Would doing System restore but not removing data files remove a Win32 virus?

Long story short, I have a Win32 virus on WinXP SP2, and disabled task manager, command prompt, and even AVG Antivirus Free Edition. So I’m going to do a system restore, but it has two options. Normal System Restore and the “Destructive Method”. Normal system restore I guess removes all programs and files and returns to factory default, however the Destructive method apparently removes all data files created as well.

So, question: Would a Win32 virus create any data files, and if so, does that mean I should do the destructive method, or will a normal system restore remove it? I’m worried because I’m not sure if there are actually any data files worth keeping, mostly because I’m not sure what a data file is.

Also, bonus question, you don’t have to answer, but: I’m dual booting XP and Ubuntu 9.10 and I have the live cd. So I know system restore will remove the Grub menu and replace the MBR, but I wanna know if it will also delete the linux partition. or will recovery simply recover the windows partition, leave the Ubuntu one intact, and all I’d have to do is insert the Live CD and restore the grub menu to access it?
D: Thanks so much, first answerer, but also, AVG says asyncmac.sys is infected, but it can’t remove the virus because asyncmac is white-listed. Will this be an issue with the antiviruses you recommended?

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Spam Protection by WP-SpamFree