|
Posted by Ted Zieglar on October 17, 2005, 3:35 pm
If you were Registered and logged in, you could reply and use other advanced thread options
"Could he have used restore to fix this problem or does some malware corrupt
restore?"
Nope. System Restore doesn't remove malware.
"...can you make a "Golden" restore point and use it to fix malware
infections?"
You're on the right track. What you are referring to is called a "known good
image". Here's what that's all about:
An "image" is an identical, bit for bit copy of a hard disk, or any
partition on a hard disk. For example, you could make an image of your
system partition (the one that contains Windows and all your software) and
store that on a second hard disk or a DVD (for example). If you're imaging
your system partition at a point in time when you know 100% for sure for
sure that it's problem-free, you've got yourself a "known good image". Now,
if ever your computer gets damaged beyond the point of no return, you simply
"restore" the known good disk image - this means that you permanently
overwrite your entire disk, or just your system partition, with the known
good image and, voila, back in business.
Now this requires third party disk imaging software, which, because of the
concepts involved, can be a little tricky to figure out. But man, is it
worth the investment of your time. It takes just minutes to create an image
and minutes to restore one. And the disk imaging software will let you
schedule the image creation so that it happens automatically, as often as
you want. The software can even create the image while you're working on the
computer.
If this isn't the greatest thing since sliced bread...well, maybe you just
don't like sliced bread. But having a regularly updated known good image of
your system partition - I do one every day, sometimes more often - means
that you can always go back to a time when it was problem free.
Unfortunately, the two most popular (arguably) disk imaging programs are
about to be updated to new versions. In general, you'd rather wait a few
months until the quirks of a new version get worked out. But here they are:
Norton Ghost 10.0 by Symantec and True Image 9.0 by Acronis.
--
Ted Zieglar
"You can do it if you try."
> A friend's daughter some how ended up with Morwill search on her computer.
> He ran the standard things: SBS&D, Ad-Aware, F-Prot, and a-square. These
did
> not help although a-squared did fine until he rebooted. He then ran HJT
and
> I found a 02 and a 20 entry with vtsqo.dll and a google search turned up
> vundofix.exe which worked.
>
> Now the question:
>
> Could he have used restore to fix this problem or does some malware
corrupt
> restore? If restore would have worked, can you make a "Golden" restore
point
> and use it to fix malware infections?
>
> David
>
>
| 
XML site map