How System Restore Works
When new drivers or software are installed, the operating system automatically creates a restore point, so if the installation causes problems, the system restore point can be used to roll back the changes and start again. The feature acts like a “do-over,” and it runs automatically. Even if no driver or software installations occur, System Restore automatically creates a restore point every day, in case you need one.
Everything Gets Backed Up
System Restore backs up everything, which includes the bad with the good. Since everything gets backed up together, a problem occurs when malware is present on the system because it’s included in the restore point. When users later scan their system for a virus, they may receive a message that a virus was found in either the _RESTORE folder in Windows ME or the System Volume Information folder in Windows XP—but the antivirus software is unable to remove it. What is a PC user to do? It only takes three steps to remove that hidden virus.
Removing Malware from System Restore Points
To remove the malware caught in the _RESTORE or System Volume Information folder, you must first disable System Restore. The steps for disabling System Restore vary depending on whether the default Start menu or the classic Start menu is used. We include instructions for both menus below.
System Restore With Default Start Menu
If you use the default Start menu, select Start > Control Panel > Performance and Maintenance > System. Next, select the System Restore tab and check Turn off System Restore.
System Restore With Classic Start Menu
If you use the Windows classic Start menu, select Start > Settings > Control Panel and double-click the System icon. Select the System Restore tab and check Turn off System Restore. After disabling System Restore, scan the system with an up-to-date antivirus software allowing it to clean, delete, or quarantine any viruses found. Only after the system has been disinfected, should you re-enable System Restore. After scanning the system and removing the offending malware, re-enable System Restore by repeating the steps you took to disable it, only this time, unselect Turn off System Restore.
Windows 8 and 10
If you have Windows 8 or 10, go to the Control Panel and select System and Security to begin the system restore process for Windows 8 or 10.
