SafeHex
Revision as of 09:21, 12 February 2011 by User:Fellrnr (User talk:Fellrnr | contribs)
Revision as of 09:21, 12 February 2011 by User:Fellrnr (User talk:Fellrnr | contribs)
Some notes on cleaning infected PCs
- Do not connect to network unless cleaned
- MalwareBytes
- Download latest copy on a clean PC - http://www.malwarebytes.org/
- Install onto clean PC
- Run on clean PC and download latest definitions
- Copy the installation file and the rules file from the clean PC to the infected machine
- For Windows XP and 2000 "C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref"
- For Windows Vista and Windows 7 "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref"
- Install on the clean PC and then manually update the rules definition
- Run MalwareBytes scanner
- Other scanners to try (download on clean PC and copy over)
- Check for fake antivirus software with http://www.mcafee.com/us/downloads/free-tools/how-to-use-stinger.aspx http://www.mcafee.com/us/downloads/free-tools/how-to-use-stinger.aspx
- SUPERAntiSpyware http://www.superantispyware.com/ (available as a portable application)
- Vipre Rescue http://live.sunbeltsoftware.com/
- If desperate (download on clean PC and copy over)
- Try HijackThis, which won't detect infestations, but will tell you all the possible problems. http://free.antivirus.com/hijackthis/
- ComboFix, which will clean some problems, but is intended to produce a report that can be posted on a forum to get help. http://www.bleepingcomputer.com/combofix/how-to-use-combofix
- After cleanup, install Microsoft Security Essentials http://www.microsoft.com/security_essentials/
- to update without connecting to the network, download the updates from
- On Vista/Windows 7 you may have to 'run as administrator'