Software & Apps > Windows Remove Viruses in Windows ME, XP, 7, and Vista Disabling system restore in Windows ME, XP, 7, and Vista By Mary Landesman Mary Landesman Writer Brevard College Mary Landesman is a former freelance contributor to Lifewire and a security expert. She was named as one of the women to watch in IT security. lifewire's editorial guidelines Updated on June 2, 2021 Tweet Share Email Tweet Share Email In This Article Expand Jump to a Section How System Restore Works Everything Is Backed Up Remove Malware from Restore Points Restore With Default Start Restore With Classic Start Windows 8 and 10 Windows ME, Windows XP, Windows 7, and Windows Vista come with a feature known as System Restore that enables you to revert to specific restore points without impacting data files. How System Restore Works When new drivers or software are installed, the operating system automatically creates a restore point, so if the installation causes problems, the system restore point can be used to roll back the changes and start again. The feature acts like a "do-over," and it runs automatically. Even if no driver or software installations occur, System Restore automatically creates a restore point every day, in case you need one. As of January 2020, Microsoft is no longer supporting Windows 7. We recommend upgrading to Windows 10 to continue receiving security updates and technical support. Everything Gets Backed Up System Restore backs up everything, which includes the bad with the good. Since everything gets backed up together, a problem occurs when malware is present on the system because it's included in the restore point. When users later scan their system for a virus, they may receive a message that a virus was found in either the _RESTORE folder in Windows ME or the System Volume Information folder in Windows XP—but the antivirus software is unable to remove it. What is a PC user to do? It only takes three steps to remove that hidden virus. Windows 8 and Windows 10 include basic antivirus software already installed. Removing Malware from System Restore Points To remove the malware caught in the _RESTORE or System Volume Information folder, you must first disable System Restore. The steps for disabling System Restore vary depending on whether the default Start menu or the classic Start menu is used. We include instructions for both menus below. System Restore With Default Start Menu If you use the default Start menu, select Start > Control Panel > Performance and Maintenance > System. Next, select the System Restore tab and check Turn off System Restore. System Restore With Classic Start Menu If you use the Windows classic Start menu, select Start > Settings > Control Panel and double-click the System icon. Select the System Restore tab and check Turn off System Restore. After disabling System Restore, scan the system with an up-to-date antivirus software allowing it to clean, delete, or quarantine any viruses found. Only after the system has been disinfected, should you re-enable System Restore. After scanning the system and removing the offending malware, re-enable System Restore by repeating the steps you took to disable it, only this time, unselect Turn off System Restore. Windows 8 and 10 If you have Windows 8 or 10, go to the Control Panel and select System and Security to begin the system restore process for Windows 8 or 10. Was this page helpful? Thanks for letting us know! Get the Latest Tech News Delivered Every Day Subscribe Tell us why! Other Not enough details Hard to understand Submit