|
| Computing.Net: Over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to sign up now, it's free! |
Disabling System Restore in 2000
|
Original Message
|
Name: Geir
Date: June 14, 2006 at 10:40:00 Pacific
Subject: Disabling System Restore in 2000OS: Windows 2000 5.00.2195CPU/Ram: 1.5GHz 1800+/2GB RamModel/Manufacturer: AMD Athlon |
Comment: I recently got a virus called BackDoor.SdBot.OUW and I am looking for a way to remove it. AVG could not heal it or move it to vault and it was not in the Virus Encyclopedia. I searched google and found out I have to disable system restore and there was a very detailed guide on how to do it. (http://www.microsoft.com/windows2000/community/centers/management/sysrestore_faq.mspx#EUH) Now, the problem is that i can not find the "System Restore" tab. On a picture, I think i saw around 7 tabs, while I have only 5. (Not sure of the English names of these, but something like: "General", "Network ID", "Hardware", "User Profiles" and "Advanced")If anyone has tips about the virus itself that would also be appreciated.
Report Offensive Message For Removal
|
|
Response Number 3
|
Name: Tufenuf
Date: June 14, 2006 at 11:11:22 Pacific
|
Reply: (edit)Geir, Try starting your computer in SAFE mode then run a virus scan. Removal Info at the links below. http://www.symantec.com/avcenter/venc/data/backdoor.sdbot.html http://www.pchell.com/virus/sdbot.shtml Tufenuf
 Report Offensive Follow Up For Removal
|
|
Response Number 5
|
Name: Geir
Date: June 14, 2006 at 12:59:49 Pacific
|
Reply: (edit)Thanks for the tip, Tufenuf. Ran a virus scan in safe mode, took a while but removed the virus and enabled me to edit the register. Jennifer, I can't find those values in my register are you sure it's the right link? I searched the register and they didn't appear, and I looked in the entries. Now, I'm not experienced with this sort of thing, but "MsMon32"="MsMon32b.exe" is supposed to be under "Value", right? There was a value that was not given or something like that, named standarad, but that's probably supposed to be there isn't it? Thanks for answers=)
Report Offensive Follow Up For Removal
|
|
Response Number 6
|
Name: Derek
Date: June 15, 2006 at 19:08:00 Pacific
|
Reply: (edit)Are you referring to:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run (and so forth)? If so, they are on all Windows systems. You should find all your running items in the one above. If the particular values given on the website are not present then fine, you don't want them. Website link is fine. Symantec = Norton and quite reliable. DerekW
Report Offensive Follow Up For Removal
|
Post Locked
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
Go to Security and Virus Forum Home
|
|
|
