I've used SR several times to recover from malware. It's always good, though, to run a scan or two in Safe Mode after just to be sure.
Roger Wright ___ I'm out of bed and dressed... what more do you want? On Fri, May 20, 2011 at 3:47 PM, Bob Hartung <bhart...@wiscoind.com> wrote: > I've had a couple of recent cases of scareware infecting some Windows XP Pro > systems here. One reported lots of virus infestations and prevented the user > from accessing the internet and, for a low price, would fix all. The other > reported that the hard drive had tons of errors and the boot sector was > gone, etc. And for a small fee, their utility could fix it. This system was > unusable. > > Maybe this is pretty basic but I haven't seen mention of it but in both > cases, Window's System Restore easily removed both. I've seen descriptions > of fixing infected systems involving fairly complex procedures and multiple > utilities. I guess I just wanted to recommend giving System Restore a try > first before resorting to the heavy artillery. > > On the system that had the failed hard drive scareware, it was impossible to > access System Restore in normal windows. I figured Safe Mode was the way to > go but I discovered System Restore is not available in Safe Mode. I did > learn that you can run System Restore in Safe Mode with Command Prompt. Just > enter "%systemroot%\system32\restore\rstrui.exe" at the command prompt and > you're in System Restore. Not sure why regular Safe Mode wouldn't have that > command available. > > Hope that's of help to someone else. > > ---------------------- > > Bob Hartung > Wisco Industries, Inc. > 736 Janesville St. > Oregon, WI 53575 > Tel: (608) 835-3106 x215 > Fax: (608) 835-7399 > e-mail: bhartung(at)wiscoind.com > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin