Saturday, August 14, 2010

Disinfecting your PC.

Required tools:
USB memory drive
Access to a spare computer


Start by downloading the files listed above onto a spare computer and copy them to a USB flash memory drive.  Then boot the infected PC into 'Safe Mode with Networking' by powering on the PC and repeatedly tapping the F8 key until you are presented with boot options.  You may have to reboot the computer several times and reattampt as it is sometimes difficult to get this prompt.
Once booted into 'Safe Mode with Networking', insert the flash drive and browse to the downloaded files located on the flash drive.  note: If you are running Windows 7 or newer, you will need to right-click and select "Run as Administrator" instead of just double-clicking the files: Run Combofix and agree to it's prompts. Combofix will step through a 50 stage checkpoint. After stage 50, Combofix will begin deleting infected files.  After the infected files are deleted, the PC will automatically reboot.  Upon logging back into windows, Combofix will generate a log file. Once this completes, browse to the flash memory drive, run the Malwarebytes installer.  Update Malwarebytes and perform a full system scan.  This may take 20-30 minutes, so take a break and come back once the scan completes.  
If you have difficulties updating Malwarebytes and/or accessing the Internet, go to Start, Control Panel, Internet Options. Then select the connections tab and choose LAN settings. Ensure all check boxes are unchecked.