Well you could disable system restore via MSCONFIG. Go to
start, run, type msconfig. Click the start up tab scroll
until you find state mgr. Uncheck, and click apply. Reboot
and that will flush your restore folder. Go back and
recheck and reboot. Now be aware that all restore points
will now be gone and you will not be able to restore to an
eariler time. You will be starting over. Have you tried
AdAware or Spybot or Spyware blaster? Might give them a
try first, use the above described action as a last
resort. Good luck.
http://download.com.com/3000-2094-10045910.html?legacy=cnet
http://www.javacoolsoftware.com/spywareblaster.html
http://download.com.com/3000-2144-10194058.html?tag=lst-0-1

It appears to me from your post that system restore IS disabled since that is
the purpose of the checkmark.  So what I feel you really should be asking is
how to clear that problem whilst at the same time removing the viral remnant
which is in the _RESTORE archive.  Not of course, that it is going to do any
harm whilst there since it is dead but this is as good a time as any to get
system restore working again.

If you cannot uncheck the disable SR entry then check the following:
Do you have at least 300MB of free space on the drive containing your windows
folder?
Is the *StateMgr entry still present and checked in MSConfig | Startup?
Is stmgr.exe running?  You can check this using either a Task Manager such as
WinTop or TaskInfo or by using MSInfo32 (or Start | Help & Support | System
Information) and checking for stmgr.exe in the section Software Environment |
Running Tasks.

If all of the above are OK then I think that the best way forward would be to
remove the _RESTORE folder and allow the state manager to rebuild the
necessary control files.
Delete the folder as follows:
a) Boot to DOS using a floppy.  Do NOT choose "Minimal Boot" from the menu
when booting from a floppy but rather choose "Start computer with (or without)
CD-ROM support" otherwise the ATTRIB command will not be available.
b) At the DOS A:\> prompt, type:

ATTRIB    -H   -S    -R    C:\_RESTORE
REN    C:\_RESTORE    OLDREST

c) Remove the floppy
d) Reboot your PC
e) Delete the folder C:\OLDREST
f) Check that an automatic system restore checkpoint was created.
g) Finally adjust the space allocated to the restore folder:
System | Performance | File System | Hard Disk and adjust the restore slider
to your preferred setting.  A  figure of 200MB is normally more than adequate
for day to day use allowing perhaps a week of checkpoints to be available
although increasing this to perhaps 400MB for a few days during periods of
large installs such Microsoft Office is advisable.

It might now be a good time to test that system restore is working correctly.
You can do this by performing the following test.
a) Create a shortcut on your desktop to a file.
b) Create a manual checkpoint
Could you create a checkpoint?
c) Delete the shortcut
d) Restore your PC to the checkpoint you created.
Was the shortcut restored?  Did you see any error messages?
e) Reboot your PC
Was the checkpoint retained?
--
Mike Maltby MS-MVP
mcmaltby@hotmail.com