1. Computing

Disabling System Restore to remove viruses

By

Windows ME and Windows XP both come with a feature known as System Restore that enables users to revert to specific restore points without impacting data files. When new drivers or software are installed, the operating system automatically creates a restore point. If the installation causes problems, the system restore point can be used to rollback the changes. If no driver or software installations occur, System Restore will automatically create a restore point daily.

Unfortunately, System Restore backs up the bad with the good, thus a problem occurs when malware is present on the system and gets included in this restore point. When users later scan their system with antivirus software, they may receive a message that a virus was found in either the _RESTORE (Windows ME) folder or the System Volume Information folder (Windows XP) but the antivirus software is unable to remove it.

Removing malware from System Restore points
To remove the malware, you must first disable System Restore, then scan the system with up-to-date antivirus software - allowing it to clean, delete, or quarantine any viruses found. After the system has been disinfected, you may then re-enable System Restore. The steps for disabling System Restore vary, depending on whether the default Start Menu or the Classic Start Menu is being used.

Default Start Menu
If using the default Start Menu, click Start | Control Panel | Performance and Maintenance | System. Select the System Restore tab and check "Turn off System Restore".

Classic Start Menu
If using the Classic Start Menu, click Start | Settings | Control Panel and double-click the System icon. Select the System Restore tab and check "Turn off System Restore".

After scanning the system and removing the offending malware, re-enable System Restore by repeating the steps, this time removing the check from "Turn off System Restore".

Microsoft provides more information on System Restore in their System Restore FAQs

  1. About.com
  2. Computing
  3. Antivirus Software
  4. Windows Security Guides
  5. Disabling System Restore to Remove Viruses

©2014 About.com. All rights reserved.