system restore points

Discussion in 'ESET NOD32 Antivirus' started by cassio, Sep 26, 2011.

Thread Status:
Not open for further replies.
  1. cassio

    cassio Registered Member

    Joined:
    Feb 3, 2005
    Posts:
    6
    The official ESET KB article on what to do if you have a virus suggests using system restore. I have witnessed this occasionally work.

    I have also heard from the big-name vendors that you should disable system restore to allow any viruses that may lurk there to be disabled.

    Any opinions on which is correct? Does it depend on the infection?

    I am currently dealing with a system that did have Security Shield 2011. I killed it in the task manager. A subsequent scan with ESET Online scan found the trojan and deleted/quarantined it.
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    I'd keep it enabled so that you can revert to a functional restore point in the event of a serious issue.
    If malware is found in the system restore folder I, for one, prefer scanning & cleaning it under the account that has read/write permissions to that folder.
     
  3. Sacles

    Sacles Registered Member

    Joined:
    Dec 8, 2004
    Posts:
    372
    Location:
    Belgique
    Hello,
    Restore points are encrypted, it is a nest of false positives.

    Personally, I never do scan for this files. If a system has never been infected, there is no reason why the restore points are infected.

    Disable restore points is a very bad advice.
     
  4. cassio

    cassio Registered Member

    Joined:
    Feb 3, 2005
    Posts:
    6
    And how do I verify which account has read/write access to this folder?
     
Thread Status:
Not open for further replies.