Would an image restore fix a virus infected PC?

[spencer1]

I was just reading about all the new virus/malware threats. So far I've never been infected, but if it happens, would an image restore using the boot CD make everything A-OK again?

 

[Golden]

Generally, yes it would....as long as you are absolutely confident the image is malware free.

 

[spencer1]

I have backups dating from when my PC was new, so I should be alright. Geez, seems to me that an image restore is the best way out of a jam. Easiest too. Why bother with all those virus "fix it" programs and procedures that might not even work?

 

[damien76]

As Golden pointed out you should be sure that the image you have is "clean". If it's not then you'll resurrect any virus you have from that image creation.

It's the focus on "not-getting-infected" that we should consider and that is taken care of our security setup and behavior/usage. So if you have created your image during a time that you have updated AV sigs (or layer securty apps like Malwarebytes) and have scanned the whole system and verdict is "no virus/malware" then your good to go. Those virus "fix it" programs and procedures are the ones that will attest that your system is clean prior creating a system image backup. Doing so without knowing you are "clean" or "not" is a coin toss.

 

[mjf]

Because you don't know how far back the infection occurred it is one reason why I keep multiple images dating back over some months. Restore the most recent until you're confident the malware isn't present. In addition to Malwarebytes and your regular anti malware software I have found Windows Defender Offline to be very rigorous in picking up things but use judgement with false positives.

 

[spencer1]

As Golden pointed out you should be sure that the image you have is "clean". If it's not then you'll resurrect any virus you have from that image creation.

It's the focus on "not-getting-infected" that we should consider and that is taken care of our security setup and behavior/usage. So if you have created your image during a time that you have updated AV sigs (or layer securty apps like Malwarebytes) and have scanned the whole system and verdict is "no virus/malware" then your good to go. Those virus "fix it" programs and procedures are the ones that will attest that your system is clean prior creating a system image backup. Doing so without knowing you are "clean" or "not" is a coin toss.

Thanks. I have what I call "the supreme image." It contains a brand-new Windows 7 installation composed with the settings and programs that I need... verified clean and ready-to-go.

I use MSE for real-time protection, and scans. Also do scans with Malwarebytes.

The "fix it" refers to after being infected with a virus. A quick image restore would be the best solution, IMO. Why mess with anything else?

 

[Golden]

^ Good setup

 

[spencer1]

Because you don't know how far back the infection occurred it is one reason why I keep multiple images dating back over some months. Restore the most recent until you're confident the malware isn't present. In addition to Malwarebytes and your regular anti malware software I have found Windows Defender Offline to be very rigorous in picking up things but use judgement with false positives.

Yeah, I do regular image backups along with file backups. It's good that external storage drives are so huge and cheap these days.

I will give Windows Defender Offline scan a try. Thanks for the info.

 

[spencer1]

^ Good setup

Thanks Golden. Hope I haven't jinxed myself.. lol.

 

[jimbo45]

I have backups dating from when my PC was new, so I should be alright. Geez, seems to me that an image restore is the best way out of a jam. Easiest too. Why bother with all those virus "fix it" programs and procedures that might not even work?

Hi there.

I've been trying to drum that into people's heads ever since I joined the forum -- why on earth would you even THINK of running ANY program on an infected computer - whatever the program was.

If it's impossible to guarantee that ANY AV program works 100% why do people then assume that any Cleansing program would be 100% OK too - especially if it was running on an already infected machine.

I'd probably re-format the HDD / SSD too before restoring the image -- I'd have backup of the other partitions too -- and the re-formatting would be done via a bootable Partition program such as Partition Wizard.

For W7 MSE is just as good (or as bad) as any others for A/V protection and it's Free.

Safe surfing, not opening email attachments unless you know EXACTLY who sent it, not giving out personal info over the web and above all avoid clicking on Links that are buried in a lot of download sites -- often a trick is to confuse the actual download with all sorts of other stuff that you don't actually want while the real download link is buried somewhere else in the site. Ilivid is one such example -- appears all over the place and it's just a money SCAM.

Avoid adding IE Toolbars like Bing search, registry cleaners, "performance scanners" and above all things like "Sneakerware" --driver sites are often like this -offers to FIND drivers for you but then you have to PAY to access that part of the site to get the software which in any case should be free from the manufacturers site.

If you follow those simple rules you should be OK -- and if you must visit some sites or install software from Torrents do it on a Virtual machine or take an image backup before you start so you can just restore if it all goes wrong.

Cheers
jimbo

 

[spencer1]

Hi Jimbo. Yes, better to press a button and go back to happier times. Wish actual life worked that way. And for sure, the internet is loaded with tricky stuff. I read about the FBI Moneypak virus/scam the other day. Wow.

You mentioned reformatting before restoring an image. Is a full format much better than a quick one? I think the restore program does a quickie.