One handy tool that is built into all Microsoft Windows operating systems is called System Restore. This feature can be especially helpful when your computer starts to experience problems and you want to revert back to a previous working state. The easiest way to understand System Restore is to think of it as a “time machine.”
How System Restore Can Help Remove Viruses, Spyware, and other Malware
When your computer becomes infected, the virus itself will affect several different parts of the operating system. The most important part is called the Registry. The Registry is essentially a giant hive of data that tells the operating system what to do. If your registry becomes compromised by malicious software, the computer can behave in unwanted ways. System Restore allows us to quickly switch the registry back to a previous data and time that was before the computer was compromised.
If you CANNOT access the Desktop
Some Malware can block access to the normal startup of your computer. If this is the case, you’re in luck! Using Safe Mode with Command Prompt, we can easily start the System Restore process.
Windows 7 / Windows Vista / Windows XP Users
1.) Tap the F8 key on your keyboard immediately after pressing the power button to turn on the computer.
2.) Once you see the Advanced Options Menu, you can stop tapping the F8 key. (Screenshot Below)
3.) Using the arrow keys on your keyboard, select Safe Mode with Command Prompt, then press Enter Windows will scroll a bunch of driver files, this is completely normal!
4.) Next you’ll need to select your user account to login. If you only have one user on the computer, you should already see the Command Prompt window open.
5.) With the black Command Prompt Screen Open, you will need to type in the follow string:
Windows XP: Type C:windowssystem32restorerstrui.exe then press Enter
Windows 7/Vista: Type rstrui.exe then press Enter
Selecting a Restore Point and Starting the Restore
1.) With the System Restore window open, go ahead and click Next.
2.) Click the checkbox to Show More Restore Points (Note: This may look different in Vista/XP)
3.) Select a date that was at least a few days before you had the virus on your computer.
3.) Click on Next to select the date and start the restore process.
4.) Confirm your Restore Point by clicking Finish
4.) Your computer will reboot. The System Restore process can take from a minutes, all the way to an hour (depending on the computer.)Finish
5.) Once the restore finishes, you should be able to login to your computer and continue the cleanup process.