dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
39
BlitzenZeus
Burnt Out Cynic
Premium Member
join:2000-01-13

2 recommendations

BlitzenZeus to Mele20

Premium Member

to Mele20

Re: If this is true, Rollback Rx could be the ultimate anti-virus

System restore is completely useless, I know malware can survive it when restored to an earlier date before it was on the system.
Mele20
Premium Member
join:2001-06-05
Hilo, HI

Mele20

Premium Member

Well then Rollback RX is useless also as it is just a paid system restore method.

As for malware possibly surviving system restore sure that can happen but not likely and if it just amounts to a folder with a file that has virus in it you can just delete it. Malware can survive a deep wiping and reinstallation of the OS so nothing is perfect.

I agree with your earlier post that the OP would be much better off practicing safe hex and having strong security in place rather than thinking he/she can surf recklessly because they can just use Rollback RX WHEN NOT IF they get in trouble.

siljaline
I'm lovin' that double wide
Premium Member
join:2002-10-12
Montreal, QC

1 recommendation

siljaline to BlitzenZeus

Premium Member

to BlitzenZeus
said by BlitzenZeus:

System restore is completely useless, I know malware can survive it when restored to an earlier date before it was on the system.

Malware generally always infests the SR archive first so SR is expunged as a measure of security. TheJoker See Profile ; LoPhatPhuud See Profile others would profess to that.

SR has it's uses although it shouldn't be used every time one makes a small installation error.

Just my .02

sivran
Vive Vivaldi
Premium Member
join:2003-09-15
Irving, TX

sivran to Mele20

Premium Member

to Mele20
Rollback Rx is more than just system restore.

jaykaykay
4 Ever Young
MVM
join:2000-04-13
USA

jaykaykay

MVM

»www.youtube.com/watch?fe ··· 920i3c5s

It's a replacement for what Symantec used to have.

mmainprize
join:2001-12-06
Houghton Lake, MI

mmainprize

Member

Yes the old "Go Back" software. These are like Acronis "Try and Decide".
These are all like sandboxes so you can go back if you screw up.

They all have problems with old snapshots. Say you make a snapshot each week. Then you restore a snapshot from 2 months ago. All work you have done in that time is lost.
Rollback has the feature to take a new snapshot to get your current files back once the old snapshot was restored, but that is a Pain, the older the snapshot is, and it may not work in all cases. Like if you got crypto-locker the snapshot after the locking is no good to recover files from. You could also restore the malware if not careful.

Any installed software during the lost two months would have to be installed again and updates also. So the older the snapshot the more work to try and get back to normal.

I guess Rollback is like a backup software but it don't need multiple TB's of storage to backup your data, it only needs the size of a snapshot.
Mele20
Premium Member
join:2001-06-05
Hilo, HI

1 recommendation

Mele20 to siljaline

Premium Member

to siljaline
Microsoft disagrees with that stance. It is far better to have a restore point that is usable as you can disinfect after you restore. Otherwise, you may have to do a full reinstall of Windows. Microsoft even explains step by step what to do if you suspect the restore point you want to use may be infected so you can restore. I don't have a bookmark to that Microsoft article on this Win 8 computer but I'll see if it is on the XP computer next time I use it.
Mele20

Mele20 to mmainprize

Premium Member

to mmainprize
The better solution would be to use a virtual machine. One with Microsoft's drop disk capability but I think that is just on their earlier versions of software for virtual machines. I liked that because whenever I finished surfing on the virtual machine and shut it down it dropped everything I had done during that session from the disk. On the virtual machines I had running on VMWare Workstation that software did snapshots and I had lots of problems if I tried to go back to an older snapshot although the most recent one generally was ok but only if it had been made very recently so I decided drop disk that Microsoft used instead of snapshots was probably better.

siljaline
I'm lovin' that double wide
Premium Member
join:2002-10-12
Montreal, QC

1 recommendation

siljaline to Mele20

Premium Member

to Mele20
I wasn't disputing the usefulness of System Restore on any PC.

My inference that using an infected SR archive could and will bite you. That was my sole argument with most uses of SR.

coldmoon
Premium Member
join:2002-02-04
Fulton, NY

coldmoon to Mele20

Premium Member

to Mele20
said by Mele20:

The better solution would be to use a virtual machine. One with Microsoft's drop disk capability but I think that is just on their earlier versions of software for virtual machines. I liked that because whenever I finished surfing on the virtual machine and shut it down it dropped everything I had done during that session from the disk. On the virtual machines I had running on VMWare Workstation that software did snapshots and I had lots of problems if I tried to go back to an older snapshot although the most recent one generally was ok but only if it had been made very recently so I decided drop disk that Microsoft used instead of snapshots was probably better.

First, you are no safer using a VM than you are using your computer for the same reasons mentioned earlier in the thread. Next, the idea of Drop Disk is the same basic idea behind boot-to-restore. Where it becomes security is in the design of the instant system recovery, how it does or does not protect content being saved to disk, and at what level the virtualization is working at (ref: file system or disk).

What you need to do is to think in layers with security and programs like our RVS and Quietzone work within a layered strategy to ENFORCE a clean state and provide a simple, effective means to preserve workstation productivity and availability.

Backups and full images are also part of an effective strategy as they allow you to recover in the worst case scenario such as equipment/hardware failure and disasters.

Mike