Solved If you create a new restore point, is virus/malware still present?

jmfal

New member
Local time
9:50 AM
Messages
15
I've been trying to get rid of some kind of redireect malware using search and destroy, malwarebytes, and a few others. I think its under control, then this morning I downloaded PC Wizard, started to run it and it froze at 60%.
decided to uninstall, wouldn't, error message saying files are corrupt cannot remove.
Tried to Windows Explorer and all my desktop icons changed to IE icon. When I tried to open a program or file a dialogue box opened with the program name and the option to open or save but didn't do anything. The name of the box is "view downloads". It looked different than other dialogue boxes.
Anyway I booted into safemode tried to remove pc wiz, no go, so I created a earlier restore point. I just would like to know if the virus/maleware is removed because of the restore point or is it still in there?
 

My Computer My Computer

At a glance

WIN7 PRO 64bitIntel 4670K socket1150 (HASWELL) 3.40GHz16GB DDR3 Kingston 4GBx4 1600 MHzASUS GT240
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Build
OS
WIN7 PRO 64bit
CPU
Intel 4670K socket1150 (HASWELL) 3.40GHz
Motherboard
ASUS Z87-PLUS
Memory
16GB DDR3 Kingston 4GBx4 1600 MHz
Graphics Card(s)
ASUS GT240
Sound Card
ASUS ZONAR D2 PCI
Monitor(s) Displays
HP 2009m
Hard Drives
WD 1T-Win7 Pro 64 bit
WD 1T-Linux 64bit
2-WD 250GB (backups)
PSU
CoolerMaster 850w modular
Case
NZXT
Cooling
CoolerMaster
Keyboard
Logitech K350
NO, you have to restore to a restore point that was taken before the trouble started.
 

My Computer My Computer

At a glance

Vista, Windows7, Mint Mate, Zorin, Windows 8from 1.6GHz Duo to i7
Computer Manufacturer/Model Number
HP, Dell, Gateway, Toshiba - 4 laptops and 2 desktops
OS
Vista, Windows7, Mint Mate, Zorin, Windows 8
CPU
from 1.6GHz Duo to i7
Monitor(s) Displays
2x HP w2207
Hard Drives
5x HDD, 7x SSD, 12x Externals
Keyboard
with trackball - no mices
Mouse
Trackball mice
Internet Speed
DSL 6000
That doesn't guarantee a clean system. Some nasty viruses trash your restore points so they stick to your system.

You can boot into safe mode and then download/install Malwarebytes' Anti-Malware, perform a full scan and remove the infection. You can also download and burn recovery discs/boot CDs/DVDs from a clean PC and boot from there to remove the viruses.
 

My Computer My Computer

At a glance

Windows 7 Ultimate x64Intel(R) Core(TM) 2 Quad Q8200 @ 2.33 GHz2x2GB Kingston DDR21GB AMD Radeon HD 5450
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Built
OS
Windows 7 Ultimate x64
CPU
Intel(R) Core(TM) 2 Quad Q8200 @ 2.33 GHz
Motherboard
Asus P5KPL-AM SE Motherboard
Memory
2x2GB Kingston DDR2
Graphics Card(s)
1GB AMD Radeon HD 5450
Sound Card
VIA Technologies High Definition Audio Device
Monitor(s) Displays
Samsung SyncMaster 733NW
Screen Resolution
1440x900
Hard Drives
SEAGATE 320GB Barracuda® 7200.12, SATA 3 Gb/s, 7200 RPM, 16MB cache x 2
Case
Custom Casing
Cooling
Ice cubes from the freezer ;)
Keyboard
Generic Plug & Play Keyboard
Mouse
Optical Mouse
Internet Speed
Very slow
That's what I thoiught. If I go to a restore point, lets say 1 year ago, would all programs installed after that point still be there.
I have been using malwarebytes, spybot, and ME, everyday, sometimes they find something ,most of the time not.
 

My Computer My Computer

At a glance

WIN7 PRO 64bitIntel 4670K socket1150 (HASWELL) 3.40GHz16GB DDR3 Kingston 4GBx4 1600 MHzASUS GT240
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Build
OS
WIN7 PRO 64bit
CPU
Intel 4670K socket1150 (HASWELL) 3.40GHz
Motherboard
ASUS Z87-PLUS
Memory
16GB DDR3 Kingston 4GBx4 1600 MHz
Graphics Card(s)
ASUS GT240
Sound Card
ASUS ZONAR D2 PCI
Monitor(s) Displays
HP 2009m
Hard Drives
WD 1T-Win7 Pro 64 bit
WD 1T-Linux 64bit
2-WD 250GB (backups)
PSU
CoolerMaster 850w modular
Case
NZXT
Cooling
CoolerMaster
Keyboard
Logitech K350
No, if you go back one year you will get what you had 1 year ago. Only the user files stay intact.
 

My Computer My Computer

At a glance

Vista, Windows7, Mint Mate, Zorin, Windows 8from 1.6GHz Duo to i7
Computer Manufacturer/Model Number
HP, Dell, Gateway, Toshiba - 4 laptops and 2 desktops
OS
Vista, Windows7, Mint Mate, Zorin, Windows 8
CPU
from 1.6GHz Duo to i7
Monitor(s) Displays
2x HP w2207
Hard Drives
5x HDD, 7x SSD, 12x Externals
Keyboard
with trackball - no mices
Mouse
Trackball mice
Internet Speed
DSL 6000
Hi, jmfal.

If your security software is frequently picking something up, I suggest that you you do a thorough cleaning of your system. This means an updated, full system scan by your antivirus software followed by a shutdown/restart and a full scan with Malwarebytes. If anything is found, move on to an online scan, such as ESET or F-Secure.

Next, make sure you have installed all Microsoft security updates (lots coming this Tuesday!) as well as third-party software, particularly all Adobe products (Reader, Flash, AIR) and Java. Additionally, check add-remove programs and uninstall any old versions of Java found. (A good way to check if your system is missing security updates or has insecure applications, install Secunia Personal Software Inspector or, alternatively, visit Secunia - The Leading Provider of Vulnerability Management and Vulnerability Intelligence Solutions)

As to System Restore, if you restore your computer to a point that was created while your system was infected, then, yes, it is still there. If you revert to a very old restore point, remember that you will need to check for security updates.

At a point when you are confident that your system is running smoothly and is not infected, I suggest creating a fresh restore point and then use the Disk Cleanup tool to remove all old restore points. Instructions for Windows Vista and Windows 7:

  • Click start, type Disk Cleanup in the search box
  • Right-Click Disk Cleanup and select "Run as Administrator" and accept the UAC elevation prompt.
  • Select the drive where Windows is installed (if you have more than one drive) and click "OK".
  • When the scan completes, check/uncheck desired boxes.
  • Next, please click the More Options tab at the top.
  • Click the "Clean up..." button under the "System Restore and Shadow Copies" section at the bottom.
  • Click Delete in response to the question "Are you sure you want to delete all but the most recent restore point?", click OK and answer Yes again.
  • The disk clean up utility will remove the selected items. When it completes, please restart the computer to properly record the changes made to the hard disk.
Your final step, when the system is clean and updated, is to create a system backup. Here's a tutorial with complete instructions: Backup Complete Computer - Create an Image Backup - Windows 7 Forums
 

My Computer My Computer

At a glance

Windows 7 & Windows Vista Ultimate
OS
Windows 7 & Windows Vista Ultimate
Thank You for the help.
Ran a online scan from eset, found a couple of win32/adware, big help!
Secunia 100%
System running good, appreciate the advice
 

My Computer My Computer

At a glance

WIN7 PRO 64bitIntel 4670K socket1150 (HASWELL) 3.40GHz16GB DDR3 Kingston 4GBx4 1600 MHzASUS GT240
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Build
OS
WIN7 PRO 64bit
CPU
Intel 4670K socket1150 (HASWELL) 3.40GHz
Motherboard
ASUS Z87-PLUS
Memory
16GB DDR3 Kingston 4GBx4 1600 MHz
Graphics Card(s)
ASUS GT240
Sound Card
ASUS ZONAR D2 PCI
Monitor(s) Displays
HP 2009m
Hard Drives
WD 1T-Win7 Pro 64 bit
WD 1T-Linux 64bit
2-WD 250GB (backups)
PSU
CoolerMaster 850w modular
Case
NZXT
Cooling
CoolerMaster
Keyboard
Logitech K350
Glad to hear things are back to normal, jmfal. Let us know if you need further assistance.
 

My Computer My Computer

At a glance

Windows 7 & Windows Vista Ultimate
OS
Windows 7 & Windows Vista Ultimate
Back
Top