How to Remove a Virus in Windows - Preventing viruses at Windows startup
(Page 2 of 4 )
There are literally dozens of ways for programs to schedule themselves to start when Windows boots. The great majority of those are contained in the Windows Registry and remain fairly obscure to the common user.
One of the easiest ways to determine what programs are loading with Windows is to use DiamondCS’s Autostart Viewer. This robust application will list programs from over 50 different autostart locations and allow you to disable or remove each entry.
It also shows the location from which the process is starting. This allows you to verify that the process really is what you think it is.
You can take the information that you know about your rogue processes along with the information that you find in Autostart Viewer and use them to further research your infection. Sites like Sysinfo.org offer large databases of startup applications as well as information and advice concerning their purpose and removal.
Another nice feature about Sysinfo.org is the ability to research specific CLSID numbers. You’ll find later in this article where that can be quite useful.
Since disabling startup applications does require working in the registry, it’s a good idea to make a registry backup before continuing. You can do this very easily with ERUNT. ERUNT is a program that creates a backup of the NT registry found in Windows 2000, XP, 2003, and Vista.
Once you make your backup, you’re ready to remove those entries. Once the viral process has been removed along with its startup methods, you have effectively disabled the virus. Now it’s time to do a little cleanup.
Next: Picking up the pieces >>
More BrainDump Articles
More By Nilpo/Developer Shed Staff Writer
