Results 1 to 7 of 7
  1. #1
    New Lounger
    Join Date
    Dec 2009
    Posts
    10
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Can I use system restore to get rid of Malware?

    I'm usually very smart about scams but recently got taken. I was having trouble with my Yahoo email and to find the tech help phone number Googled "Yahoo Tech Support". I used the first phone number listed (888-307-9126- don't call them!). I explained my problem, the guy let on like he was a Yahoo tech and asked if he could take control of my screen. I thought he was legit and stupidly let him. He gave me some crock about rundll.32 being a keyblogger and tried to sell me expensive services to "clean" my machine. By the time I realized what was going on, who knows what he loaded on my machine, especially his own keylogger. Afterward I ran Windows security essentials full scan and Malwarebytes full scan. Nothing came up but I was still paranoid. I remembered he said, "what ever you do, don't run System Restore." Remembering Br'er Rabbit ("Whatever you do, don't throw me in the Briar Patch!") I ran System Restore. Luckily I had a restore point 4 days earlier. My question: will running System Restore right after getting malware get rid of it and clean it out of my registry or wherever else it's hiding?

  2. #2
    Lounge VIP
    Join Date
    Apr 2011
    Location
    Scotland
    Posts
    1,168
    Thanks
    44
    Thanked 134 Times in 115 Posts
    I'm afraid there can be no guarantee that System Restore would remove all traces of anything they put on your machine....but it's a reasonable starting point.

    If there are no other indications, particularly after System Restore from Safe Mode followed by a full Malwarebytes scan, I would say you probably dodged a bullet.

    Keep an eye on the system to make sure you don't see any unusual browser activity and if you still have concerns seek out a local reputable PC repair shop.
    In God we trust; all others must bring data.

    - William Edwards Deming. 1900 - 1993

  3. #3
    Plutonium Lounger Medico's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    12,631
    Thanks
    161
    Thanked 936 Times in 856 Posts
    As Tinto states, System Restore may not solve this type of problem because System Restore generally works with just the Windows System Files. A much better option for those whole hearted restorations would be Imaging. We have had many involved discussions on Imaging in the maintenance Forum. Take a look there for great possibilities.
    BACKUP...BACKUP...BACKUP
    Have a Great Day! Ted


    Sony Vaio Laptop, 2.53 GHz Duo Core Intel CPU, 8 GB RAM, 320 GB HD
    Win 8 Pro (64 Bit), IE 10 (64 Bit)


    Complete PC Specs: By Speccy

  4. #4
    New Lounger
    Join Date
    Dec 2009
    Posts
    10
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Thanks

    Thanks to both of you for the info. I did System Restore but not from Safe Mode, I'll see if I still have a restore point and try again. I'll also check out the Imaging.

  5. #5
    2 Star Lounger
    Join Date
    Feb 2010
    Location
    U.K.
    Posts
    113
    Thanks
    0
    Thanked 19 Times in 14 Posts
    Imaging your present system is NOT able to remedy existing malware.

    You allowed access to a stranger who could have set up a "Run Once" that upon the next Restart would fully complete and conceal the installation of ANYTHING,
    not just a keylogger,
    but perhaps a backdoor for remote observation and control via the Internet.

    Personally I would have no confidence in the system until I fully wiped the System Drive.
    I would also deal with malware on other partitions and drives.
    Then either restore an image backup created BEFORE the malware encounter, or do a full install of Windows.

  6. #6
    New Lounger
    Join Date
    Dec 2009
    Posts
    10
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Can I use system restore to get rid of Malware?

    Thanks for this information.
    Can I copy my data only to put back on the clean system without worrying about carrying malware back in?
    I have a laptop on the same home network. Do I have to wipe that also?

  7. #7
    Super Moderator CLiNT's Avatar
    Join Date
    Dec 2009
    Location
    California & Arizona
    Posts
    6,121
    Thanks
    160
    Thanked 609 Times in 557 Posts
    If the infected system was allowed to linger on the the network you will have to perform a thorough check on any
    other systems that were present as well.
    If you can't make a reasonable determination of what you were infected with, then you should consider yourself compromised.

    System restore is not a means of backup, and it's usefulness has a very narrow and limited degree of restorative abilities.
    DRIVE IMAGING
    Invest a little time and energy in a well thought out BACKUP regimen and you will have minimal down time, and headache.

    Build your own system; get everything you want and nothing you don't.
    Latest Build:
    ASUS X99 Deluxe, Core i7-5960X, Corsair Hydro H100i, Plextor M6e 256GB M.2 SSD, Corsair DOMINATOR Platinum 32GB DDR4@2666, W8.1 64 bit,
    EVGA GTX980, Seasonic PLATINUM-1000W PSU, MountainMods U2-UFO Case, and 7 other internal drives.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •