Can Zlob be removed by using a restore point?

  • Thread starter Thread starter rod
  • Start date Start date
Re: Can Zlob be removed by using a restore point?

From: "Alias" <iamalias@REMOVEgmail.com>

| David H. Lipman wrote:
>> From: "Alias" <iamalias@REMOVEgmail.com>

>> | If it gets to that point, I stop chasing ghosts and reinstall XP.

>> | Alias

>> Well there is always the Cost-Benefit Analysis (CBA).

>> However, the point is...
>> Dumping the System restore cache should be the last item on the list, not the first.


| Right. That way the blue meanies can keep raising their ugly heads out
| of SR even though you've nuked them in Normal, Safe Mode or a boot scan.

| Alias

Nope, not true. The System Restore cache is akin to a quarantine.

Please provide any facts (i.e., URLs) to any malware that actually runs from the System
Restore cache.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
 
Re: Can Zlob be removed by using a restore point?

From: "Onsokumaru" <onsok-sama@ninja.village.jp>


| "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
| news:uGibxSyGJHA.456@TK2MSFTNGP06.phx.gbl...
>> From: "Alias" <iamalias@REMOVEgmail.com>

>> | If it gets to that point, I stop chasing ghosts and reinstall XP.

>> | Alias

>> Well there is always the Cost-Benefit Analysis (CBA).



| And that would be to restore from the last known good backup that would take
| maybe an hour, (depending on machine specs of course).



No, the last know good backup is only for system related boot files and that doesn't keep
a cronological history and it too can be loaded infected.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
 
Re: Can Zlob be removed by using a restore point?


"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message news:OsZBsFyGJHA.3640@TK2MSFTNGP04.phx.gbl...
> From: "Alias" <iamalias@REMOVEgmail.com>
>
>
> | First thing I do when cleaning an XP box is to disable system restore to
> | flush out anything that might be lurking there.
>
> | Alias
>
> I used to recommend that approach.
>
> However, through communication with peers and experience, I no longer suggest this as a
> first approach.
>
> The reason is the System Restore is a valuable fall-back position.
>
> If you remove malware and the OS becomes unstable or somehow corrupted, you can restore
> the PC to its previous (albeit infected) condition and then change the motive operandi in
> cleaning the system. After thorough examination and cleansing of the PC and you are
> greatly assured the system is clean and operating in a stable manner, then dump the System
> Restore cache. Reboot re-enable and then create a clean new restore point.

I don't really see windows system restore as an asset to use at any time. I use ESATA
drives for complete system backups. I just happen to us acronis. I boot into linux
using the acronis back up and restore CD. This will delete the infected partition, reformat
and install the clean backup. No Rube Goldberg procedures.
 
Re: Can Zlob be removed by using a restore point?

Interesting,
So how long would a typical acronis backup like this take?


"Frank-FL" <bbunny@bqik.net>
I don't really see windows system restore as an asset to use at any time. I
use ESATA
drives for complete system backups. I just happen to us acronis. I boot
into linux
using the acronis back up and restore CD. This will delete the infected
partition, reformat
and install the clean backup. No Rube Goldberg procedures.
 
Re: Can Zlob be removed by using a restore point?

On Sat, 20 Sep 2008 15:29:38 -0400, just as I was about to take a
herb,"David H. Lipman" <DLipman~nospam~@Verizon.Net> disturbed my
reverie and wrote:

>Nope, not true. The System Restore cache is akin to a quarantine.

I've already asked him to do that but the schmuck refused...quel
surprise!

He's kerplunked anyway.
--

Cheers,

DrT

** Stress - the condition brought about by having to
** resist the temptation to beat the living daylights
** out of someone who richly deserves it.
 
Re: Can Zlob be removed by using a restore point?

Size matters. Twenty to forty minutes on the initial backup.
Ten to twenty minutes on the incremental.

"rod" <pookiethai@NOSPAMiprimus.com.au> wrote in message news:ei9KyZ9GJHA.740@TK2MSFTNGP03.phx.gbl...
> Interesting,
> So how long would a typical acronis backup like this take?
>
>
> "Frank-FL" <bbunny@bqik.net>
> I don't really see windows system restore as an asset to use at any time. I
> use ESATA
> drives for complete system backups. I just happen to us acronis. I boot
> into linux
> using the acronis back up and restore CD. This will delete the infected
> partition, reformat
> and install the clean backup. No Rube Goldberg procedures.
 
Re: Can Zlob be removed by using a restore point?


Thanks,
I have a fairly lean machine,
My big chunk 25Gb image database
I backup seperately.
I went shopping for a "see through" scanner today
and bumped into Acronis in the shop $69
I think I'll go for it.


"Frank-FL"
Size matters. Twenty to forty minutes on the initial backup.
Ten to twenty minutes on the incremental.

"rod" <pookiethai@NOSPAMiprimus.com.au> wrote in message
news:ei9KyZ9GJHA.740@TK2MSFTNGP03.phx.gbl...
> Interesting,
> So how long would a typical acronis backup like this take?
>
>
> "Frank-FL" <bbunny@bqik.net>
> I don't really see windows system restore as an asset to use at any time.
> I
> use ESATA
> drives for complete system backups. I just happen to us acronis. I boot
> into linux
> using the acronis back up and restore CD. This will delete the infected
> partition, reformat
> and install the clean backup. No Rube Goldberg procedures.
 
Back
Top