Others have said it already, but I'll say it again: if you suspect a program is malware, taking a Windows restore point won't help much.
If you suspect the program may write to places where you don't want it to write, what you need to back up is the places where it may write. A restore point would only back up the system configuration, but the malware could hide things in other places. The bare minimum you need to do to protect against such malware is to run it as a different user that does not have the permission to write anywhere except to some scratch space.
If you suspect the program may read your private data, you need to run it in such a way that it won't be able to read your private data. A back up won't help. Again, running the program as its own user will provide a little protection.
But if you want reasonable protection, you need a lot more isolation that this. Run the program inside a virtual machine that doesn't have any network connection (and on which you aren't storing any data, obviously). You can take a snapshot of the VM before you run the program, so you can later restore that snapshot and use the VM for other purposes.
1"system restores" or "snapshots" or whatever you want to call them are not going to ever be great protection against malware, unless you mean a full backup and restore process. These days, if the question is "I want to run something that may be malware" then my first answer is still "Don't" but my second answer would be "if you must, then run it in a virtual machine". – Rob Moir – 2010-09-20T08:33:38.117