| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 51347 | 2004-11-18 09:05:00 | Remove XP Restore Points After Clean Up? | andrew93 (249) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 293583 | 2004-11-18 09:05:00 | Hi, I'm fixing up a neighbours PC which was full of viruses (virii?) and worms, as a favour. I think I've got rid of them all (but I'm still checking to make doubly sure) but before I give the PC back, with all of the right protection in place, should I delete the Windows restore points? Is there anything to be gained by doing this? Is there a risk the restore points are still contaminated? And can an old restore point reintroduce a virus or worm? I would appreciate your thoughts, comments and experiences please. OS = Win XP Home. Thanks, Andrew. |
andrew93 (249) | ||
| 293584 | 2004-11-18 09:13:00 | I would remove all the old restore points. The user can reintroduce a virus/worm etc if they roll the system back to when it was still infected. A lot of AV programs can detect infected restore points (but not remove them), so I would of expected this to be the case for you if they were infected? No messages about _restore files infected? Still, probably best to remove all restore points to be safe. The down side is if the viral removal has damaged some system files and you can no longer roll it back ... |
Jen C (20) | ||
| 293585 | 2004-11-18 11:00:00 | I say get rid of the restore points as well. If the comp had a few virus like you said, have you used three different scanners. The one installed, an on-line browser scanner, and the stinger. And if there were lots virus I would leave the system restore off for a couple of weeks, until you can be certain it's clean then turn it back on if they wish. |
Rob99 (151) | ||
| 293586 | 2004-11-18 20:39:00 | > The down side is if the viral removal has damaged some system files and you can no longer roll it back ... that can normally be fixed with sfc /scannow from the run command. |
viper (6375) | ||
| 293587 | 2004-11-19 03:02:00 | Thanks for your suggestions. I have used 3 anti-virus programmes and one of them found 20 instances of the swen virus so I guess it found the ones in the infected restore points. My concern was deleting the restore points and then having difficulty restoring the system in the absence of OS CD's (or as I said in my earlier post, reintroducing a virus from a restore point) - plus that was a good point about the damaged restore points. I think I will delete the existing restore points once I think I have got all of the nasties off the PC and then create a new restore point in case I need a fresh restore point in future. Thanks, Andrew |
andrew93 (249) | ||
| 293588 | 2004-11-19 08:28:00 | Andrew, You may wish to look at this, it compliments stinger and AVG nicely, will scan over a network, has free updates, and is free, www.emsisoft.com D. |
drb1 (4492) | ||
| 293589 | 2004-11-19 08:32:00 | Thanks drb1, I used those plus Hijack This. A. | andrew93 (249) | ||
| 1 | |||||