The Ultimate Malware Fighter

An effective repellent against malware attacks comes from a surprising source--not the expected remedy of antivirus or antispyware software. The solution comes from System Restore, a great little utility introduced in Windows ME and now included in Windows XP. Think of System Restore as an H.G. Wells time machine that can transport PC software back in time. More specifically, you can reset the software to a moment prior to a vicious attack by some malware program.

System Restore contains a very useful feature: While it makes an exact replica of the file system as it looks "back in time," it also preserves any new data files, including Word documents, Excel spreadsheets and e-mail. One important exception: new software installations. In other words, if you reset the system to a time before new software was installed, you will need to reinstall that software. For this reason, before you run System Restore on a client's system, make sure you have all their software CDs and Web downloads catalogued and available. You're likely to need them.

The good news is that if your clients' XP systems are hit by a destructive malware program, they already have almost everything they'll need to get the systems back up and running. The only addition is a piece of software you can download for free: Computer Associates' Pest Patrol antispyware software, which operates similarly to Spybot and Ad-aware. The trial version of Pest Patrol is good for 30 days. After that, a single license costs $30.

By running Pest Patrol on an infected test system, I managed to find more than 40 spyware attacks and bugs. The software ran without a hiccup or the annoying requirement of a full system reboot.

id
unit-1659132512259
type
Sponsored post

But Pest Patrol is not perfect by any means. The Windows Control Panel is a favorite "hiding place" of malware programs; Pest Patrol did not detect any programs hiding there on my test system. Other than by using System Restore, I had to go into the Control Panel, hit Add or Remove Programs, identify by eye the malware programs, and then remove them manually. (These programs are not easy to catch, by the way. They have deceptively nice names like Cool Web, Ad Search and My Search--all cleverly designed to foil end users and PC technicians alike.)

System Restore is accessed the following way:

1. Shut down all other applications before using System Restore, as it requires a full-system reboot to complete the installation. (Connecting to the Internet is not required.) Then click "Start."

2. Slide up to Programs...Accessories...System Tools...and System Restore. Then the program will load.

3. In this Recipe, we'll follow the path of restoring the computer to an earlier time. (You will also have the option of creating a restore point.) Click on Next.

4. Chances are good that you will have many "prior dates" to pick from. Select a date that you think will be most beneficial. This is usually the most recent date prior to malware contamination, though truth be told, you have to contend with a bit of trial and error here. And remember: You are in no danger of losing any recent data files or e-mail you may have created.

5. Click on Next. The PC will undertake its own automated operations. You will see a new screen of the restore process. (It's in its own "safe" mode, which does not allow for copying and pasting.) When the process is done, the PC will auto-reboot itself.

With that, System Restore is complete. Hopefully, one day a more standardized process for eradicating malware will come along. Tier-one PC manufacturers, are you listening?

Recipe Ingredients

David Kary is the founder and CEO of rippt.com, and a frequent contributor to TechBuilder.org, a VARBusiness sister site.