Browser Redirect in IE and Mozilla

**Blade81** · 2008-11-30, 19:13

I'm sorry. Posted instructions for cleaning system restore of XP. Please find the right steps below.

Let's reset system restore
Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs changing those files. This is the only way to clean these files: You will lose all previous restore points which are likely to be infected. Please note you need Administrator Access to do clean the restore points.

A To disable the System Restore feature:

1. Click on the Start button.
2. Hover over the Computer option, right click on it and then click Properties.
3. On the left hand side, click Advanced Settings.
4. If asked to permit the action, click on Allow.
5. Click on the System Protection tab.
6. Uncheck any checkboxes listed for your hard drives.
7. Press OK.

B. Reboot.

C Turn ON System Restore.
Follow the steps like you did when disabling system restore but on step 6. check any checkboxes listed for your hard drives.

**devious** · 2008-11-30, 19:24

I am unable to uncheck the C:\ Drive from the list.

**devious** · 2008-11-30, 19:26

Sorry, accidently submitted.

It says that it's a "Group Policy" (On the Administrator)

Thanks,
devious

**Blade81** · 2008-11-30, 20:31

Hi

Download ERUNT
Save it to your desktop. Run and install this program.

In the box that opens ONLY choose
System registry.

Then click OK.

Click save and then go to File > Exit.
This is so the registry can be restored to this point if we need it. It may take a minute. Just let it go until it's done.

Go to registery edit (type regedit in RUN and press enter)
- Navigate to the following key
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\SystemRestore
- Delate following keys if found:

DisableConfig
DisableSR

Reboot if needed and see if you can change the system restore settings after that.

**devious** · 2008-11-30, 23:13

I downloaded it, backed it up and then deleted the two registries.

Didnt work... Now I am getting a "Searching..." Message. (See Attachment)

I am going to restore the reg, just to make sure it doesnt cause any damage.

Anything else I can try?

Thanks,
devious

**devious** · 2008-11-30, 23:25

Restoring the reg. backup didnt do anything! The searching message is still there...

What do I do?

Thanks
-devious

**Blade81** · 2008-12-01, 17:05

Hi

It shows same message in my system too for some time before showing any details. Did you wait any moment after you had opened system protection tab?

Creating & executing batch file
-------------------------------

Open notepad and then copy and paste the bolded lines below into it. Go to File > save as and name the file fixes.bat, change the Save as type to all files and save it to your desktop. (If you are still unsure on how to do this there is a little tutorial with pictures here)
@echo off
regedit /e c:\keyExport.txt "HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\SystemRestore"
notepad c:\keyExport.txt

Double-click on fixes.bat file to execute it.

Post back contents of c:\keyExport.txt (should open up in Notepad window).

**devious** · 2008-12-02, 00:30

Yep, I waited probley 2-3 minutes.

Heres the content of the log:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\SystemRestore]

Thanks
devious

**Blade81** · 2008-12-02, 21:34

Hi

How did you attempt to restore ERUNT backup?

**devious** · 2008-12-03, 01:15

By navigating to: C:\WINDOWS\ERDNT\30-11-2008

And then clicking ERDNT in that folder.

It game me like 8 error messages.

-Thanks
Devious

Thread: Browser Redirect in IE and Mozilla

Thread Tools

Display

Unable to un-check C:

Oops

Didnt work....

Uhoh

Tags for this Thread

Posting Permissions