No announcement yet.

Query regarding the restore time.

  • Filter
  • Time
  • Show
Clear All
new posts

  • Query regarding the restore time.


    I am a PhD scholar, working on malware detection mechanisms. For our large scale analysis of malware samples, we are looking for a mechanism to reset the system to its clean state after each malware sample is analyzed. In this regard, we find reboot Restore Rx very promising. We had the following queries regarding this.

    1) I understand the system snapshot is stored in the same harddisk? Will this be able to recover the system from malware rootkits that may corrupt the boot sequence of the system as well.

    2) Is there a way of storing the snapshot remotely?

    3) I understand the time take for the restore is as additional of ~36s at reboot. Will this be the same across for server machines as well?

    4) Is the time taken for restore dependant on the size of the harddisk or the machine hardware?

    I would be grateful if anyone can help me with these details. This will help us finalize the reset mechanism.


  • #2
    Hi there Sareena,

    1) The Subsystem ( the main portion of the program) is located in the boot sector and loads up before windows, so even if you get hit by ransomware or whatever, you can always access this subsystem (looks like the bios) and you can choose a snapshot to restore to.

    2) Unfortunately there's no way to store the snapshot remotely. Since snapshots themselves are not ISO files or some sort of tangible file to move around.

    3)Roughly the same amount for servers depend on raid configuration but its usually the same.

    4)Hard drive disk space and snapshot sizes usually impact restore time but its usually not by much.

    If you have any questions please let me know.

    Thank you