RetouchPRO

Go Back   RetouchPRO > Tools > Hardware
Register Blogs FAQ Site Nav Search Today's Posts Mark Forums Read


Hardware Computers, displays, tablets, scanners, cameras, printers, etc.

Virus , Posting for Help and Direction

Reply
 
Thread Tools
  #31  
Old 11-17-2005, 10:26 AM
rondon rondon is offline
Senior Member
 
Join Date: Mar 2002
Location: north central florida
Posts: 470
End of discussion?

I'm dismissed am I?

Some people can get rid of anti-virus protection. Some people would like to ride bareback through the Valley of evil.

I've been running partitions for more than 5 years without a problem... It's the use of restore points that is relatively new to me. There is more to it than first appearance.

I don't think I was alone when I was using the old formatting C: (only) technique.. even among those running protection, and I think I was a late comer on the system restoration scene.

Even after I started using the restore point there were always many forgotten utilities... for instance FTP .. I seldom used it, so it was seldom in place when I needed it. Making a simple transfer a bit more difficult.

From these minor annoyances grew the idea of a restore point with everything in place.

I'm sure the idea has crossed many minds... my notice here is for those whose hasn't.... and to confirm to that it works for those considering it.
Reply With Quote top
  #32  
Old 11-17-2005, 11:54 AM
chrishoggy's Avatar
chrishoggy chrishoggy is offline
Senior Member
 
Join Date: Dec 2004
Location: Yorkshire
Posts: 578
Blog Entries: 1
These links may help some members.


http://support.microsoft.com/Default.aspx?kbid=831829

http://www.microsoft.com/technet/pro.../faqsrwxp.mspx

http://www.microsoft.com/uk/business...ist/step1.mspx

http://www.microsoft.com/uk/business.../article2.mspx

And for those running Windows XP SP2 only, check your full system on the link below
http://safety.live.com/site/en-US/default.htm

Also see this item on system restore.
http://www.computing.net/windowsme/w...rum/45340.html

Last edited by chrishoggy; 11-17-2005 at 12:15 PM.
Reply With Quote top
  #33  
Old 11-17-2005, 01:40 PM
rondon rondon is offline
Senior Member
 
Join Date: Mar 2002
Location: north central florida
Posts: 470
Ain't you Slick!

Your link on restoration is for win/ME only.. misleading to anyone trying to figure out what we are talking about...

RestoreIt simply copy's everything on the Hard drive ... then when needed formats the hard drive and re-installs the system exactly as it was when the restore point was created..

This is a viable alternative to security.. or for that matter could be used with security.. although that might be more difficult given the numerous updates needed bvirus protection.

Running around the Web Exposed as I am my computer has been HiJacked.. more so recently but usually after I have downloaded something large. I"ll notice that my modem is sending when it shouldn't be..

If the download was something I want to keep I move it to the other partition (no problem so far) and then use the restore point.
Occasion virus scans at Trend Micro show all partitions clear.
Reply With Quote top
  #34  
Old 11-17-2005, 01:41 PM
Gary Richardson's Avatar
Gary Richardson Gary Richardson is offline
Senior Member
 
Join Date: Mar 2004
Location: Yorkshire, England
Posts: 2,717
In the case of an infection with a kernel mode rootkit, doing a system restore will not remove the Malware.

System Restore only applies to User Mode, and does not affect your kernel structure, which has been modified by the infection to make detection or removal of the infection very difficult (and often impossible).

So Rondon, your method may work well generally, but does not provide protection against some of the more recent infections which are currently doing the rounds, and which are becoming more and more common. (At least 3 worms currently active carry a rootkit).
Reply With Quote top
  #35  
Old 11-17-2005, 01:55 PM
rondon rondon is offline
Senior Member
 
Join Date: Mar 2002
Location: north central florida
Posts: 470
willing to listen

Well Garyl .. maybe!.. I'm not enough of a techie to understand where the kernel structure dwells..
below is from the RestoreIt Page
-------------------------------
RestoreIT resides between the system BIOS of a PC and its operating system. During installation, the software creates a hidden partition where it saves complete (static) and partial (incremental) restore points. Unlike other data backup utilities, RestoreIT enables both file-level recovery, allowing you to undo changes to a personal file by returning it to an incremental backup point, and system recovery, which restores every file on a hard drive to a chosen static backup point.
-----------------------------------------
Is the Kernal structure part of the BIOS ?
Reply With Quote top
  #36  
Old 11-17-2005, 02:02 PM
chrishoggy's Avatar
chrishoggy chrishoggy is offline
Senior Member
 
Join Date: Dec 2004
Location: Yorkshire
Posts: 578
Blog Entries: 1
System restore in any windows OS (ME, 2000 Pro or XP etc) only restores the files it monitors. If you have a virus located in My documents folder for example, system restore will NOT touch it as it is user data. The same goes for any other folders or data files classed by system restore as user data (created by the user). This can be downloads or any file type for that matter.
Viruses worked round the system restore program within days of Microsoft introducing it years ago when ME was released.
RestoreIT works the same way as the Packard Bell recovery system, by using a hidden partition on the drive. Both are still open to virus attack/corruption, and by saving files to another partition you are wiping out any work done by RestoreIT.

Last edited by chrishoggy; 11-17-2005 at 02:19 PM.
Reply With Quote top
  #37  
Old 11-17-2005, 03:00 PM
rondon rondon is offline
Senior Member
 
Join Date: Mar 2002
Location: north central florida
Posts: 470
you said:

System restore in any windows OS (ME, 2000 Pro or XP etc) only restores the files it monitors.
well this brings us to where our thoughts differ...

With Windows XP I thought I had made restore points as deep into the system as RestoreIt goes..
The computer isn't here or anything with windowsXP on it so I can't go take a look. but I do know this. I used the factory restore point on that computer... installed all the software wanted, set the preferences then made a new restore point...
It was my nieces computer which was riddled with viruses,worms , etc.
She took it home and got it setup for her cable connection and then made another restore point... as yet un-needed..
What you are saying is that chances are if the computer gets bogged down again that restore point may not save her? That wasn't the feeling I had.

After thinking about it I had checked out the system restore in WIN2000 and also in win/Me as I had ran that for a few years. Actually I remember learning how to shut it off as it grew into a large chunk of my HDD.

BUT ..the recovery disks that came with it never failed to format the hard drive and reinstall WIN/ME ... I was never trying to recover the added software then. I can see where a partial restoration would be prone to all sort of problems... but that is pretty obvious. hence the Format.

But what I am into now does that very same format... but instead of installing just factory windows it installs all my software and preferences. none of it corrupted because of my faithful return each time to the restore point before performing whatever upgrades I had on my list.. then immediately creating another restore point.. This is the essence of my message here.. How to keep the restore point pristine..

This new restore point is not made permanent for a few days... not until I feel comfortable with it. Then I must return to it again before saving it as a static (permanent) point.

Also I'm learning that when making that temporary point (incremental) it is better to do it twice.. the newest file grows so I return to the 1st of the pair when ready to make it permanent.
Reply With Quote top
  #38  
Old 11-17-2005, 03:20 PM
chrishoggy's Avatar
chrishoggy chrishoggy is offline
Senior Member
 
Join Date: Dec 2004
Location: Yorkshire
Posts: 578
Blog Entries: 1
Have a look at the answers to questions 1, 8, 9 and 12 on the link below
http://www.microsoft.com/technet/pro.../faqsrwxp.mspx
I don't think it doesn't monitor user files, I know it doesn't, as it's there in black and white.
System restore only acts on the system files and program files within the system. It makes no changes to any user data files at all, thus rendering any attempt at virus removal useless. It may remove the changed windows/program files created by the virus, and give better performance to begin with. But it will not remove a virus from your system, unless it is contained within a monitored file type and NOT within a user data folder.
Reply With Quote top
  #39  
Old 11-17-2005, 04:24 PM
rondon rondon is offline
Senior Member
 
Join Date: Mar 2002
Location: north central florida
Posts: 470
I've always made a weak case for built in system restore

I'm having trouble deciding if you are saying none of it works or just Microsofts built in restore.. ?

It's Farstone's RestoreIt that I defend... and thought worth mentioning here.

On Windows I might have been overly optimistic.. a shame if so. I did wonder about Win/Xp's ability to retreat to an earlier restoration point without deleting later ones.. with RestoreIt any newer restore points dissolve.. and set furthest back is the one Static (permanent) restore point.

That is misleading though as you can delete it and make a new permanent restore point.. as often as you wish... This is the Restore point I talk about.. The one safe guarded thru it's development until it offers every preference and tweak I desire. When I use this restore point all others disappear..

software all in place with preferences set but never used... none of the debris I've came to believe is inherent with use.

all files and folders of mine are kept on a different partition .... the only thing I need to consider is whether I have any new favorites, emails or address book files to move..

This isn't for those who operate and keep all files on one partition.. At least my method isn't.
Reply With Quote top
  #40  
Old 11-17-2005, 05:11 PM
chrishoggy's Avatar
chrishoggy chrishoggy is offline
Senior Member
 
Join Date: Dec 2004
Location: Yorkshire
Posts: 578
Blog Entries: 1
Using the restoreIt would work, but by having/moving files to another partition or drive, you would be allowing the virus in to that partition/drive just by having it their in the first place. Virus would then re-infect the restored windows from the second partition/drive, although a scan would show your restored windows as clean to begin with.
The windows system restore version doesn't work at all, it just restores clean versions of the corrupted files created by some viruses.

To do it with RestoreIt would still require some anti-virus cover. Not just to cover your system but to cover your hidden restore files. A virus can still corrupt you hidden restoreIt files, rendering them totally useless and wiping out all you have backed up.
You will need only 1 partition that you back up once a day or what ever, and back up your other files created after the backup to CD or removable drive. Then when you restore to your good restoreIt point, you can scan the CD/drive for viruses before putting them back on the main drive. It needs to be done this way, as if they are on another fixed drive/partition, they can activate the virus before the restored anti-virus fires up.
What ever way you look at it, Anti-virus is needed in one form or another.

Just try AVG and see how it runs on your system. I'm willing to bet you will see little, if any difference in your net speed.

Free AVG anti-virus
Reply With Quote top
Reply

  RetouchPRO > Tools > Hardware


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -6. The time now is 08:46 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.
SEO by vBSEO ©2011, Crawlability, Inc.
Copyright © 2016 Doug Nelson. All Rights Reserved