Why not to use systemrestore when infected?
Using systemrestore is something which comes to your mind quite quickly when something has gone wrong with your system. Systemrestore is a nice option for solving problems created by adding hardware, updating drivers etc. Systemrestore isn't meant to solve problems created bij a virus, spyware/adware or to remove software which you cannot manually uninstall. Why?
- A lot of viruses infect the systemrestore files, which means you can use systemrestore as often as you'd like but the virus will stay there
- The systemrestore option is disabled by some viruses so sometimes it isn't even available
- Systemrestore will only restore systemfiles, the windows registry will not change. In oher words: the values left there by the virus adware/spyware, will stay there, slowing down your system and creating a mess.
- The aboven reason also applies to using systemrestore to uninstall software which you cannot remove manually. A mess of unuseable values will stay in the registry. This can even cause problems when you try to reinstall the removed program, telling it's allready installed. (that makes sense doesn't it, the setup looks into the registry and sees the values are allready there)
- When a virus 'hides' itself by changing it's extension to that of a non executable or systemfile, windows will most probably skip the file when restoring, meaning it'll stay there.