maps-outline
maps-outline
maps-outline
HomeForumFixIEDefDownloadsLinksRecentSitemap
Username:    Password:    Remember me     

How To Enable and Disable System Restore

What is System Restore?

System Restore is a component of Microsoft's Windows ME, Windows XP, Windows Vista and Windows 7 operating systems that allows for the rolling back of system files, registry keys, installed programs, etc., to a previous state in the event of a malfunction or failure. System Restore is only available on NTFS formatted drives.

System Restore helps you restore your computer's system files to an earlier point in time. It's a way to undo system changes to your computer without affecting your personal files, such as e-mail, documents, or photos.

Sometimes, the installation of a program or a driver can cause an unexpected change to your computer or cause Windows to behave unpredictably. Usually, uninstalling the program or driver corrects the problem. If uninstalling does not fix the problem, you can try restoring your computer's system to an earlier date when everything worked correctly.

System Restore uses a feature called System Protection to regularly create and save restore points on your computer. These restore points contain information about registry settings and other system information that Windows uses. You can also create restore points manually.

System Restore is not intended for backing up personal files, so it cannot help you recover a personal file that has been deleted or damaged. You should regularly back up your personal files and important data using a backup program.

Location of System Restore Files

System Restore stores Restore Points in a Super Hidden folder called "System Volume Information\_Restore" in the root of every NTFS drive, partition or volume, including most external drives and USB storage devices. On drives or partitions that are not monitored by System Restore this folder will be very small, or completely empty, unless Encrypting File System is in use or the Indexing Service is turned on. System Restore will automatically purge the oldest Resotre Points, once the storage size limit has been reached.

INFORMATION
info.pngIf the System Volume Information folder is deleted, it will be recreated automatically.

Why Disable System Restore

CAUTION
caution.pngDisabling System Restore/System Protection will delete all existing restore points.

System Restore backs up the bad with the good. Normally the final step of malware cleaning it to turn off and on System Restore to eliminate the presence of malware infected files in the System Restore points.

NOTE
note.pngOnly turn off and on System Restore after disinfecting your computer. An infected restore point is better than no restore point.

AntiVirus Programs and System Restore

Antivirus Tools Cannot Clean Infected Files in the System Restore Folder.

The System Restore feature in Windows protects all folders and files in the System Restore folder on the Windows partition. This folder and all of its subfolders are the data store that the System Restore feature uses to restore your computer's operating system to a previous state from a previous point in time.

Although some antivirus programs may have the ability to work with files that have been compressed or stored in .zip or .cab file format, the System Restore feature does not permit these utilities to manipulate these files within the data store. The data store is protected for data integrity purposes, and the System Restore feature is the only method you can use to obtain access to the data store. Because of this, the antivirus program is unable to remove the virus from the file or files in the data store. The files in the data store are inactive and can be used only by the System Restore feature.

Enable or Disable System Restore

Windows ME

  • Disable
    1. Right-click the My Computer icon on the Desktop and click Properties.
    2. Click the Performance tab.
    3. Click the File System button.
    4. Click the Troubleshooting tab.
    5. Check the box next to Disable System Restore.
    6. Click OK.
    7. Click Yes when prompted to restart.
  • Enable
    1. Right-click the My Computer icon on the Desktop and click Properties.
    2. Click the Performance tab.
    3. Click the File System button.
    4. Click the Troubleshooting tab.
    5. Uncheck the box next to Disable System Restore.
    6. Click OK.
    7. Click Yes when prompted to restart.

Windows XP

  • Disable
    1. Right-click the My Computer icon on the Desktop and click Properties.
    2. Click the System Restore tab.
    3. Check the box next to Turn off System Restore on All Drives.
    4. Click OK.
    5. Click Yes when prompted to restart.
  • Enable
    1. Right-click the My Computer icon on the Desktop and click Properties.
    2. Click the System Restore tab.
    3. Uncheck the box next to Turn off System Restore on All Drives.
    4. Click OK.
    5. Click Yes when prompted to restart.

Windows Vista

  • Disable
    1. Click the Start button.
    2. Click Control Panel.
    3. Click System and Maintenance.
    4. Click System.
    5. In the left pane, click System Protection. If prompted, enter your Administrator password or click Continue.
    6. Uncheck the box next to the disk on which you wish to disable System Restore.
    7. Click OK.
  • Enable
    1. Click the Start button.
    2. Click Control Panel.
    3. Click System and Maintenance.
    4. Click System.
    5. In the left pane, click System Protection. If prompted, enter your Administrator password or click Continue.
    6. Check the box next to the disk on which you wish to disable System Restore.
    7. Click OK.

Windows 7

  • Disable
    1. Right-click the My Computer icon on the Desktop and click Properties.
    2. In the left pane, click System Protection. If prompted, enter your Administrator password or click Continue.
    3. Under Protection Settings, select the drive for which you want to change Protection Settings, and then click Configure.
    4. Select Turn off system protection.
    5. Click Apply.
    6. Click OK.
  • Enable
    1. Right-click the My Computer icon on the Desktop and click Properties.
    2. In the left pane, click System Protection. If prompted, enter your Administrator password or click Continue.
    3. Under Protection Settings, select the drive for which you want to change Protection Settings, and then click Configure.
    4. Select Restore system settings and previous versions of files.
    5. Click Apply.
    6. Click OK.
COPYRIGHT NOTICE
warn.pngYou may not reproduce this article in whole or part without the express permission of the author and MalwareTeks.
REVISED: December 30th, 2009
Web Tools
Cyber Threat Level
Donate
If you found this site useful, and has helped you in any way, please consider donating. All donations, great and small, are greatly appreciated.


Official PayPal Seal
Shopping
Google Ads
Featured
Recommended Blogs
Ben Edelman
Bits from Bill
evilfantasys blog
Hosts News
Krebs On Security
Malware Advisor
Security Cadets Blog
Security Garden
Spyware Sucks
SunbeltBLOG
The Ashimmy Blog
Vitalsecurity.org
Windows Secrets
Amazon Store
Recommended Sites
ASAP  

Malware Complaints  

Major Geeks  

Emsisoft Support  

Malwarebytes  

hpHosts  

WinPatrol  

OpenDNS  

WOT Web of Trust  
Advertisement
RSS Feeds
Our news can be syndicated by using these rss feeds.
rss1.0
rss2.0
rdf
Advertisement

< About Us | Terms of Service | Acceptable Use Policy | Copyright Notice | Privacy Policy | Software Piracy | Want to Help? | Link to Us | Advertise With Us | Contact Us >


Copyright 2006-2010 MalwareTeks

All products mentioned herein are the trademarks of their respective owners.
In addition, images, logos, pictures or other material may be trademarks or registered trademarks of their respective owners.

Site by Zoll Technologies
Protected by: ZB BLOCK 


ICRA.org
Banner