malWare/virus first hit CTM-heres the path

Hello comodo and members-

On my Gateway 4400DS running -
Vista Home premium
Threatfire free
Win defender
Comodo Time mach. as a fallback

heres what was attacked and in what order it happened
to the best of my knowledge:

on a reboot CTM came up with a

“Reindexing the data” ticker (10% done- 20% done etc)
then when at 100% i got a error box stating that there
“is not sufficient room on drive” to accept this.

then up came the F8 login screen -safe mode, command prompt -start windows normally etc

I chose start win normally. then when fully booted, CTM was popped up running with a error
window stating that “restore point could not be restored due to insufficient room on drive”

i have 300+ GB free on my drive-

then upon clicking the top right X on the error window- i always avoid clicking “OK” if my systems
in a altered state as this obviously was-- viewing now at my CTM snapshots pane there was/is a new snapshot(restore point) titled something foreign, i dont recall what it was titled but it wasnt anything i made.

then my Avast went south via its auto updating with a “insufficient space to accept update” error.

then i got a couple error screens about “windows installer service not installed” followed by a
“disable/enable access control” error

i made my move to go into Windows restore, which showed over a dozen restore points- i chose one
back dated about 2 weeks earlier, clicked thru the restore process which ended in a error box stating
“system restore failed to rollback system to selected restore point–pls select a alternate blah blah blah”
then you can guess this one when i clicked the “back” button to reselect a different restore point
they were freeking gone…all of them.

this all happened in a matter of 1 reboot maybe 4 minutes tops.

can any of you seasoned members give me any advice on this…-? including if i gravely errored
by NOT turning off my windows restore when i installed CTM-??


i have 300+ GB free on my drive-
According to Windows or CTM ?

With CTM installed your “freespace” on disk is -
The Size of disk minus the sum total of space used at time of baseline plus the total of all snapshots.

So my next move if I were you.
Open CTM from taskbar Advanced.
At the bottom of these windows you will see your real current free space on disk.

!! remember !! this is because you have moved/changed/created/deleted/updated enough data that
you don’t have enough space to Not commit to any changes forever…

So back to the advanced window,
If windows is behaving and you don’t seem to be missing stuff.

Delete some or all snapshots and let CTM defrag the remainder.
This is finally committing some changes to disk
Also reset the baseline some point as some space can’t be gotten back if they have been deleted since the baseline snapshot was taken. :wink:

And you need to think through your strategy.
How far back in time do I need to go?
A week to a month suits most people, (depending on disk size, data writing, personal preference).

Why have a way outdated baseline that if you returned to it you would lose all updates etc. for months?

Yes, disable system restore and windows defrag service.
System restore is a waste of space with CTM installed. (when did it ever work fully)
Defragging gobbles up space like crazy!!!
Windows thinks it’s defragging but CTM is redirecting and tracking every write. (messy)

My settings are to auto create a snapshot daily, auto delete snaps over a week old.
auto defrag snapshots after deleting 3 snaps.

Once a month or so I’ll reset the baseline.

Hope this makes sense to you and helps.


This is extremely useful information. Why isn’t this made explicit in the description of how tm operates instead of finding out when there is a problem? I also noticed after the fact that tm included a second hd used to backup data from an earlier win xp installation. Consequently, there was only one snapshot ever created even though xp was showing plenty of gigabytes!

I very much appreciated your explanation of how touse tm on an going basis. however if i can recover my files, i will probably use some other software.

Bad, this makes a lot of sense to me, but I’m worried about resetting the baseline, since there recently
are many reports of problems:

So I’m wondering why others run into problems reseting the baseline but you don’t.
For example, is it that in your usage, the tree view of your snapshots is simple (e.g. all in a line
with no branches) where maybe their usage was more complicated (many restores and branches)?
Or do you do something like delete your snapshots manually before doing the reset baseline?

Would uninstalling (and choosing restore to current) and then reinstalling be safer than reset baseline?
Any suggestions?

I’d really like CTM to work, but with all the problem reports I’m very nervous depending on it.