Loss of System Restore points after deleting "Suspect File."

Discussion in 'Trojan Defence Suite' started by Cyborg, Jul 17, 2005.

Thread Status:
Not open for further replies.
  1. Cyborg

    Cyborg Registered Member

    Dec 8, 2003
    After running a full-scan with TDS-3 a few items were found.

    I deleted one file which under "name" said something along the lines of "Not Trojan" but I still deleted it. I think it was the .exe file for Firefox as I recall.

    Also I have left the following:-

    "Positive identification: Riskware.Tool.KillApp.b
    File: c:\program files\creative\sbaudigy2\program\wdm\common\killapps.exe

    Positive identification: Riskware.Tool.KillApp.b
    File: c:\windows\system32\killapps.exe"

    I have seen these mentioned in other forums so I just renamed them to .old. Others have said you can delete them also without any consequence.

    I found that my PC seemed to be running a little on the slow side after re-booting. I thought oh oh so I just renamed the files back to what you see above.

    I thought oh well I will do a System Restore and see what happens. When I went into Control Panel all of my Restore Points had gone. I do not know how TDS-3 works when you actually delete a file but if that file is also contained within previous Restore Points would that account for all of my Restore Points being taken out?

    System Restore is still on and I have since made Restore Points that are still there. I have touched nothing within the settings of the Control Panel.

    In fact over the last few days I went over the top making quite a few Restore Points i.e. prior to installing TDS-3, prior to Port Explorer but also prior to Process Guard trial version. I unistalled the Process Guard trial as I thought it looked ok and that I would buy it any way. I havn't yet as I need to clear up this issue.

    I only use TDS-3 to scan files and do a full system scan - thats it. I don't have much of a clue about the rest of the things the software can do. Likewise I do not know how System Restore in Windows XP SP2 works apart from the fact if you mess something up normally you can go back to a point in time when your PC was OK which about sums it up.

    I had restore points going back to June so what is bothering me is can TDS-3 impact on System Restore or maybe installing Process Guard and then unistalling affect System Restore or does System Restore after a certain time clear itself down on its own?

    One thing I did do in TDS-3 without knowing what it is for is clicked on "Execute Protection - Install."

    Can you shed any light please on my loss of System Restore Points?

  2. Jooske

    Jooske Registered Member

    Feb 12, 2002
    Netherlands, EU near the sea
    Hi there and welcome to TDS!
    TDS does not delete system restore points. You might have lost them with disable system restore - reboot - enable system restore, after which you should recreate manually a new system restore point as all the older ones are deleted by your windows XP that way.
    Or you might have to change the authorisation (share) settings for the restore points folder to see them, although you see the newer ones so that will not be the issue here.

    I would like system restore to clean itself after a while as it is growing and growing! But i would like to be able to choose for myself which points i would allow it to clear out! I never heard it did.

    The killapps.exe has been discussed here too, best leave it in peace.

    In this forum are so many threads with lots of real info about TDS, a good start is the IMPORTANT sticky on top.
    Same for the ProcessGuard forum, Port Explorer forum and WormGuard forum.
    Do check out the products sites at www.diamondcs.com.au for lots of more info.

    We're here to help you with your questions!
  3. Cyborg

    Cyborg Registered Member

    Dec 8, 2003
    Thank you Jooske for responding.

    I now know, that TDS-3 is not responsible which is cool so I still have to figure out why I lost all of my System Restore Points.

    I hear what you say about the reasons as to why I could have lost my Restore Points. All I have done is create quite a few System Restore Points over a couple of days installed Process Guard, unistalled Process Guard, and then used CCleaner to take out any Registry data left behind.

    I then did a System Restore to a point before I installed Process Guard which I called "B4 Process Guard," which is what I do before I install any new software and touch wood it always seems to work. I have done nothing else; not changed any settings within the Control Panel within Performance and Maintenance so I guess I will just have to wait and see if it happens again. Maybe it was just one restore point too many that I created. :'(
Thread Status:
Not open for further replies.