System Restore... viable malware remover?

Firestrider

Firestrider

New member
Power User
VIP
Local time
8:45 PM
Messages
333
I know some malware will embed themselves into restore points, but generally can going back to a system restore point that you know is clean remove malware?

Sometimes it can be faster to revert back to a system restore point than run a quick scan with mbam.
 

My Computer

Computer Manufacturer/Model Number
Intel WBIBX10J
OS
Linux (Debian, Android)
CPU
Intel Core i7 860
Motherboard
Intel DP55WB
Memory
2x 2GB Kingston DDR3-1333
Graphics Card(s)
AMD Radeon HD 5750
Sound Card
Realtek ALC888
Monitor(s) Displays
2x Dell Inc. E248WFP
Screen Resolution
3840x1200
Hard Drives
Intel X25-V
Samsung HD103SJ
PSU
Corsair CX400
Case
Silverstone GD05
Cooling
Stock
Keyboard
Dell Inc. Bluetooth Wireless
Internet Speed
30 Mbps
Maybe, but are you sure the restore point is clean? Maybe it contains the virus, but it just hasn't shown itself yet.

I don't think I could recommend that to people, because I see they fear System Restore anyway. If it doesn't work, they may lose programs and still need a virus scan.
 

My Computer

Computer Manufacturer/Model Number
Custom
OS
Windows 7 Professional x64
CPU
Intel i7 2600K OC'd @ 4620 MHz
Motherboard
Asus P8Z68-V Pro
Memory
16GB GSkill Sniper 2133 Mhz (4x4GB)
Graphics Card(s)
EVGA GeForce GTX 480 SuperClocked+
Sound Card
Realtek High Definition Audio
Monitor(s) Displays
2x Acer S273HLbmii 27"
Screen Resolution
2 x 1920x1080
Hard Drives
64GB Crucial M4 SSD

Storage: Hitachi 1TB 5400RPM, Samsung 1.5TB 5400RPM
PSU
Corsair HW Series 750w (modular)
Case
Cooler Master HAF 932 Advanced Blue Edition
Cooling
CM Hyper 212+ CPU cooler, 3x 230mm + 1x 140mm case fans
Keyboard
Logitech MK320 (wireless)
Mouse
Logitech MK320 (wireless)
Internet Speed
30 Mb/s : 2 Mb/s
System Restore is a so, so option. You may be OK or you may be not. And many times it does not work anyhow - often because the malware prevents you from using it.
It is better to do imaging to an external disk that you disconnect after the image is taken. I do that every second day (with Macrium). The fact that the disk was disconnected makes sure that no malware could get to it. And during the restore process you are running under the control of a seperately loaded Linux program - so no chance there either for malware.
 

My Computer

Computer Manufacturer/Model Number
HP, Dell, Gateway, Toshiba - 4 laptops and 2 desktops
OS
Vista, Windows7, Mint Mate, Zorin, Windows 8
CPU
from 1.6GHz Duo to i7
Monitor(s) Displays
2x HP w2207
Hard Drives
5x HDD, 7x SSD, 12x Externals
Keyboard
with trackball - no mices
Mouse
Trackball mice
Internet Speed
DSL 6000
Firestrider said:
I know some malware will embed themselves into restore points, but generally can going back to a system restore point that you know is clean remove malware?
Click to expand...

In my experience? No.
 

My Computer

OS
Windows 7 Home Premium x64
CPU
Intel Core 2 Quad Q9450 @ 3.2GHz
Motherboard
Asus P5Q PRO Turbo
Memory
4GB DDR2-800
Graphics Card(s)
MSI Radeon HD 5850
Sound Card
Creative Labs Audigy2 ZS
Monitor(s) Displays
Samsung 225BW
Hard Drives
(2) 1TB Samsung F1, (2) 1.5TB Samsung F2, 1TB Samsung F2, 2TB Samsung F3
PSU
Corsair HX650
Case
Antec Nine Hundred
JonM33 said:
Firestrider said:
I know some malware will embed themselves into restore points, but generally can going back to a system restore point that you know is clean remove malware?
Click to expand...

In my experience? No.
Click to expand...

Agreed. Usually I will delete all restore points after removing malware by turning system restore off and then back on.
 

My Computer

Computer Manufacturer/Model Number
ultraplanet - model 23
OS
Windows 7
CPU
P4 3.0 HT
Motherboard
Intel DQ965GF
Memory
4 gigs of Crucial DDR2
Graphics Card(s)
nVidia GeForce 7800GT 256MB 256-bit w/ ACCELS1 Rev 2
Sound Card
on board
Monitor(s) Displays
HP 2509m
Screen Resolution
1920x1080
Hard Drives
2x 320gb Seagate Barracuda's - SATA 3Gbit/s - RAID-0 array
PSU
650 watt
Case
Antec
Cooling
Cool Master
Keyboard
Logitech diNovo Media Desktop
Mouse
see keyboard
Internet Speed
comcast cable
Other Info
7 Ultimate and 7 Pro twice each at home - Gigabit on the Network - Tomato on the Linksys - I freely share my wireless with my neighbors (8-10 additional devices)
You must log in or register to reply here.
Back
Top