All of us techs have been there at one time or another. A customer opened an email or clicked on something they shouldn’t have and their PC just hasn’t been the same since; running slow, weird popups or browser behavior. This procedure is one that I have used to cleanout some really stubborn spyware that just doesn’t seem to go away.
1) Obviously the first thing to do is to run a full system scan using a local AV program. I have similar bad luck with all of the top AV vendors; Microsoft, Symantec, McAfee. No matter who you use it always seems that there is some spyware or virus they can’t handle. After doing the full scan with your Antvirus of choice. When that doesn’t work do this:
2) Download combofix. Use this guide to download, install and run it:
Note: Combofix will reboot your PC without warning you, so make sure you or the user is not in the middle of anything important while running it. Also, it stops all network activity while it is running, so be prepared to not use the PC while it is running.
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
Once combofix has been run, the system will reboot and it will continue. If it doesn’t come up clean repeat the process.
3) Next download and run Microsoft’s Safety Scanner and do a full scan.
Note: Microsoft Safety Scanner (on the full scan setting) will scan network drives. This may (or may not) be what you want. Choose “customized scan” if you are concerned about the amount of time it would take to scan network drives.
http://www.microsoft.com/security/scanner/en-us/default.aspx
Recent Comments