[Windows] Easily remove malware, viruses, and unwanted changes by rebooting with Reboot Restore Rx

reboot_restore_rxWhen it comes to protecting your computer, there is traditional protection in the form of anti-virus, firewall, etc. Then there is unorthodox protection vis-a-vis wiping all changes made to computer upon reboot; you know, similar to the functionality provided by programs like Windows SteadyState, Returnil System Safe, DeepFreeze, Drive Vaccine, etc. Reboot Restore Rx is a freeware program that also provides this same functionality.

What is it and what does it do

Main Functionality

Reboot Restore Rx is a program that removes all changes made to your computer when you restart or shut down. This includes all changes: files/folders downloaded or modified or deleted, Windows settings customized, registry changed, programs installed or uninstalled, malware infections, etc.

Take note Reboot Restore Rx is true freeware — it can be used for home and commercial use, including education and not-for-profit. In fact, Reboot Restore Rx was originally created for use by schools but of course can be used for other purposes, too.

Also take note Reboot Restore Rx is not a replacement for anti-virus/anti-malware; it is a supplement.

Pros

  • Removes any and all changes made to computer by restoring computer back to the ‘baseline’ state after you restart or shut down
    • Note: Baseline state is the state of your computer (files, folders, settings, etc.) when you install Reboot Restore Rx. This baseline can be updated periodically at your own leisure if you have changes you want to keep.
  • Allows users to easily modify the baseline state by disabling protection, making changes to computer that you want to keep, then re-enabling protection. Upon re-enabling protection, baseline is updated to include all the changes you made to your computer while protection was disabled. This allows you to easily update your computer (e.g. Windows update, update programs, etc.) and ensure Reboot Restore Rx does not undo those desired changes.
  • Has a ‘Mini OS’ feature which works outside of Windows. Mini OS runs prior to Windows booting (i.e. runs “under” Windows) and is what restores your computer back to baseline state. Mini OS ensures literally everything is protected and restored, including Master Boot Record, and ensures corrupted Windows can also be restored back to baseline.
  • Allows users to select which partitions on their hard drive they want to protect — doesn’t just protect C:/ (you make the selection during installation of Reboot Restore Rx and cannot change after installation)
  • Extremely easy-to-use; install the program, select which partitions you want to protect, and go — Reboot Restore Rx automatically creates the baseline and restores to baseline every time you reboot
  • Is relatively lightweight and should not bog down your computer — roughly 20MB of RAM usage while idle (although this may vary from computer to computer)

Cons

  • There is no ability to password protect the program to prevent unauthorized changes to baseline or to prevent users from disabling/uninstall Reboot Restore Rx. Indeed, anyone that is using the computer can easily update the baseline and/or disable and/or uninstall Reboot Restore Rx.
  • Does not have self-protection capabilities to prevent malware/viruses from force closing the program
    • Note: As per my tests, even when Reboot Restore Rx is force closed, if it was enabled prior to force closing then it still restores back to baseline state upon restart/shut down. So the only thing lack of self-protection does is annoying the heck out of the user who want to update the baseline from within Windows by closing Reboot Restore Rx’s system tray client.
  • Is hidden from Add/Remove Programs — you need to manually run uninstall.exe from C:\RebootRestoreRx\program files\Shield if you want to uninstall Reboot Restore Rx
  • Can protect multiple partitions on the same hard drive but is unable to protect multiple hard drives — will only protect your primary drive
  • Has no ability to provide users with a “safe” location in which users can save files/folders they want to keep after reboot. So the only way to keep changes made to files/folders is by updating the baseline, which incorporates all changes made to computer and people may not necessarily want to do that
    • Note: You can, technically speaking, create your own “safe” location to use with Reboot Restore Rx. This can be done by partitioning your hard drive to include a new partition and not protecting that partition with Reboot Restore Rx. Then whenever you want to ensure files are saved even after reboot, place the files in that unprotected partition.
  • No message is displayed prior to restart/shut down that all changes made to computer will be undone; there should be a warning message display to remind users to save files/folders/changes they desire to keep by either updating the baseline or saving data elsewhere (e.g. on the cloud or external hard drive), else users may forget and unintentionally lose their work/data

Discussion

2013-04-10_202109Reboot Restore Rx is a relatively new program developed by a company — Horizon Data Sys — that has been in the “system rollback” business (as this is called) for over a decade. The idea behind Reboot Restore Rx, as explained by the CEO of Horizon Data Sys, was to provide a freeware solution to schools who were screwed when Microsoft ended support for SteadyState. Hence Reboot Restore Rx was born, a stripped-down version of Horizon Data Sys’ shareware product Drive Vaccine. (Note: While the intention for Reboot Restore Rx was for use by schools, it is completely freeware and can be used by anyone.)

In that regard, Reboot Restore Rx does exactly what it claims: every time you shut down or restart your computer, your computer is rolled back to the baseline state. This means all changes made to your computer (files modified, new files, new programs, programs uninstalled, malware infections, etc.) are undone; your computer is reverted to the state it was when the baseline was created.

The first baseline of your computer is created after you install Reboot Restore Rx. During installation, you are asked which partitions you want to protect and after installation you must restart your computer. After that initial after-install-restart, your first baseline is created. Every time you restart or shutdown your computer after that moment will result in your computer being restored to that baseline.

If you ever want to update the baseline to keep recent changes you make to your computer or files/data, e.g. you want to apply Windows Updates, you can. All you have to do to update the baseline is temporarily disable Reboot Restore Rx protection by right-clicking the system tray icon and unchecking ‘Restore on Reboot’. Then when you recheck ‘Restore on Reboot’ a new baseline is created based on the state of your computer and files/data at that moment. The whole process takes less than a minute, typically.

My biggest issue with Reboot Restore Rx is that is a bit too simple. Most notably, it has no way to prevent unauthorized changes to the baseline or to prevent users from simply disabling or uninstalling Reboot Restore Rx. There is no password protection of the program. Lacking this type of protection is irrelevant if you are using Reboot Restore Rx on your personal computer. However, not having password protection makes Reboot Restore Rx semi-useless on shared computers (such as at school) because users can easily circumvent its protection. Hopefully the developer will add this feature in future updates.

That said, let me provide some commentary on Reboot Restore Rx’s ability to remove malware infections upon reboot.

As per my tests, Reboot Restore Rx does indeed remove all changes made to computer — including removing malware. So, in theory, Reboot Restore Rx will provide you with, as the developer says, “bullet-proof protection” against all malware, because it reverts your computer back to a prior state which makes it as if you were never infected in the first place. However, all programs have security holes that can be exploited (e.g. the developer of beloved Sandboxie openly admits: “…from time to time, people are able to find some vulnerability in Sandboxie, an open hole through which malicious software can still infiltrate the system. This happens once every few months, on average, and is quickly resolved by closing the hole that is the attack vector. “); it isn’t a matter of if a program has a vulnerability but rather a matter of when it is found and who it is found by. So, while in theory Reboot Restore Rx will protect you against all malware, in practice there may be some malware that sneak by Reboot Restore Rx if they exploit an unknown vulnerability in Reboot Restore Rx.

This issue is not unique to Reboot Restore Rx; it affects all programs. The only way to combat this threat is by the developer of Reboot Restore Rx regularly issuing updates that plug security vulnerability as they are found. So I took a look to see how quickly the developer pushes out updates for Reboot Restore Rx. Unfortunately, Reboot Restore Rx is a new program currently at v1.0 released in March 2013, so there is no update history to follow. However, I looked at the update history for Drive Vaccine and R0llback Rx (two similar but shareware programs by the same developer) and it appears that the developer issues roughly every 6-12 months. Is that a good update timeline? Typically I’d say “no, that is too slow” but it all depends on how many vulnerabilities in Reboot Restore Rx are discovered. If it is a relatively well programmed program with little vulnerabilities, updates every 6-12 months are no big deal. However, if Reboot Restore Rx turns out to be a program with massive amounts of security holes, then 6-12 months is way too slow and you should not use this program as a form of protection against malware. Since Reboot Restore Rx is a new program, it is hard to make this judgement right now — only time will tell.

By point about the discussion on Reboot Restore Rx’s ability to remove malware isn’t necessarily to scare you away from Reboot Restore Rx. Rather, my point is to ensure you don’t remove your anti-virus/anti-malware thinking you are protected by Reboot Restore Rx. Reboot Restore Rx should be used in conjunction with your anti-virus/anti-malware, not as a replacement. The two won’t conflict (but you will need to manually update the baseline at least once a day to ensure you are getting anti-virus/anti-malware database updates) and will work well together, especially seeing as Reboot Restore Rx is not a resource hod (little to no CPU consumption and roughly 20MB RAM usage while idle).

Conclusion and download link

Reboot Restore Rx does exactly what it claims to do: remove all changes (including malware infections) made to your computer upon reboot. I don’t recommend using Reboot Restore Rx in a public setting due to its lack of password protection but it is a nice tool for use at home or on a private computer, either as a secondary layer to protect yourself from malware or as a tool to use when you want to test new programs without risking damage to your system. Overall, Reboot Restore Rx is a decent program; it is worth at least checking out if you are in the market for a program like this.

Price: Free

Version reviewed: 1.0

Supported OS: Windows 2000/XP/Vista/Win7/Win8 (32-bit and 64-bit)

Download size: 4.5MB

VirusTotal malware scan results: 1/45

Is it portable? No

Reboot Restore Rx homepage

Related Posts