First step of cleaning the machine up from malware

[khoshtipi]

Hello all,

If scanning from boot be the first step of cleaning one severe infected machine by malwares, what bootable anti-malware(s) is/are your suggestion(s) that has/have worked well?

Thanks in advance.

 

[Arc]

http://www.sevenforums.com/tutorials/166445-windows-defender-offline.html

 

[gregrocker]

Follow the steps here to also check System Files for damage after disinfection: Troubleshooting Windows 7 Failure to Start

If you can get into Safe Mode, Malwarebytes is your best bet. The other free bootable AV's are all provided in the first steps.

 

[cottonball]

If you are looking for something where Windows does not have to load, for a scanner to work, try
AVG | AVG Rescue CD Guide

However, what type of severe infection is on the machine?
Can you provide a report from your AntiVirus, or, whatever program you used to find out about the infection.

There are different programs which can be used depending on the type of infection.

It is difficult to tell you what to do without knowing what you have.

 

[whs]

If you really have severe infections, the machine will never be right again - even after the malware removal. I would save the user files and reinstall the system. In the long run that is your best bet.

And for the future, install a robust antimalware program. And for good protection, I always operate on the internet from a virtual machine running Linux (Mint Mate in my case). Chances there to get an infection are very minimal and can be very easily fixed.

 

[khoshtipi]

@Arc & @greg:

I downloaded the windows defender offline and installed and booted it in/from a Flash memory, but it does want me to update the definitions while its last definitions are of april 24 2013 and doesn't scan my machine (Dell inspiron 1501, 1.8 GHZ, 512 RAM, 256 VGA memory) which is infected. I tried it by another machine (3.3GHZ, 4GB RAM, geforce GT 450) and it worked properly! What is the problem with my machine?

 

[khoshtipi]

If you are looking for something where Windows does not have to load, for a scanner to work, try
AVG | AVG Rescue CD Guide

However, what type of severe infection is on the machine?
Can you provide a report from your AntiVirus, or, whatever program you used to find out about the infection.

There are different programs which can be used depending on the type of infection.

It is difficult to tell you what to do without knowing what you have.

I have tried AVG before, it works good but not always, sometimes it's console windows (before starting up) shows many errors while one day ago had worked without error.

The type of infection is that, sometimes I can log on into machine but the OS doesn't work properly at all that clearly shows that there are many malwares. And sometimes I can't log on into that.

Anti-virus (eset nod32) is inactive (maybe by effect of viruses).

My goal is to first clean the machine and then install a new copy of windows if is needed.

 

[gregrocker]

I concur with whs that you're better off and will save time skipping to the Clean Reinstall - Factory OEM Windows 7.

There is a step there to show you how to rescue files but before being reimported they'd need to be quarantined and scanned with Malwarebytes, SuperAntiSpyware and your AV.

If you want to proceed there is a whole list of free bootable AV's to try in the Troubleshooting Windows 7 Failure to Start tutorial I posted which also shows everything possible that can be done to repair and boot Win7.

 

[khoshtipi]

Thanks gregrocker. I read that tutorial carefully.

 

[cottonball]

khoshtipi,

My goal is to first clean the machine...

Let's see what this short scan shows...

Download RogueKiller:
Tlcharger RogueKiller (Site Officiel)

When you get to the website, go to where it says:
(Download link) Lien de téléchargement:

Select the version without the x64.
Click the dark-blue button to download.
Save to the Desktop.

Close all windows and browsers.

Right-click the downloaded file and select: Run as Administrator

At the program console, wait for the prescan to finish. (Under Status, it says: Prescan finished.)

Press: SCAN

When done, a report opens on the Desktop: RKreport.txt

If not,press the Report button to get it.


Please provide the RKreport.txt (Mode: Scan) in your reply.




Also download the Farbar Recovery Scan Tool
Select the 32-bit version.


Save to your Desktop.

• Double-click the downloaded file to run it.
• When the tool opens click Yes to disclaimer.
• Press the Scan button.
• FRST makes a log (FRST.txt) in the same directory from which the tool is run (Desktop).
• Please copy and paste the FRST.txt in your reply. <<---
• The first time the tool is run, it also makes another log: Addition.txt
• Please post the Addition.txt in your reply also. <<---

Do you have a Recovery partition on the Dell inspiron 1501?

 

[Borg 386]

Down the road you may want to consider making a System Image backup. Should something like this happen again, you can easily restore to the point when the image was made.

http://www.sevenforums.com/tutorials/663-backup-complete-computer-create-image-backup.html

 

[khoshtipi]

Danke Borg!