摘要 |
The present invention automates the operation of multiple malware removal software products using a computerized system that systematically operates the multiple selected software products. These products are executed within a customized Diagnostic Operating System, which is different from the Normal Operating System in which the computer normally operates. Thus, any malware that may be attached to any of the programs, shells, drivers, services, or data files associated with the Normal Operating System cannot corrupt the malware removal process performed under the Diagnostic Operating System. Preferably, the Diagnostic Operating System is accessed from a read-only device prepared on a secure computer separate from the computer that is the target of the malware removal process, and the Diagnostic Operating System executes in a read-only environment. Because many malware removal products rely upon the environment provided by the Normal Operating System, the Diagnostic Operating System must provide redirection to ensure such products perform as expected. Event-triggered redirection of environment variables may be done by either injection of values, or by interception of name/key invocations. |