How to Disable System Restore in Windows to Remove Viruses

Windows ME and Windows XP, Windows 7 and Windows Vista, all come with a feature known as System Restore that enables users to revert to specific restore points without impacting data files. It’s a great feature. Here’s how it works: When new drivers or software are installed, the operating system automatically creates a restore point so if the installation causes problems, the system restore point can be used to roll back the changes and start again. The feature acts like a “do-over” button, and it runs automatically. Even if no driver or software installations occur, System Restore will automatically create a restore point daily – just in case.

Unfortunately, System Restore backs up everything, which includes the bad with the good. Since everything gets backed up together, a problem occurs when malware is present on the system and in due course gets included in this restore point. When users later scan their system with antivirus software, they may receive a message that a virus was found in either the _RESTORE (Windows ME) folder or the System Volume Information folder (Windows XP) but the antivirus software is unable to remove it. What is a PC user to do? Never fear, it only takes three easy steps to remove that hidden virus.

Please note: Windows 8 and Windows 10 each come with basic antivirus already installed.

Disable System Restore: To remove the malware caught in the _RESTORE or System Volume Information folder, you must first disable System Restore. Note that the steps for disabling System Restore vary depending on whether the default Start Menu or the Classic Start Menu is being used. We include instructions for both menus below.

If using the default Start Menu, click Start | Control Panel | Performance and Maintenance | System. Select the System Restore tab and check Turn off System Restore.

If using the Classic Start Menu, click Start | Settings | Control Panel and double-click the System icon. Select the System Restore tab and check Turn off System Restore.

1. Scan with Antivirus Software: Once you’ve disabled System Restore, then scan the system with up-to-date antivirus software allowing it to clean, delete, or quarantine any viruses found. Only after the system has been disinfected, should you re-enable System Restore.
2. Re-Enable System Restore: After scanning the system and removing the offending malware, re-enable System Restore by repeating the steps you took to disable it, only this time you will remove the check from Turn off System Restore. That’s it.

It’s as simple as that. For a problem that has stumped many a Windows user, the fix is one anyone can perform, which means one less trip to a PC specialist and one less pesky virus to wreak havoc on your computer.

If you operate on Windows 8 or 10, here's how to use system restore to fix major problems