Antivirus Software can be a powerful ally, removing most of today’s malware with ease.Here’s how to help you win.
Get Safe Access to the Drive
The best time to remove malware is when it’s in a dormant state. Booting into”safe mode” is one option, but isn’t always the best option. Some malware hooks into something called “winlogon,” which means that if you can access Windows, the malware is already loaded. Other malware will register as the File handler for a particular file type, so any time that file type is loaded, the malware is launched first. Your best bet for thwarting these type of infectors is to create a BartPE Recovery and use it to access the infected system.
If you plan to run antivirus or other utilities from a USB drive, you’ll need to have that drive plugged in before you boot to the BartPE CD.You will first want to disable autorun in case the USB drive is infected with an autorun worm. Then shutdown the computer, insert the USB drive, and boot the computer to the BartPE Recovery CD. BartPE will not recognize the USB drive if it wasn’t plugged in when the computer was booted up
Determine the Malware Load Points
Malware, like any other active program, needs to load in order to do damage. Once you have safe access to the infected drive, begin by checking the common startup points for signs of the infection. A list of common startup points can be found in the AutoStart Entry Points guide and the list of ShellOpen command keys. This task is best performed by experienced users. Back up the registry before beginning in case you inadvertently delete or change a legitimate setting.
Retake Your Controls
Much of today’s malware typically blocks access to the Task Manager or the Folder Options menu in Windows, or it makes other system changes that hamper discovery and removal efforts. After removing the malware (either manually or through the use of antivirus software), you’ll need to reset these settings to regain normal access.
- Regain Access to the Registry
- Re-Enable Task Manager
- View Folder Options Menu
- Other How-To Guides