HomeTechnicalsystem restore is not able to create a restore point

Comments

system restore is not able to create a restore point — 9 Comments

  1. I had a similar case recently where the customers computer was showing all the signs of bad malware infestation. After removing 65 trojan files with superantispyware, I found that there’s a class of trojan which leaves regedit, Folder view options, and Taskbar disabled. You feel horribly powerless when none of those funcions is working. There seems no obvious way to restore them without a registry edit.

    Fortunately there’s a neat little free utility called RRT (Remove Restrictions) at http://www.sergiwa.com which, with one click, restores those functions. Works like magic off a floppy if need be.

    Maybe there’s another class of trojans which disables System Restore funcions. There might be a tool for restoring that, too.

  2. Beau71: It was one of the countless Vundo variants.

    Vundo seems to be a particularly “efficient” vehicle… its been around for a long time, yet it keeps evolving into nastier and more difficult to remove versions…

    There must be hundreds of different Vundo variants out there :-O

  3. I had this same problem a few years ago. It also manifested itself with dual icons in the control panel. Very strange. I ended up wiping the hard drive and reloading everything from scratch.

  4. No, MalwareBytes is not a great tool. It is no good at all for tough jobs like this one. FIrst of all, it requires to update itself and what if thetre is no net connection like this virus does?? AND.. this virus actually edits the registry to prevent certain executables.. the popular malware and anti-virus programs. Yep.. anything else will run… but the tools to fix this thing. Sure, there is internet connection in some cases… but the virus block access to the websites for anti-virus sites… like PCTOOLS.COM and MalwareBytes.. those websites are blocked along with umpteen others including windows update. For some reason Malwarebyte people didn’t think it would be good idea to publish a way to manually update it.. meaning let you download the update on another computer and thenupdate the installation on the target machine. So dont waste you time with malwarebytes. The one things I found that works is to download the windows Malicious Software Removal tool on another computer and bring it over and it does run… and cleans up the infection pretty darn good. But there is so much damage left behind. I tried the RRT mentioned earlier.. but it is garbage. I wasted my money on it..it is a scam.. won’t even run. It is disappointing none of the super geeks can tell us how to fix the WIndows Restore function.. it shouldn’t be hard to do once someone figures it out. But the main thing is.. the dud who said to try MalwareBytes is smoking something.. ain’t no good on this one folks…. and PCtools product sucks too and isn’t worth it.

  5. Jaybird says:

    “I tried the RRT mentioned earlier.. but it is garbage. I wasted my money on it..it is a scam.. won’t even run.”

    Must be a different RRT to the one I have. It’s free, and while it doesn’t profess to succeed in all cases, it’s worked on the few occasions I’ve tried it. It should only be used after the infection has been removed, to clear up some of the mess left behind. If it won’t run, presumably the computer is still infected by self-replicating malware.

    Malewarebytes is excellent for removing some of those difficult infections others won’t touch, provided of course you are aware of the limitations mentioned by Jaybird, which apply to practically all defences. Once the nasty is in, it puts a protective shell around itself by disabling database updates.

    So, yes, I’d agree that all those anti programs have limitations. Nevertheless, they are very effective if used in the way in which they are intended, and should not be written off as garbage. They are best used by hooking the bad hard drive into another clean computer, then scanning.

  6. Well I spent the last few hours trying to re-enable restore after AVG spotted some dodgy trojans just after a proggy install that didn’t seem to be working – I’d quit it. I followed all the stuff that’s been mentioned before from other places and it was only when I tried SUPERAntiSpyware that the problem was solved – I must admit I didn’t expect it to after a bunch of disappointments but it picked up 3 things the others didn’t, and now all seems well again. Oh and I was not able to download any antispyware software …(guess I wasn’t supposed to) – I grabbed ’em on another machine and moved ’em over but SAS did update online once installed.

    Nice article anyway – saved me more angst 😉