Restore Point unexpected...

Hi,

We pushed FSCS 10.00 on some computers from FSPMS and I do not know why but some of them have automatically made a restore point to an earlier date.

I need to know if anyone has suffered this problem?
I would also need to know if I can find more informations in logfiles on computers other than the Windows event log? If yes, which logfiles?

Best regards,

Vincent

Find more posts tagged with

Comments

Gary

Hi Vincent,

Have you check if the F-Secure installation went through successfully before the reboot? What if the user reinstall the F-Secure software after the system restore, will there be any similar problem happened after that? Additionally, was there anything in common between those machines that had a system restore after the F-Secure installation? (eg: OS, other vendors of Anti-Virus products installed, etc)

Best regards,

Gary

Vincent

Hi,

There is a misunderstanding I think...
After installing F-Secure, the user restarts his computer. This was then automatically restored to an old restore point.

So I'm not talking about the creation of a restore point but about an automatic rollback of the computer.

It's very strange and honestly I'm not sure F-secure has done this action but I have to investigate because the user told me he has done nothing wrong.

best regards,

Vincent.

Vad

We disabled creating Windows Restore point by CS product installer in version 10.00.

And I can see this from the log of CS 10.00 installation:

1   13/02/25 13:10:09   { StartSystemRestore()
2   13/02/25 13:10:09       Creating System Restore Point is disabled in INI file
1   13/02/25 13:10:09   } StartSystemRestore()
...

1   13/02/25 13:11:21       { EndSystemRestore()
2   13/02/25 13:11:21          System restore is not started.
1   13/02/25 13:11:21       } EndSystemRestore()

So, according to the log, Restore point wasn't created by F-Secure CS 10.00 product installer.

The only Restore point created by installer of CS 9.32 was done 14.08.2012:

1   12/08/14 08:46:08   { StartSystemRestore()
1   12/08/14 08:46:08       { CallSRSetRestorePoint(100,0)
1   12/08/14 08:46:08          restorePointInfo.szDescription = [F-Secure Client Security 9.32 build 112 Installation]
1   12/08/14 08:46:22          SRSetRestorePoint succeed.
1   12/08/14 08:46:22          Assigned sequence number is [43]
1   12/08/14 08:46:22       } CallSRSetRestorePoint(100,0)
1   12/08/14 08:46:22   } StartSystemRestore()

What is the name of your unexpected restore point? As you can notice, we give them names like "F-Secure Client Security x.x build x Installation"

Best regards,

Vad

Vincent

Hello Vad,

I put the logfile in attachment... FYI, the installation was completed on February 25.

My logfile is here. I hope yopu will be able to read it.

best regards,

Vincent

Vad

Hello Vincent,

The information about restore points created during F-Secure product setup is available in c:\windows\fssetup.log.

Could you, please, share this log from one of affected computers.

Thanks in advance,

Vad