System Restore can remove a Virus.

I don't think I have a virus, but I was just curious. Because Microsoft System Restore restores the files and settings, can it remove a virus?

Friday, December 17, 2010, 01:17:12 + 0000, lnachtigal wrote:
 
> I don't think I have a virus, but I was just curious. Because Microsoft System Restore restore files and settings,
 
 
System Restore is usually * not * restore 'files and settings. He
restoration of very little next to the register.
 
 
> can it remove a virus?
 
 
Some viruses, Yes, but in general, no.
 
 

Ken Blake (MS-MVP)

Tags: Windows

Similar Questions

  • Cannot run some programs after system restore to remove the virus

    Hello

    Toshiba my duaghter had a nasty virus that pretends to be an antivirus software product, which sneaked in, between the time his default service Norton has expired and I had the time to install Trend.

    Can not remove it using trend, so on the advice of a friend, decided to make a windows system restore to a point before the infection. It worked successfully and the virus has disappeared, but now she can't run some programs, I tried to reinstall Trend, but fails because he says you must first uninstall Norton. But I can't run Norton, or uninstall, and certain folders on C: are no longer accessible.

    I have to do a full restore of the Toshiba System (IE back tofactory settings? This seems a drastic measure, but the issue is beyond my meager knowledge of PC.

    Thank you

    Graeme

    Hey Buddy,

    Hmm... This announcement is a bit confusing... Maybe the programs you want to say were installed after the system restore point, who knows?

    In my opinion you must reset the laptop configuration that you have already written. This will restore the pre-installed Windows version where everything is working correctly and that all the drivers and tools are installed.

    Therefore, you only need the Toshiba Recovery disk and boot from it. This will restore the factory settings.

    Check this box!

  • Update lost because the system restore - can't find it!

    Gnnnnn! Cannot find the Defender Update KB915597 def 1.111.1823.0 to reinstall. Installed with Vista Update KB2607712 on September 12, 2011 and cannot start. You had to do in safe mode system restore. Concerned not sure without defender update and that Vista needs updating too. Have you tried a lot of research to find the update of Defender to download, please, where is he? Do I really need them? Do not understand the DigiNotar info on the site of Ms. I guess it was the Vista that caused the problem, but I don't know, try them separately, but cannot find the update of Defender. Thanks to you all

    A system restore does not remove Windows Defender definitions. I hope that you do not use WIndows Defender to safety as it monitors only a limited category of threats. You should run an antivirus so or you must replace it with Microsoft Security Essentials.

    Latest definitions can be downloaded here:

    http://www.Microsoft.com/security/portal/definitions/HowToWD.aspx

    KB2607712 has been replaced by KB2616676.

    http://support.Microsoft.com/kb/2616676

    You are unlikely to be affected by the problem of DigiNotar unless you are based in Iran or in the Netherlands.

  • System Restore and Norton anti-virus (WIN 7)

    Hello

    I was wondering if anyone had a solution or thought about this challenge: when I go to restore a system restore time, I get an error message indicating that it cannot restore because of an anti-virus program.   Does this mean I have to disable the program before anti-virus I try to restore the system?  And I have to disable the anti-virus program when I create a new restore Point?

    Thank you

    Norton products have a safety feature that prevents outside programs change the Norton product. This security feature can prevent the Windows system restore from changing Norton files, which translates as a "Restoration incomplete" message

    Follow the instructions of Norton on the link below to work around this problem when running system restore. Restore protection for files Norton once the system restore is complete.

    http://www.Symantec.com/Norton/support/kb/web_view.jsp?wv_type=public_web&docURL=20080818173549EN&LN=en_US

  • System Restore has removed my personal files

    Today 26/12/09 and I added a new folder and photos on a secondary hard drive (D :) on my PC and put one of the images as my desktop background.) I then changed the date of my computer to 03/11/08 and then noticed that I had to do a system restore to an earlier version (12/23/09) day of this year. Once the computer has been restarted, my PC has been arrived in 2008, which erased all my points 2009 recent restoration. I also noticed that folder and photos originally placed on additional hard drive completely disappeared (I tried to search for all the ways I could - I remember one of the images had the words 'eyes' in the title). However, the picture that I put my wallpaper is always displayed. When I look at the display properties, it does not show what the name of the file is good... He pointed out just a different picture. This leads I think that the record and the photos may still be on my computer, but I don't know if they are hidden or something? Is there a way to search where the desktop display properties is actually the link to the file currently displayed as my wallpaper (photos of 'eyes')?

    Oh, and I changed the date of my computer in 2009.

    the same thing happened to me, I downloaded a free recovery program, the files back and tried to copy on my desktop, a window then asked if I wanted to replace the same files in the folder, which meant that they were hidden just for windows 7 If you go to your computer, click the button hold, then options records and research near the bottom it says 'show all files' with a checkbox, click on it then click on where you have the files/folders and they will be a little transparent, make a right click on the file/folder and select Properties, downstairs there two checkboxes, one with "read-only" and the other with 'hidden' uncheck both and click on apply ". , a window is displayed, select 'apply changes to this folder, subfolders and files' press OK and click OK, then the same thing to another until you have your files back

  • Any software Antivirus can remove the Virus known as Rootkit.Boot.SST.b

    Rootkit.Boot.SST.b is a virus that affects the mbr code. Can any Antivirus solve this problem.

    How to remove this type of Virus.

    Try Rootkit in Kaspersky killer, latest version.

    http://support.Kaspersky.com/FAQ?chapter=176492791&print=true&QID=208283363

    Tom Ferguson

  • Windows Vista system restore problems

    Hello

    I picked up a nasty virus on my laptop and have all sorts of questions to get rid of him.

    I tried to perform a restore of the system in safe mode, but there is a major problem: there is no 'System Protection' tab on the box 'system properties '!

    How can I perform a system restore to remove a virus if it is not an option to perform the system restore?

    ARRRGGHH is side me crazy! Any advice would be greatly appreciated.

    See you soon

    Hello

    I picked up a nasty virus on my laptop and have all sorts of questions to get rid of him.

    I tried to perform a restore of the system in safe mode, but there is a major problem: there is no 'System Protection' tab on the box 'system properties '!

    How can I perform a system restore to remove a virus if it is not an option to perform the system restore?

    ARRRGGHH is side me crazy! Any advice would be greatly appreciated.

    See you soon

    Hey Geoff75

    malware normally stops you doing a restore of the system to protect themselves from you trying to remove

    Download updated and then analyze with the version free malwarebytes anti-malware in safe mode with networking

    http://www.Malwarebytes.org/MBAM.php

    Windows Vista

    Using the F8 method:

    1. reboot your computer.

    2. when the computer starts, you will see your computer hardware are listed. When you see this information begins to tap theF8 key repeatedly until you are presented with the Boot Options Advanced Windows Vista.

    3. Select theMode safe mode with networking option using the arrow keys.

    4. pressenter on your keyboard to start mode without failure of Vista.

    5. when Windows starts, you will be at a typical logon screen. Connect to your computer and Vista goes into safe mode.

    6 do whatever tasks you need and when you are done, reboot to return to normal mode.

    Walter, the time zone traveller

  • Can not access the system restore.

    After the removal of a virus, no visible icons on desktop except Mcafee on the toolbar at the bottom.  Was able to access the internet by clicking on Mcafee and then update.  When you click Start the only visible program is Mcafee.  Cannot see the control panel or Windows help/support or anything else.  "Run" is not available.

    Someone suggested that if I run the system restore, it could solve the problem.  But the problem is that I can't access it in the usual way.

    Hi Oishi Kuranosuke,

    ·         Are you able to access the system restore in safe mode?

    ·         You get the error message?

    System Restore can bring back the virus.

    Follow these methods.

    Method 1: Scan the file system (CFS) auditor to repair corrupted files.

    Description of Windows XP and Windows Server 2003 System File Checker (Sfc.exe)

    http://support.Microsoft.com/kb/310747

    Method 2: Create a new user account.

    How to create and configure user accounts in Windows XP

    http://support.Microsoft.com/kb/279783

    If the problem is resolved in a new user account, and then follow the article on how to fix a corrupted user account.

    How to copy data from a corrupted to a new profile in Windows XP user profile

    http://support.Microsoft.com/kb/811151

  • My system restore feature does not work after recovering from a virus

    I recently had a virus and I had removed it by my anti-virus provider technicians. I had to boot mode safe several times and now I have found the system restore gives me the message "system restore has been disabled by group policy. To turn on system restore, contact your domain administrator.

    I am the administrator on my computer and the only user, and when I try to turn the system restore in system properties is not there! Any help would be appreciated. I use Win XP Pro SP3 pre-installed on a Compaq.

    Robert

    I read the reply joelj1964 gave fixmycomp on do start, run and type GPEDIT. MSC, but when I got to the system has no system restore. Probably the virus removed?

    Robert

    I fixed the problem thanks to what joelj1964 says "fixmycomp". I managed to find the restoration of the system configuration in the system [at the beginning I was looking in the wrong folder] and I tweaked between off, on and off the restoration and system configuration disabled, enabled, and disabled and after some trial and error [they are two people with disabilities now] and restart 2 - 3 times the system restore worked and now I can do the restore points.

    We want to joelj1964 for its indirect support.

    Robert

  • my computer is infected with a virus. I'm doing a system restore

    my computer is infected with a virus, I'm doing a system restore, but when I click on the tab to do it I get a message tha States window cannot find the path of restoration of the suggestions.

    Hello

    By using the system restore when you have malicious software is not a good idea, although she would go. System restore
    can actually help to spread malware and make more difficult or impossible to remove the malware. Best
    to remove malware and if it does Restore Point then use those IF necessary.

    -------------------------------------------------------------------------------------------------------------------------------
    If you need search malware here's my recommendations - they will allow you to
    scrutiny and the withdrawal without ending up with a load of spyware programs running
    resident who can cause as many questions as the malware and may be more difficult to detect as the
    cause.

    No one program cannot be used to detect and remove any malware. Added that often easy
    to detect malicious software often comes with a much harder to detect and remove the payload. Then
    its best to be thorough than paying the high price later now too. Check with them to one
    extreme overkill point and then run the cleaning only when you are sure that the system is clean.

    It can be made repeatedly in Mode safe - F8 tap that you start, however, you must also run
    the regular windows when you can.

    TDSSKiller.exe. - Download the desktop - so go ahead and right-click on it - RUN AS ADMIN
    It will display all the infections in the report after you run - if it will not run changed the name of
    TDSSKiller.exe to tdsskiller.com. If she finds something or not does not mean that you should not
    check with the other methods below.
    http://support.Kaspersky.com/viruses/solutions?QID=208280684

    Download malwarebytes and scan with it, run MRT and add Prevx to be sure that he is gone.
    (If Rootkits run UnHackMe)

    Download - SAVE - go to where you put it-right on - click RUN AS ADMIN

    Malwarebytes - free
    http://www.Malwarebytes.org/products/malwarebytes_free

    Run the malware removal tool from Microsoft

    Start - type in the search box-> find MRT top - right on - click RUN AS ADMIN.

    You should get this tool and its updates via Windows updates - if necessary, you can
    Download it here.

    Download - SAVE - go to where you put it-right on - click RUN AS ADMIN
    (Then run MRT as shown above.)

    Microsoft Malicious - 32-bit removal tool
    http://www.Microsoft.com/downloads/details.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

    Microsoft Malicious removal tool - 64 bit
    http://www.Microsoft.com/downloads/details.aspx?FamilyId=585D2BDE-367F-495e-94E7-6349F4EFFC74&displaylang=en

    also install Prevx to be sure that it is all gone.

    Download - SAVE - go to where you put it-right on - click RUN AS ADMIN

    Prevx - Home - free - small, fast, exceptional CLOUD protection, working with others
    security programs. It is a single scanner, VERY EFFICIENT, if it finds something to come back
    here or use Google to see how to remove.
    http://www.prevx.com/   <-->
    http://info.prevx.com/downloadcsi.asp  <-->

    Choice of PCmag editor - Prevx-
    http://www.PCMag.com/Article2/0, 2817,2346862,00.asp

    Try the demo version of Hitman Pro:

    Hitman Pro is a second scanner reviews, designed to save your computer from malicious software
    (viruses, Trojans, rootkits, etc.). who infected your computer despite safe
    what you have done (such as antivirus, firewall, etc.).
    http://www.SurfRight.nl/en/hitmanpro

    --------------------------------------------------------

    If necessary here are some free online scanners to help the

    http://www.eset.com/onlinescan/

    -----------------------------------

    Original version is now replaced by the Microsoft Safety Scanner
    http://OneCare.live.com/site/en-us/default.htm

    Microsoft safety scanner
    http://www.Microsoft.com/security/scanner/en-us/default.aspx

    ----------------------------------

    http://www.Kaspersky.com/virusscanner

    Other tests free online
    http://www.Google.com/search?hl=en&source=HP&q=antivirus+free+online+scan&AQ=f&OQ=&AQI=G1

    --------------------------------------------------------

    Also follow these steps for the General corruption of cleaning and repair/replace damaged/missing
    system files.

    Run DiskCleanup - start - all programs - Accessories - System Tools - Disk Cleanup

    Start - type this into the search-> find COMMAND to top box and RIGHT CLICK-
    RUN AS ADMIN

    Enter this at the command prompt - sfc/scannow

    How to analyze the log file entries that the Microsoft Windows Resource Checker
    (SFC.exe) program generates in Windows Vista cbs.log
    http://support.Microsoft.com/kb/928228

    Run checkdisk - schedule it to run at the next startup, then apply OK then restart your way.

    How to run the check disk at startup in Vista
    http://www.Vistax64.com/tutorials/67612-check-disk-Chkdsk.html

    -----------------------------------------------------------------------

    If we find Rootkits use this thread and other suggestions. (Run UnHackMe)

    http://social.answers.Microsoft.com/forums/en-us/InternetExplorer/thread/a8f665f0-C793-441A-a5b9-54b7e1e7a5a4/

    I hope this helps.

  • Recently upgraded to the new version of Firefox and after a Windows system restore was performed today Firefox is therefore more accessible (by clicking on icon Firefox results in nothing) what can I do?

    After System Restore Mozilla Firefox icon is still on the screen but now when I click on the Firefox icon does not open. I have a number of bookmarks saved I'd perfer not to lose - is there anyway I can restore Firefox without losing bookmarks?

    Using the system restore can cause your installation of Firefox get corrupted because not all files are restored, so be careful to do a system restore.

    Do a cleaning (re) install and delete the folder of the program Firefox (C:\Program Files\Mozilla Firefox\).

    Download a new copy of Firefox and save the file to the desktop.

    Delete the program folder Firefox before installing newly downloaded copy of the Firefox installer.

    Your bookmarks and other profile data stored in the Firefox profile folder and will not be affected by a relocation, but make sure that you do not select delete data of a personal nature if you uninstall Firefox.

  • I can not access my system restore.

    When I click on the system restore, nothing happens. It is not on my Add / Remove programs. What can I do to get it back? Thank you.

    System Restore can be run in normal mode or safe mode.

    It is not located under the Control Panel Add/Remove programs.

    Instead it is located via the button start > all programs > Accessories > system tools.

  • system restore points when they and how do I remove them

    Remember - this is a public forum so never post private information such as numbers of mail or telephone!

    Behold, it is I reinstalled Vista and now my portion of my hard drive recovery is almost full and he tells me to delete some of my restore points which could clear enough space to take care of the necessary space.  I tried to find files to restore and no luck in that area someone can lend a hand in this area pease.

    Ideas:

    • You have problems with programs
    • Error messages
    • Recent changes to your computer
    • What you have already tried to solve the problem

    Hello

    Don't forget to check with the system manufacturer for instructions, as the recovery of your system and the
    Restore points should not have one impact on the other. Did you use OEM manufacturer system
    disc to re - install Windows?

    Phantom memory also holds your restore VSSadmin points it defines parameters.

    How to create a Vista System Restore Point
    http://www.Vistax64.com/tutorials/76332-system-restore-point-create.html

    How to make a Vista system restore
    http://www.Vistax64.com/tutorials/76905-System-Restore-how.html
    How to turn System Restore on or off in Vista
    http://www.Vistax64.com/tutorials/66971-system-restore.html

    Adjustment of the amount of disk space, System Restore uses for restore points
    http://bertk.MVPs.org/html/diskspacev.html

    How to change how much Space System Restore can use
    http://www.Vistax64.com/tutorials/76227-system-restore-disk-space.html
    http://www.Petri.co.il/change_amount_of_disk_space_used_by_system_restore_in_vista.htm

    ShadowStorage vssadmin commands
    http://TechNet.Microsoft.com/en-us/library/cc755866 (WS.10) .aspx
    http://technet2.Microsoft.com/WindowsServer/en/library/89d2e411-6977-4808-9AD5-476c9eaecaa51033.mspx?mfr=true

    Guide to Windows Vista system restore
    http://www.bleepingcomputer.com/tutorials/tutorial143.html

    Expiration errors occur in Volume Shadow Copy service writers, and shadow copies are lost during
    backup and at the time when there are high levels of input/output
    http://support.Microsoft.com/?ID=826936

    A good utility:

    Explorer of the shadow - free
    http://www.ShadowExplorer.com/

    -Free - CCleaner can also see Restore Points and remove everything except the last.
    Tools - System Restore
    http://www.Piriform.com/CCleaner

    CCleaner - Forums
    http://Forum.Piriform.com/

    Hope these helps.

    Rob Brown - MS MVP - Windows Desktop Experience: Bike - Mark Twain said it right.

  • After you create a system restore point manually, I can't find the point.

    Original title : What's next?

    After you create a system restore point manually, I can't find the point.  Where is he?

    Hello

    More than you probably ever wanted to know.

    How to create a Vista System Restore Point
    http://www.Vistax64.com/tutorials/76332-system-restore-point-create.html

    How to make a Vista system restore
    http://www.Vistax64.com/tutorials/76905-System-Restore-how.html
    How to turn System Restore on or off in Vista
    http://www.Vistax64.com/tutorials/66971-system-restore.html

    Adjustment of the amount of disk space, System Restore uses for restore points
    http://bertk.MVPs.org/html/diskspacev.html

    How to change how much Space System Restore can use
    http://www.Vistax64.com/tutorials/76227-system-restore-disk-space.html
    http://www.Petri.co.il/change_amount_of_disk_space_used_by_system_restore_in_vista.htm

    ShadowStorage vssadmin commands
    http://TechNet.Microsoft.com/en-us/library/cc755866 (WS.10) .aspx
    http://technet2.Microsoft.com/WindowsServer/en/library/89d2e411-6977-4808-9AD5-476c9eaecaa51033.mspx?mfr=true

    Guide to Windows Vista system restore
    http://www.bleepingcomputer.com/tutorials/tutorial143.html

    Expiration errors occur in Volume Shadow Copy service writers, and shadow copies are lost during
    backup and at the time when there are high levels of input/output
    http://support.Microsoft.com/?ID=826936

    A good utility:

    Explorer of the shadow - free
    http://www.ShadowExplorer.com/

    You can also view the bridges restore in CCleaner - tools - system restore.

    CCleaner - free - on the left side click on download from Piriform
    http://www.Piriform.com/ccleaner/download

    I hope this helps.

    Rob Brown - Microsoft MVP<- profile="" -="" windows="" expert="" -="" consumer="" :="" bicycle=""><- mark="" twain="" said="" it="">

  • Envy of HP dv7-7332ea - System Restore does not work on windows 8

    Hey there,

    I recently bought this machine about a month ago. I used the Windows 8 System Restore feature to restore my pc to a previous state.

    However, after running it, I got a message saying: it failed and to ensure my anti virus is disabled. Accordingly, I have disabled Norton and tried again but it still does not work.

    Previously, the only problem I had with the pc was that he locked himself completely and therefore I turned off the machine that I have been unable to close.

    When I rebooted, HP Support Assistant could not run and so I uninstalled and then reinstalled from website theHP. It is now resolved. The thing is I'm a little scared that something is wrong with the machine that is the reason why I think that the system restore does not work.

    I'm a newbie on the computers here. Could you please give me some advice to diagnose if there is nothing wrong with my machine and fix the system restore?

    See you soon,.

    Damon

    Hi Damon,

    Norton is a component called 'Tamper Protection' that should be disabled before a system restore can be performed - for more details on this topic, see the following link.

    Disable self-protection.

    Kind regards

    DP - K

Maybe you are looking for