Solved Restore-Virus Question

Jerry8A

Member
Restore-Virus Question
If I restore my computer to a time prior to when a virus is found on my computer, will the virus still remain on my hard drive?
I use Vista Home Premium.
Thanks,
Jerry
1/22/13
 

My Computer

Welcome
It is a point that is contentious, but I am certain of my answer. If you use System Restore to go back prior to the virus, you will be virus free. Virus do not change prior restore points, but you may have had a virus at the time that you made the restore points, In that case the virus has infected those points.
If the virus was a rootkit, you may want to reinstall, as they can hide themselves until it serves their interest to show themselves.
Bottom line, if you are 100% certain of the date that you downloaded the virus, you can go back with system restore.
If you are doubtful, a System Restore is not the way to go.
Be sure you get an all clear from your Anti Virus.
 

My Computer

System One

  • Manufacturer/Model
    Dell XPS420
    Memory
    6 gig
    Graphics Card(s)
    ATI Radeon HD3650 256 MB
    Sound Card
    Intergrated 7.1 Channel Audio
    Monitor(s) Displays
    Dell SP2009W 20 inch Flat Panel w Webcam
    Hard Drives
    640 gb
    Cooling
    Fan
    Keyboard
    Dell USB
    Mouse
    Dell USB 4 button optical
    Other Info
    DSL provided by ATT
That all depends. A virus can usually only be detected by an AV program once it has been updated with definitions that include the signature of the virus in question. Until that time, it is pure speculation as to when you acquired it. Although AV vendors are very quick at releasing definition updates, there is always a delay between a virus being found in the wild and the definitions being updated (and subsequently downloaded to your computer). This is the danger window, and it can be a matter of minutes, hours, or even days.

Using a System Restore point will, as Richard points out, make you virus-free. However, I would be inclined to use the point before the one that was created before the virus was discovered. For example, if the virus was discovered on Day 3 and you had restore points on days 1 & 2, I would use the older point (i.e. the point from day 1). In any case, I would perform a full scan with my AV software after restoring. Don't forget to update the definitions first, as these will also be rolled back by the restore.
 

My Computer

System One

  • Manufacturer/Model
    Dwarf Dwf/11/2012 r09/2013
    CPU
    Intel Core-i5-3570K 4-core @ 3.4GHz (Ivy Bridge) (OC 4.2GHz)
    Motherboard
    ASRock Z77 Extreme4-M
    Memory
    4 x 4GB DDR3-1600 Corsair Vengeance CMZ8GX3M2A1600C9B (16GB)
    Graphics Card(s)
    MSI GeForce GTX770 Gaming OC 2GB
    Sound Card
    Realtek High Definition on board solution (ALC 898)
    Monitor(s) Displays
    ViewSonic VA1912w Widescreen
    Screen Resolution
    1440x900
    Hard Drives
    OCZ Agility 3 120GB SATA III x2 (RAID 0)
    Samsung HD501LJ 500GB SATA II x2
    Hitachi HDS721010CLA332 1TB SATA II
    Iomega 1.5TB Ext USB 2.0
    WD 2.0TB Ext USB 3.0
    PSU
    XFX Pro Series 850W Semi-Modular
    Case
    Gigabyte IF233
    Cooling
    1 x 120mm Front Inlet 1 x 120mm Rear Exhaust
    Keyboard
    Microsoft Comfort Curve Keyboard 3000 (USB)
    Mouse
    Microsoft Comfort Mouse 3000 for Business (USB)
    Internet Speed
    NetGear DG834Gv3 ADSL Modem/Router (Ethernet) ~4.0 Mb/s (O2)
    Other Info
    Optical Drive: HL-DT-ST BD-RE BH10LS30 SATA Bluray
    Lexmark S305 Printer/Scanner/Copier (USB)
    WEI Score: 8.1/8.1/8.5/8.5/8.25
    Asus Eee PC 1011PX Netbook (Windows 7 x86 Starter)
Jerry8A,

Malware infecting the MBR (Master Boot Record), to my understanding, will not be removed with a System Restore.

System Restore backs up within the OS, and not the MBR.
 

My Computer

Also as a side note....if you do decide to do a System Restore just to remove a virus and find that you get back to a point that you are no longer infected, be sure to set a new Restore Point and remove the others.
 

My Computer

Back
Top