks for the post as well i suppose that there is no other way then to do what was said in the article listed, thanks undocked windy.
I just wanna make sure there is no way for me to put in my windows cd and get the system restore info off of that right?
I just wanna make sure there is no way for me to put in my windows cd and get the system restore info off of that right?
Nope you can't use the CD for system restore.
will turning off and putting on system restore allow it to function once again?
system restore has been corrupted
system restore has been corrupted
Yes it should allow it to function again. But for you it would be useless because it will wipe out all your previous restore points.
1 - 20 of 20 Posts
- Status
- Not open for further replies.
Tech Support Forum
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Top Contributors this Month
View All
spunk.funk
143 Replies
SpywareDr
54 Replies
wolfen1086
45 Replies
Recommended Communities
