Yuen Pin Yeap, CEO at NeuShield
Removing Malware Side Effects with One-Click Restore
An attack by Fully UnDetectable (FUD) ransomware is very hard to detect and next to impossible to clean with traditional security solutions. This is because existing security solutions rely on detection and pre-programmed steps to disinfect and quarantine the malware. In addition, some ransomware and threat actors may create user accounts or change the login password to use as a backdoor or to deny user access to the machine. These types of hidden changes are typically left behind by endpoint security solutions because they have no knowledge of what a good previous state should be and are not designed to deal with them.
In the past, the only way forward to fully clean the computer would be to do a bare metal restore or to reinstall everything from scratch. NeuShield’s One-Click Restore feature is designed to address this shortcoming, by allowing the user to bring the operating system’s state back to a previous timeline, quickly removing the ransomware, along with all the nefarious changes it did to the system. One-Click Restore recovers all system files, installed applications, and settings of the system but it does not affect user data or non-system files. So, things like documents and PowerPoint presentations are unaffected.
Experienced Windows users might notice some parallels between One-Click Restore and Windows Restore in term of what it restores. However, that is where the similarities end. To be effective against malware and malicious actors, NeuShield’s One-Click Restore was designed from the ground up with speed and simplicity in mind. It takes a snapshot of the system at regular intervals and when clicked by the user, will restore all system changes. In addition, NeuShield Data Sentinel actively guards the snapshot to prevent unauthorized tampering. It is designed to co-exist with existing endpoint security software and supports both the Windows workstations and servers.
Upon installation, NeuShield Data Sentinel creates the first snapshot. After that, a snapshot is taken every 24 hours. The system can be restored from the user interface on the endpoint, or remotely via the NeuShield Portal. To simplify the end user experience, local user interface can be triggered by a single button click, bringing the system back to a snapshot 24 hours ago. On the portal, the system administrator has a full view of all the snapshots and can choose to restore back to any snapshot. Since all the snapshots are stored on the endpoint itself, the solution is self-contained and does not require external resources to recover the computer.
As a side bonus, due to the nature of snapshots, One-Click Restore can be used to remove unwanted software, bad system patches or even undo configuration changes to the operating system. If the user is experiencing problems with a computer or a bad software patch that was just installed, they can quickly undo the recent changes and restore the computer to working condition.
In summary, One-Click Restore is an ideal tool to quickly disinfect a system from new or targeted attacks that cannot yet be detected by any security product. With One-Click Restore, the cleanup of all unwanted changes is just One Click Away.