Remove Boot Block Malware
Safe Mode No Longer Safe (For Malware Removal)
As one of several important steps in malware removal, savvy computer users have suggested booting into the Windows Safe Mode to run anti-malware scans – conventional tech wisdom being that no malware can load when booted to Safe Mode.
Well, for severe malware infestations, Safe Mode is no longer safe. The newer variants of some malware all load even when Safe Mode is used. There are a few different ways of accomplishing this, the most common being that the malware registers itself as a critical system process. This ensures that it is loaded regardless of what happens, and makes it much harder to shut down.
To make matters worse, these threats will often shut down all critical Windows Services, preventing you from going into the Task Manager, starting the msconfig or registry utility, and changing the properties of the Desktop wallpaper settings (more on this in a moment).
So how does the average computer user combat these attacks? If you are experiencing an attack of this kind, where even Safe Mode loads the malware, then the resolution is beyond the reach of the average user. At this point, the computer needs to be taken to a reputable computer service center or IT Consultant, but you must be firm and assertive as to what you want them to do to resolve the problem.
You need to confirm whether they have the necessary tools to boot the computer into a separate Windows environment. There are third-party tools that allow you to boot into a Windows environment from a CD. One such tool is Barts PE, a stripped-down version of Windows XP. It boots completely from a CD, and loads a simple graphical user interface. Coupled with plugins, McAfee, for example, you can scan your entire computer without the fear that your nifty little infection has somehow loaded.
Once your tech-support confirms that they have such a tool, insist that they use that tool to run an anti-malware scan on your computer. That will allow them to employ additional corrective measures, once Safe Mode is safe again. When you go to pick up your computer, don’t leave without first confirming that the following processes and features work:
- Have the technician confirm that the Task Manager, the Windows Registry and msconfig utilities can load
- Have the technician confirm that Internet browser searches using Google (or any other search engine), do not redirect to non-related sites or pages
- Have the technician confirm that the Windows Display properties allow for the changing of Desktop wallpaper settings. (Some malware will often display a fake threat warning on the Desktop wallpaper. Any attempts to change the wallpaper back to default settings will prove futile, as the malware will block the settings to make that change possible.)
- Have the technician confirm that the Windows Services panel (accessed by typing services.msc from the Run command window) does not show most or all services disabled
Author: Paul O. Morris
Once you are satisfied that the malware threat has been removed, you should run your own scan by following the steps from my ezine article titled "Sure-fire Steps to Remove Most Resilient Windows Spyware and Viruses."
Article Source: http://EzineArticles.com/?expert=Paul_O._Morris
Information on Linux Malware Scan.
Remove Personal Anti Malware | Personal Anti Malware Removal Guide
Once installed, Personal Anti Malware loads at boot time and performs a large number of fake scans on the system, returning false results that show that a large number of malware applications are present…
Site Advisor 2.0: Haute Secure Launches To Detect and Block Malware
As soon as you locate new malware code, the plugin notifies the Haute Secure servers, which then send the information out to all other plugin users. This effectively increases the amount of web space the service can analyze quickly, adding more protection to users…
Take time to THINK…: Now with Removable Media Malware Defender
When someone asks for my assistance, the first thing I always do is an offline anti-virus scan and clean…
Mail this post
Filed under get rid malware 
Leave a Comment
Pings on Remove Boot Block Malware