Reboot Windows in Safe Mode
What is Safe Mode?
Safe Mode is a diet version of the Standard Mode of Windows that your computer ordinarily runs. Rebooting in Safe Mode loads minimal programs and disables most device drivers that manage hardware like CD drives and printers. The result is a more stable iteration of the Windows operating system that's better suited for disabling malware while you perform a system scan.
How do you use it?
If you can, follow the necessary steps for a safe shutdown process and then reboot. When you restart Windows, as the screen begins to load, press F8 repeatedly until the Windows booting options appear. Select "Boot in Safe Mode" from the menu of options. Once in Safe Mode, you should be able to run your installed antispyware software with less interference from the malicious software that the Trojan brought onto your system.
System Restore
What is System Restore?
System Restore strings out a safety net if everything goes kaput. Under default Window settings, System Restore saves a snapshot of your computer configuration once a day and on major upgrades that can be used to replace corrupted files. In the event of a Trojan attack, System Restore can revert Windows to a previous, uninfected state. It won't restore everything, like changes to your user profile, but it does reinstate biggies like your Registry and DLL cache.
When do you use it?
When purging your computer of spyware, System Restore has an optimal time and place. You wouldn't want your computer including corrupted files as the reference point of the day, so it's important to disable System Restore before you start cleaning. You can reactivate it once your system is spick-and-span.
How do you use it?
The paths for accessing System Restore differ by operating system. In Windows XP, disable System Restore by right-clicking My Computer and selecting Properties. Under the Performance tab, select File System, then the Troubleshooting tab, and finally check Disable System Restore. You'll be prompted to reboot. Follow these steps to uncheck the box before restoring your system.
To use System Restore after scrubbing your computer, choose Accessories from the program list in the Start menu. You'll find System Restore under System Tools.
This comprehensive article from TechRepublic demonstrates how to create and use System Restore in Windows Vista.
Scan with antivirus/antispyware apps
Downloading diagnostic and removal tools with an infected computer is a huge time sink--spyware can cripple your speed and Internet access. The Trojan's payload could prevent EXE files from downloading or launching. Also, malware can affect the performance of installed security software on your PC. If you store your antivirus/antispyware programs on a CD or flash drive, however, those malware-busting apps can commence their swashbuckling unhindered.
Advanced users can save some time by creating a bootable DOS virus scanner that runs off a flash drive (tutorial from Ask the Geek).
Which antivirus software should you get?
Some of our favorite intrusion-repellants include Kaspersky Anti-Virus 6, which is worth the price (full review); Webroot SpySweeper and Spyware Doctor (the free versions identify but don't remove malware); AdAware and SpyCatcher Express (free spyware removal); and HijackThis (aggressive diagnostic tool). While none of these are Vista-compatible yet, Kaspersky and Ad-Aware plan to release Vista-ready updates in 2007.
HijackThis is a powerful tool that monitors the critical areas of your computer for any significant changes. Many forums administrators will want to analyze your HijackThis log before recommending a removal plan. However, the program requires a bit of learning before you can use it effectively. You'll want to read our HijackThis tutorial before getting started.
Disk reformatting
What is it?
Unlike a system restore, which rolls your operating system back to a previous configuration, disk reformatting requires you to reinstall Windows, plus all your data and applications, from scratch. This method is used to disable malware by overwriting corrupted files, replacing them with the default operating system.
Disk reformatting is a time-consuming measure, and one we at CNET Download.com recommend you try after scanning and restoring your system.
Hot Forum Topics
