There are some freeware downloads available that try to eliminate or stop malware while an AV program tries to eliminate it/them. These are designed to be used in-situ, on the infected computer.
In general, I would start with self-booting programs first, and keep Windows out of the picture as much as possible until you have resolved the issue and scrubbed the malware.
An alternative of course, while keeping the chance of infecting other important machines as low as possible, is to install Windows on a simple, non-networked system, install a top-notch robust and UP-TO-DATE
anti-malware suite on the system, then connect your infected drives to this "sacrificial" system and run the anti-malware programs against the infected drives. If you have a spare drive, you can even
1) remove ALL your other drives from that system,
2) power down and perform a CMOS reset procedure as outlined in your user guide
3) install the available uninfected harddrive,
4) clean install of Windows on that drive
5) install anti-malware on that drive and activate it
6) Use USB adapter. While the system is ALREADY running, connect an infected drive via USB
and using shift key method so the system does not try to run any programs or code on that drive
Note: disinfect your infected drives one at a time
7) when/if you've eliminated the malware, restore things to normal. It would be prudent to wipe the system drive again, and reinstall Windows again (or restore from an earlier per-malware backup), install the anti-malware suite, and rerun against the system drive.
Here are a few listed in no particular order.
Microsoft Standalone System Sweeper
Helps you start an infected PC and perform an offline scan to help identify and remove rootkits and other advanced malware. In addition, Microsoft Standalone System Sweeper Beta can be used if you cannot install or start an antivirus solution on your PC, or if the installed solution cant detect or remove malware on your PC. Like Kaspersky Virus Removal Tool and similar programs, you need to install and use a different anti-virus program for routine use.
RKill was developed at BleepingComputer.com
and attempts to terminate known malware processes so that your normal security software can then run and clean your computer of infections. When RKill runs it will kill malware processes and then import a Registry file that removes incorrect file associations and fixes policies that stop us from using certain tools
. When finished it will display a log file that shows the processes that were terminated while the program was running.
As RKill only terminates a program's running process, and does not delete any files, after running it you should not reboot your computer as any malware processes that are configured to start automatically will just be started again.
Instead, after running RKill you should immediately scan your computer using some sort of anti-malware or anti-virus program so that the infections can be properly removed.
Kaspersky Virus Removal Tool 05.25.2011 [ 107 MB | Freeware | Win 2000/03/08/XP/Vista/7]
The product will scan the specified locations for any virus threats and remove them or send to Quarantine folder.
Kaspersky Virus Removal Tool does not provide resident protection for your computer. After disinfecting a computer, you are supposed to remove the tool and install a full version of antivirus software.
Kaspersky TDSSKiller 22.214.171.124 [ 1.22 MB | Freeware | Win7/Vista/XP] Editors Pick
Kaspersky Lab has developed the TDSSKiller utility that allows removing rootkits. A rootkit for Windows systems is a program that penetrates into the system and intercepts the system functions (Windows API).
Avira AntiVir Rescue System 05-25-2011
The Avira AntiVir Rescue System a linux-based application that allows accessing computers that cannot be booted anymore. Thus it is possible to repair a damaged system, to rescue data or to scan the system for virus infections.
added USB connection info to reduce chance of infected drive impacting boot process or running a program as it starts
emphasize any anti-malware program should be up-to-date (both program and any associated definitions files)
highlighted that RKill will impact the registry. Of course, nasty malware screws with your registry too.
removed some duplicated sentences
added Microsoft Standalone System Sweeper
to the list