|
In response to
"Oh crap, seems my PC got infected"
by
celedhring
|
Summary: Find the process that the malware is, kill it, and then find out how to remove it
Posted by
oblique (aka kkuphal)
May 26 '10, 22:46
|
Finding it can be difficult if the malware is preventing you from running any programs. I've been able to work around this in some cases by copying cmd.exe from the windows\system32 folder into a temp folder, renaming it to explorer.exe, and running it. Some of the malware will let explorer.exe run while killing all others. If this works, you can use tasklist.exe or taskmgr.exe (renamed to explorer.exe in another temp folder) and then kill the offending process (usually a random string of numbers or letters)
This should get you "working" to the point you can browse the internet looking for solutions, downloading other software like malware antibytes, or using msconfig to remove programs from startup that match the process you killed to stop it from coming back
Final suggestion: Start using Firefox or Chrome with adblock or OpenDNS to prevent future infections better.
|
Responses:
|
