How to Restore a Computer Using System Restore

Apr
23

How to Restore a Computer Using System Restore

Dan Steiner
Apr 23, 2013




One handy tool that is built into all Microsoft Windows operating systems is called System Restore. This feature can be especially helpful when your computer starts to experience problems and you want to revert back to a previous working state. The easiest way to understand System Restore is to think of it as a “time machine.”

How System Restore Can Help Remove Viruses, Spyware, and other Malware
When your computer becomes infected, the virus itself will affect several different parts of the operating system. The most important part is called the Registry. The Registry is essentially a giant hive of data that tells the operating system what to do. If your registry becomes compromised by malicious software, the computer can behave in unwanted ways. System Restore allows us to quickly switch the registry back to a previous data and time that was before the computer was compromised.

system_restore_start_crop

If you CAN access the Desktop and Start Menu

If you can still access your Desktop and Start Menu, then you can easily open the System Restore interface.

1.) Click on the Start Menu in the bottom left of your screen, then click All Programs

2.) Next click on Accessories then System Tools and finally System Restore

3.) System Restore may take a few moments to open.

If you CANNOT access the Desktop

Some Malware can block access to the normal startup of your computer. If this is the case, you’re in luck! Using Safe Mode with Command Prompt, we can easily start the System Restore process.

Windows 7 / Windows Vista / Windows XP Users

1.) Tap the F8 key on your keyboard immediately after pressing the power button to turn on the computer.

2.) Once you see the Advanced Options Menu, you can stop tapping the F8 key. (Screenshot Below)

safe_mode_command

3.) Using the arrow keys on your keyboard, select Safe Mode with Command Prompt, then press Enter Windows will scroll a bunch of driver files, this is completely normal!

4.) Next you’ll need to select your user account to login. If you only have one user on the computer, you should already see the Command Prompt window open.

rstrui_open

5.) With the black Command Prompt Screen Open, you will need to type in the follow string:

Windows XP: Type C:windowssystem32restorerstrui.exe then press Enter

Windows 7/Vista: Type rstrui.exe then press Enter

Windows 8 Users: Accessing System Restore

1.) Turn on your computer and let it boot to the login screen.

2.) Hold the Shift key down while selecting the Restart button.

3.) The computer should reboot. Select System Restore

4.) Follow the on-screen prompt to restore your computer to a previous date (before you had the infection!)

Selecting a Restore Point and Starting the Restore

1.) With the System Restore window open, go ahead and click Next.

2.) Click the checkbox to Show More Restore Points (Note: This may look different in Vista/XP)

restore_ready

3.) Select a date that was at least a few days before you had the virus on your computer.

3.) Click on Next to select the date and start the restore process.

4.) Confirm your Restore Point by clicking Finish

4.) Your computer will reboot. The System Restore process can take from a minutes, all the way to an hour (depending on the computer.)Finish

5.) Once the restore finishes, you should be able to login to your computer and continue the cleanup process.

Author: Dan Steiner
Was This Guide Helpful
How to Restore a Computer Using System Restore
3 votes, 3.67 avg. rating (68% score)

8 Comments

  1. Dan really knows what he is doing and his articles are super easy to follow. Can’t thank him enough!. Saved me a trip and about $ 75.00. Thanks!

  2. Thanks Dan!
    Two questions from a computer semi- idiot.
    1 with system restore, what happens to to virus; I.e is it still lurking in your computer waiting to reemerge and wreak havoc.
    2 who starts these malware programs, and why isn’t the real DoJ after them?

    Thanks for the help! I’ve got you bookmarked,
    Chris B.

    • Chris,

      System Restore will revert the registry (backbone of the computer), so technically speaking, yes, you still need to run the removal software to ensure all non-registry related files are removed.

      Hope this helps!

  3. Everything works until in step 4. I enter my user login and password, It only flashes the screen pic you have in step 4 and then automatically starts shutting down. Any additional steps or advise.

Leave a Comment to terry Cancel Reply

Your email address will not be published. Required fields are marked *