System restore accidentally deleted!

Can anyone help me bring back the system restore of my school's PC? It looks like it has been deleted when I cleaned its system of a virus; brontok I guess. It is not present anymore in the system tools. Do I need to reinstall windows? Help please...

Thanks,
thanatos

 

If you have an XP insallation CD, I recommend running a repair install of Windows XP. It's a handy way of fixing your XP installation and unlike doing a fresh install, your application programs and files will be retained!

Boot from your XP installation CD. At the welcome screen, choose Enter. Once at the license agreement, press F8. At the next screen press R (choosing to repair the selected Windows XP installation). The files will begin to install and then your PC will reboot. During the reboot you will be presented with option of booting from the CD again by pressing any key. Don't press anything. Allow it to finish the install without booting from the CD again.

Edit: Now that you edited your original post, qualifying the PC as belonging to the school, my suggestion may no longer be appropriate for you to perform!

 

Not only this, but it might had disabled ur task mannager and regdit as well. In that case, use this one.

Infiltration Recovery Tool 1.0 from here.

http://www.excessive-software.tk/

For system restore, this thread might help u.

https://www.wilderssecurity.com/showthread.php?t=166791&highlight=deleted services

See this link.

https://www.wilderssecurity.com/showthread.php?t=166791&highlight=deleted services

Tel us how u go? BTW how u got this worm and why did ur Antivirus let it run? It,s a very common worm as far as I know.

 

Actually, the computer I am talking about is the one I am using at school. Regarding the brontok worm, I guess it came from an infected flash drive. Other students usually like to save pictures, mp3s and games there. We managed to clean the worm using brontok washer. In order to prevent another infection, we installed a Bitdefender 10 trial and scanned the pc. A bunch of autoruns were deleted. However, there are times that Bitdefender say that autorun.bat (not sure, sorry) has been blocked. Then after a few weeks or so, I noticed that the run command and folder options are missing and system restore deleted. Bitdefebder still notifies us about that autorun... Don't worry about the missing run command and folder options. I managed to get them back. The PC is clean now and the AV is Avira Antivir PE Classic. The only problem now is gaining back system restore...

Guys, thanks for your help. I'll try doing your suggestions and visiting those hyperlinks. I hope they work...

By the way, I am planning to use hijackthis and sophos antirootkit. Any suggestions?

Thanks,
thanatos

 

No harm.
Is it ur own PC? or School,s PC?

 

It is the school's PC.

 

In that case u must be careful whatever u do. I wonder if its maintenance is ur responsilbility!
It,s needed to be secured and locked for future, limied users etc!

 

I edited my first post. Hope that made things clear now.

Well, I am not the only one using it. I am not the only student of our school. But since I use it during class, I just want to fix it.

 

It is clean now. So there is no possibility of passing the infection to other users. Thanks aigle!

 

I will tell you guys if I was able to reinstall system restore. Just wait for my future post! Thank you to aigle and pvsurfer!

Regards,
thanatos

 

Just follow the last link in my post no.3. Make a backup of the registry first.
I might not be around for a week or so but other users wil help u.

 

No rootkit was detected by Sophos Antirootkit. I was able to reinstall the System Restore using a Windows XP SP1 CD. The problem now is that I cannot disable it. The check box is grayed. I guest the logged-in user has no Administrator privileges. Please correct me if I am wrong. Help please.

thanatos

 

Sounds right. Congrats.

 

@zapjb
Thanks! I hope you are right. Nonetheless, I will try the "Repair broken Windows System Restore Service" repair utility of SAS.

 

Test SR 1st b4 trying SAS.

 

A school without DeepFreeze ? How is that possible ?

 

Hi, folks: Your school's IT Adm man must be a very very busy man like a chicken w/o head; running around trying to fix the problems you guys have created. or perhaps it is you and your classmates' testing toy? Again a school w/o DeepFreeze? unheard of, is there any IT budget at all, or your IT man ever visited wilder ?