If the malware replaces your "official" DNS settings with malicious entries, just removing those would leave you without any DNS servers at all - thus disconnected from the net (unless you want know and want to type in IPs for all sites you want to visit ).

For Spybot, it is quite difficult to guess which your settings where; it could remember what they were during installation (which would make the removal ineffective if the malware already was in place when you install Spybot), or it could look it up in one of those backup copies of settings (which also would just restore the same bad settings if you had the malware long enough to get backed up by Windows).

Using benign settings inside our database might not result in as fast DNS servers as the ones from your provider might be, but they're safer than using machine backups that might have been compromised as well. Since the replacement takes only place when something bad was found, I think a better chance to have a clean DNS server is more important than to have the original one, but more danger of restoring a compromised setting.