Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Would an image restore fix a virus infected PC?

11 Jun 2013   #1
spencer1

Windows 7 Home Premium x64
 
 
Would an image restore fix a virus infected PC?

I was just reading about all the new virus/malware threats. So far I've never been infected, but if it happens, would an image restore using the boot CD make everything A-OK again?


My System SpecsSystem Spec
.
11 Jun 2013   #2
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

Generally, yes it would....as long as you are absolutely confident the image is malware free.
My System SpecsSystem Spec
11 Jun 2013   #3
spencer1

Windows 7 Home Premium x64
 
 

I have backups dating from when my PC was new, so I should be alright. Geez, seems to me that an image restore is the best way out of a jam. Easiest too. Why bother with all those virus "fix it" programs and procedures that might not even work?
My System SpecsSystem Spec
.

14 Jun 2013   #4
damien76

Win7 Ultimate 64bit
 
 

As Golden pointed out you should be sure that the image you have is "clean". If it's not then you'll resurrect any virus you have from that image creation.

It's the focus on "not-getting-infected" that we should consider and that is taken care of our security setup and behavior/usage. So if you have created your image during a time that you have updated AV sigs (or layer securty apps like Malwarebytes) and have scanned the whole system and verdict is "no virus/malware" then your good to go. Those virus "fix it" programs and procedures are the ones that will attest that your system is clean prior creating a system image backup. Doing so without knowing you are "clean" or "not" is a coin toss.
My System SpecsSystem Spec
14 Jun 2013   #5
mjf

Windows 7x64 Home Premium SP1
 
 

Because you don't know how far back the infection occurred it is one reason why I keep multiple images dating back over some months. Restore the most recent until you're confident the malware isn't present. In addition to Malwarebytes and your regular anti malware software I have found Windows Defender Offline to be very rigorous in picking up things but use judgement with false positives.
My System SpecsSystem Spec
15 Jun 2013   #6
spencer1

Windows 7 Home Premium x64
 
 

Quote   Quote: Originally Posted by damien76 View Post
As Golden pointed out you should be sure that the image you have is "clean". If it's not then you'll resurrect any virus you have from that image creation.

It's the focus on "not-getting-infected" that we should consider and that is taken care of our security setup and behavior/usage. So if you have created your image during a time that you have updated AV sigs (or layer securty apps like Malwarebytes) and have scanned the whole system and verdict is "no virus/malware" then your good to go. Those virus "fix it" programs and procedures are the ones that will attest that your system is clean prior creating a system image backup. Doing so without knowing you are "clean" or "not" is a coin toss.
Thanks. I have what I call "the supreme image." It contains a brand-new Windows 7 installation composed with the settings and programs that I need... verified clean and ready-to-go.

I use MSE for real-time protection, and scans. Also do scans with Malwarebytes.

The "fix it" refers to after being infected with a virus. A quick image restore would be the best solution, IMO. Why mess with anything else?
My System SpecsSystem Spec
15 Jun 2013   #7
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

^ Good setup
My System SpecsSystem Spec
15 Jun 2013   #8
spencer1

Windows 7 Home Premium x64
 
 

Quote   Quote: Originally Posted by mjf View Post
Because you don't know how far back the infection occurred it is one reason why I keep multiple images dating back over some months. Restore the most recent until you're confident the malware isn't present. In addition to Malwarebytes and your regular anti malware software I have found Windows Defender Offline to be very rigorous in picking up things but use judgement with false positives.
Yeah, I do regular image backups along with file backups. It's good that external storage drives are so huge and cheap these days.

I will give Windows Defender Offline scan a try. Thanks for the info.
My System SpecsSystem Spec
15 Jun 2013   #9
spencer1

Windows 7 Home Premium x64
 
 

Quote   Quote: Originally Posted by Golden View Post
^ Good setup
Thanks Golden. Hope I haven't jinxed myself.. lol.
My System SpecsSystem Spec
17 Jun 2013   #10
jimbo45

Linux CENTOS 7 / various Windows OS'es and servers
 
 

Quote   Quote: Originally Posted by spencer1 View Post
I have backups dating from when my PC was new, so I should be alright. Geez, seems to me that an image restore is the best way out of a jam. Easiest too. Why bother with all those virus "fix it" programs and procedures that might not even work?
Hi there.

I've been trying to drum that into people's heads ever since I joined the forum -- why on earth would you even THINK of running ANY program on an infected computer - whatever the program was.

If it's impossible to guarantee that ANY AV program works 100% why do people then assume that any Cleansing program would be 100% OK too - especially if it was running on an already infected machine.

I'd probably re-format the HDD / SSD too before restoring the image -- I'd have backup of the other partitions too -- and the re-formatting would be done via a bootable Partition program such as Partition Wizard.

For W7 MSE is just as good (or as bad) as any others for A/V protection and it's Free.

Safe surfing, not opening email attachments unless you know EXACTLY who sent it, not giving out personal info over the web and above all avoid clicking on Links that are buried in a lot of download sites -- often a trick is to confuse the actual download with all sorts of other stuff that you don't actually want while the real download link is buried somewhere else in the site. Ilivid is one such example -- appears all over the place and it's just a money SCAM.

Avoid adding IE Toolbars like Bing search, registry cleaners, "performance scanners" and above all things like "Sneakerware" --driver sites are often like this -offers to FIND drivers for you but then you have to PAY to access that part of the site to get the software which in any case should be free from the manufacturers site.

If you follow those simple rules you should be OK -- and if you must visit some sites or install software from Torrents do it on a Virtual machine or take an image backup before you start so you can just restore if it all goes wrong.

Cheers
jimbo
My System SpecsSystem Spec
Reply

 Would an image restore fix a virus infected PC?




Thread Tools




Similar help and support threads
Thread Forum
Infected by an Explorer virus
Hi Seems like I've been infected by an IExplorer virus that first causes the the browser to crash and eventually slows down my entire system. I first started when I got a popup window asking me to update flashplayer.exe that kept popping up similar to this one. I tried everything including a...
System Security
how to fix infected from s.m.s.r.t virus
hello guys, i have window 7 home premium it is infected with the (data recovery) s.m.a.r.t virus. as i turn on the comp it it start with it, desktop is almost blank. i need help with it how to fix this pain ,and one more thing to tell you guys another message comes up same time :warn: System...
System Security
Keep getting infected with virus even after formatting pc
Hello. I am having a pretty serious issue with a virus that keeps re-infecting my pc even after I format and reinstall Windows. I will try to provide as much detail as possible about my situation. I have been dealing with this repeated infection for quite some time now and have tried a few...
System Security
I think my netbook is infected by a virus... HELP
Sorry for newbie questions. New here in the forums. My problem is, my task manager has 2 process "csrss.exe" and "winlogon.exe" and they dont have a username and description(BTW im using Windows 7 starter). Ive searched any info about it in google and they all said it was a windows process and its...
General Discussion
If your system was infected with a virus, would you ?
Would you, attempt to disinfect and clean or would you just format and reinstall Windows ? I guess it depends on how serious the situation is, but isn't reinstalling always best due to the fact it wipes everything clean ?
System Security
System infected with a Virus
I am using an AV "nod32 v3 Full Version" and since last 3-4 years i hadnt ever had any virus attack on my pc/lapy. few days ago i used flashdrive of a friend ofmine for formating and since then my lapy catched a virus from it. Exactly what it did was all folders in my data drives (g h)...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 05:35.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App