- dotTech - http://dottech.org -

[Windows] Easily remove malware, viruses, and unwanted changes by rebooting with Reboot Restore Rx

reboot_restore_rx [1]When it comes to protecting your computer, there is traditional protection in the form of anti-virus [2], firewall [3], etc. Then there is unorthodox protection vis-a-vis wiping all changes made to computer upon reboot; you know, similar to the functionality provided by programs like Windows SteadyState, Returnil System Safe, DeepFreeze, Drive Vaccine, etc. Reboot Restore Rx is a freeware program that also provides this same functionality.

What is it and what does it do

Main Functionality

Reboot Restore Rx is a program that removes all changes made to your computer when you restart or shut down. This includes all changes: files/folders downloaded or modified or deleted, Windows settings customized, registry changed, programs installed or uninstalled, malware infections, etc.

Take note Reboot Restore Rx is true freeware — it can be used for home and commercial use, including education and not-for-profit. In fact, Reboot Restore Rx was originally created for use by schools but of course can be used for other purposes, too.

Also take note Reboot Restore Rx is not a replacement for anti-virus/anti-malware [2]; it is a supplement.

Pros

Cons

Discussion

2013-04-10_202109 [5]Reboot Restore Rx is a relatively new program developed by a company — Horizon Data Sys — that has been in the “system rollback” business (as this is called) for over a decade. The idea behind Reboot Restore Rx, as explained by the CEO of Horizon Data Sys, was to provide a freeware solution to schools who were screwed when Microsoft ended support for SteadyState. Hence Reboot Restore Rx was born, a stripped-down version of Horizon Data Sys’ shareware product Drive Vaccine. (Note: While the intention for Reboot Restore Rx was for use by schools, it is completely freeware and can be used by anyone.)

In that regard, Reboot Restore Rx does exactly what it claims: every time you shut down or restart your computer, your computer is rolled back to the baseline state. This means all changes made to your computer (files modified, new files, new programs, programs uninstalled, malware infections, etc.) are undone; your computer is reverted to the state it was when the baseline was created.

The first baseline of your computer is created after you install Reboot Restore Rx. During installation, you are asked which partitions you want to protect and after installation you must restart your computer. After that initial after-install-restart, your first baseline is created. Every time you restart or shutdown your computer after that moment will result in your computer being restored to that baseline.

If you ever want to update the baseline to keep recent changes you make to your computer or files/data, e.g. you want to apply Windows Updates, you can. All you have to do to update the baseline is temporarily disable Reboot Restore Rx protection by right-clicking the system tray icon and unchecking ‘Restore on Reboot’. Then when you recheck ‘Restore on Reboot’ a new baseline is created based on the state of your computer and files/data at that moment. The whole process takes less than a minute, typically.

My biggest issue with Reboot Restore Rx is that is a bit too simple. Most notably, it has no way to prevent unauthorized changes to the baseline or to prevent users from simply disabling or uninstalling Reboot Restore Rx. There is no password protection of the program. Lacking this type of protection is irrelevant if you are using Reboot Restore Rx on your personal computer. However, not having password protection makes Reboot Restore Rx semi-useless on shared computers (such as at school) because users can easily circumvent its protection. Hopefully the developer will add this feature in future updates.

That said, let me provide some commentary on Reboot Restore Rx’s ability to remove malware infections upon reboot.

As per my tests, Reboot Restore Rx does indeed remove all changes made to computer — including removing malware. So, in theory, Reboot Restore Rx will provide you with, as the developer says, “bullet-proof protection” against all malware, because it reverts your computer back to a prior state which makes it as if you were never infected in the first place. However, all programs have security holes that can be exploited (e.g. the developer of beloved Sandboxie openly admits: “…from time to time, people are able to find some vulnerability in Sandboxie, an open hole through which malicious software can still infiltrate the system. This happens once every few months, on average, and is quickly resolved by closing the hole that is the attack vector. “); it isn’t a matter of if a program has a vulnerability but rather a matter of when it is found and who it is found by. So, while in theory Reboot Restore Rx will protect you against all malware, in practice there may be some malware that sneak by Reboot Restore Rx if they exploit an unknown vulnerability in Reboot Restore Rx.

This issue is not unique to Reboot Restore Rx; it affects all programs. The only way to combat this threat is by the developer of Reboot Restore Rx regularly issuing updates that plug security vulnerability as they are found. So I took a look to see how quickly the developer pushes out updates for Reboot Restore Rx. Unfortunately, Reboot Restore Rx is a new program currently at v1.0 released in March 2013, so there is no update history to follow. However, I looked at the update history for Drive Vaccine and R0llback Rx (two similar but shareware programs by the same developer) and it appears that the developer issues roughly every 6-12 months. Is that a good update timeline? Typically I’d say “no, that is too slow” but it all depends on how many vulnerabilities in Reboot Restore Rx are discovered. If it is a relatively well programmed program with little vulnerabilities, updates every 6-12 months are no big deal. However, if Reboot Restore Rx turns out to be a program with massive amounts of security holes, then 6-12 months is way too slow and you should not use this program as a form of protection against malware. Since Reboot Restore Rx is a new program, it is hard to make this judgement right now — only time will tell.

By point about the discussion on Reboot Restore Rx’s ability to remove malware isn’t necessarily to scare you away from Reboot Restore Rx. Rather, my point is to ensure you don’t remove your anti-virus/anti-malware thinking you are protected by Reboot Restore Rx. Reboot Restore Rx should be used in conjunction with your anti-virus/anti-malware [2], not as a replacement. The two won’t conflict (but you will need to manually update the baseline at least once a day to ensure you are getting anti-virus/anti-malware database updates) and will work well together, especially seeing as Reboot Restore Rx is not a resource hod (little to no CPU consumption and roughly 20MB RAM usage while idle).

Conclusion and download link

Reboot Restore Rx does exactly what it claims to do: remove all changes (including malware infections) made to your computer upon reboot. I don’t recommend using Reboot Restore Rx in a public setting due to its lack of password protection but it is a nice tool for use at home or on a private computer, either as a secondary layer to protect yourself from malware or as a tool to use when you want to test new programs without risking damage to your system. Overall, Reboot Restore Rx is a decent program; it is worth at least checking out if you are in the market for a program like this.

Price: Free

Version reviewed: 1.0

Supported OS: Windows 2000/XP/Vista/Win7/Win8 (32-bit and 64-bit)

Download size: 4.5MB

VirusTotal malware scan results: 1/45 [6]

Is it portable? No

Reboot Restore Rx homepage [7]