Purging System Restore PRIOR to Uninstallations

  • Thread starter Thread starter Craig
  • Start date Start date
C

Craig

I've come across a post in a user forum that suggests "turning off
System Restore BEFORE you un-install anything".

My reflex reaction and position:
I can think of no compelling reason for following this advise under any
circumstances short of at the direction of a malware eratication
program/tool/checklist from a trusted source. Failing that (even if
dealing with the extreme of malware eradication), I would refrain from
purging the restore point data until AFTER the eratication, as I would
not as a general rule want to forsake ANY potential recovery resource
unless and until absolutely necessary (for example, there's always the
possible scenario where the malware infection is mistakenly determined
to begin with). Is not my understanding correct that System Restore
point data is contained and thus benign unless and UNTIL such time that
it is called upon to accomplish an actual restore (unless of-course the
identified malware's modus operandi is to replicate from the infected
restore point directory itself)? In sum, I most certainly for anything
less extreme as malware eratication, would not ever follow this
proposed advise.

I would be most interested in hearing any thoughts by others as to
anything I might be overlooking, or something flawed in my stated
assessment, reasoning or position.

Thanx in advance for your relies.
 
I've come across a post in a user forum that suggests "turning off
System Restore BEFORE you un-install anything".

My reflex reaction and position:
I can think of no compelling reason for following this advise under any
circumstances short of at the direction of a malware eratication
program/tool/checklist from a trusted source. Failing that (even if
dealing with the extreme of malware eradication), I would refrain from
purging the restore point data until AFTER the eratication, as I would
not as a general rule want to forsake ANY potential recovery resource
unless and until absolutely necessary (for example, there's always the
possible scenario where the malware infection is mistakenly determined
to begin with). Is not my understanding correct that System Restore
point data is contained and thus benign unless and UNTIL such time that
it is called upon to accomplish an actual restore (unless of-course the
identified malware's modus operandi is to replicate from the infected
restore point directory itself)? In sum, I most certainly for anything
less extreme as malware eratication, would not ever follow this
proposed advise.

I would be most interested in hearing any thoughts by others as to
anything I might be overlooking, or something flawed in my stated
assessment, reasoning or position.

Thanx in advance for your relies.

I've seen that advice (disable System Restore before uninstalling anything)
and been surprised by it as well. I feel the same way that you do about it
- it's wrong.

My vote goes to keeping the restore points and even (especially?) if you
are repairing from a malware intrusion. If something goes awry during
cleanup, you still have those restore points to fall back on. Even an
infected restore point could be useful if the only other choice is a
machine that won't boot. Once the machine is clean, then reset System
Restore to clear out any residual restore points that may be infected.
 
Hi Craig,

This statement is wrong! I agree with your assessment of how System
Restore should be used. You are correct, any virus or malware living
in the SR volume is benign until such time as the is restored to that
point.
Just because there is a dormant virus in SR doesn't mean it time to
panic. I would rather boot to a damaged system than not boot at all.

Here's my take on Keeping System Restore Healthy
http://home.earthlink.net/~mvp_bert/html/healthy.html
 
Thank you Sharon and Bert for your prompt replies. This one has been
nagging me for a while thinking there was something I might be
overlooking. But once again, the adage holds true..."Your first
instinct is probably the correct one". Nonetheless, I didn't want to
take any chances being it involved a system recovery tool.

"Today's the best day of my life...and NOW you're part of it!"...Craig
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Back
Top