The point I wish to make is that all of these programs are
based on the same philosophy. It is simply an adaptation
of what anti-virus software has evolved into, a huge
database of all known malicious programs and every change
each malicious program makes to your computer. Those that
are not in the database are not corrected, and these
databases are ALWAYS behind the curve. There are always
new infections that have not yet been included in their
databases.
There is a much simpler, a much more effective, approach
to repairing this type of damage. It is the exact same
method that Microsoft stresses in its computer
administration training and that all administrators depend
on as their main line of defense against system damage
from ANY source - BACKUP AND RESTORE.
Every administrator I know would immediately restore a
critical server from a backup in order to recover from an
infection of malicious code, because it doesn't require a
database of tens of thousands of signatures to find the
problem. It restores the machine to a known good state.
PERIOD.
The reason backup and restore hasn't been widely used on
non-server computers is the additional software, hardware,
and knowledge required. However, starting with Windows
2000, the built-in backup utility will output to a file,
eliminating the need for a tape drive and expensive backup
software.
The complexity of backup and restore can be addressed by
automating the process. One program that does that and is
tailored to backups that will recover a computer from
spyware/virus infections is TheCleanMachine. It is a free
program available at
www.techaidsw.com.
