|
DCS
|
 |
« on: June 28, 2009, 02:04:17 PM » |
|
Basic Malware Removal Instructions:
Here are some basic instructions to help our members detect and remove many common spyware/malware infections.
Discount Computer Sales is providing these instructions for informational purposes only and we take no responsibility for any damage to your system or loss of data. If you are not comfortable with running these procedures on your system, please contact us through our main site to arrange to have your system cleaned by a qualified techinicain.
Free Spyware/Malware Removal Tools:
In this section we are going to download the tools we will use. We will install and configure the programs and then run scans at a later point so please only download right now.
Make sure you download the tools to the exact locations specified below in the procedures to avoid problems later. It is not a good idea to download them to any folder within C:\Documents and Settings. It is also a bad idea to download and save anything you need into any kind of Temp folder. Malware hides in Temp folders and standard cleaning practices will delete everything from Temp folders.
Download the free tools below and save to the infected machine's desktop (only download at this point ):
SUPERAntiSpyware
http://www.superantispyware.com/
Malwarebytes Anti-Malware
http://www.malwarebytes.org/mbam.php
ComboFix
http://www.combofix.org/
CCleaner
http://www.ccleaner.com/
AVG Free Edition (if you don't have any current antivirus software)
http://free.avg.com/download-avg-anti-virus-free-edition
Important Notes concerning ComboFix:
If you are using a 64 bit version of Windows do not download ComboFix because it is not compatible with x64 systems.
Some common antivirus programs may popup warnings about combofix.exe and catchme.exe being infected. These are false indications. You must tell your antivirus software to Skip or Ignore these and let ComboFix run.
If your computer is severly infected, then you may not have access to the internet, as the infection may have broken your internet connection. In this case, Please download the files to a clean system and transfer to your infected computer using a flash drive or other removable media.
Notes About System Restore:
We only disable System Restore after your system has been cleaned of all malware infections. We feel that keeping infected restore points around while fixing things may prove useful if something goes wrong during the cleaning process. An infected restore point could be better than none at all!
If you have been infected with any trojans, spyware, etc, they could have been saved in System Restore and are waiting to re-infect you. Since System Restore is a protected directory, your tools can not access it to delete files that may contain viruses. Even though your tools may say they are deleting them, they are not! The reason for doing this after your system has been completely cleaned of problems is to remove possible infected restore points. When you disable system restore, it clears all restore points.
Before proceeding with the procedures below, please disconnect your infected machine from your network to prevent it from downloading further infections.
Step 1:
Click on the ccleaner install file and install the program using it's default settings. Once installed run the cleaner tool to clean up temporary files/folders. This will clean up any malware found in the temporary internet folders and greatly speed up the other scans.
Step 2:
Clic on ComboFix and run, following the instructions. This scan could take 20 minutes or more and your computer will reboot once it has completed and automatically run a final scan. Once the program is running, please do not disturb it until it has fully completed.
Notes: Certain malware may disable the executable file combofix.exe from running. In this case right click on the file and rename it (ie, to test.exe, or any other filename with the .exe extension) and then try running it again.
Step 3:
Once Combofix has run completely and your system has rebooted, you may now restore/enable your network connection.
Install Malwarebytes Anti-Malware from the icon on your desktop.
Please make sure to update the program when asked, then run a full scan.
Once the scan has completed please remove all detected infections.
Step 4:
Install Superantispyware and run a full scan as above. The reason we run scans with two types of these programs is to ensure that all infections have been detected and removed.
Step 5:
At this point, if your computer seems to be running properly, then we disable system restore. This will clear all old restore points (any any infected files waiting to re-infect you).
Remember to reboot the computer and then re-enable system restore (if you would like to use that feature in the future)
Step 6:
Install AVG Free Edition and run a final scan.
IMPORTANT: Do not install AVG if you have another antivirus product currently installed on your machine.
If you have old/outdated antivirus software, please uninstall it prior to installing AVG.
Now that you have completed the above, your system should be clean and operating normally.
If not, then at this point we would reccommend that you back up any user files and perform a clean system restore. (refer to your owner's manual or the computer manufacturer's website for instructions)
|
