How to Remove Infected Restore Points from Windows Vista

By Andy Rathbone

Many times, you can simply run your anti-virus program and it will remove all traces of a virus. However, if you’ve removed a virus and it reappears again, you have a virus that is able to restore itself using Vistas System Restore Points as a hiding place. The only way to permanently remove this kind of persistent infection is to remove the infected restore points as well.

1Click Start, right-click Computer, and choose Properties.

Vista shows you some basic information about your computer, as a well as a few task options.

2Choose System Protection from the task pane along the left.

You see the System Protection tab of the System Properties dialog box.

3Remove the check mark from any checked boxes in the Automatic Restore Points section.

When you deselect these options, Vista asks to make sure you know what you’re doing.

4Click Turn System Restore Off.

You return to the System Properties dialog box.

5Click OK to close the window; then restart your computer.

To reboot, click the Start button, click the right-pointing arrow to the right of the padlock, and choose Restart.

6Update your antivirus program with the latest virus definitions, scan, and disinfect your entire computer.

Exactly how you do this depends on which virus-protection software you’re using.

7When the computer is disinfected, reboot again. Then repeat Steps 1 through 3, except that in Step 3, place a check in the box marked Local Disk (C:) (System) and then click OK.

When you’re through, create a new restore point named after the virus you’ve just disinfected. That leaves you with a safe restore point for future use.