How to remove a virus/spyware with mcafee

Discussion in 'other anti-virus software' started by computer geek, Jan 26, 2008.

Thread Status:
Not open for further replies.
  1. computer geek

    computer geek Registered Member

    Oct 6, 2007
    Download and Extract the SDAT Files
    Click on the following link or type the URL into an Internet browser address bar:

    Please Click the I Agree button.
    English users, please click the link named sdatxxxx.exe (where 'xxxx' replaces the current SDAT version number) and save the file to your C:\ Drive.
    All others please select the appropriate localized language from the drop-down list, click the link named sdatxxxx.exe (where 'xxxx' replaces the current SDAT version number) and save it to your C:\ Drive.
    From the Taskbar, select Start and then Run.
    In the Open field, type command and click OK. A DOS command window will open.
    Type CD\ and press Enter. You should now be at a C:\ prompt.
    Type SDATXXXX.EXE /E C:\SDAT and press Enter. (Note: The 'x's should be replaced with the appropriate numbers of the file that was downloaded above.) This will create an SDAT folder on the C:\ drive, and extract the SDAT files to this folder.

    Note: Windows XP Users with Service Pack 2 installed will be presented with a security warning when attempting to extract the file. Please click Run to continue the extraction process.

    Once the C:\ prompt is displayed again, please type exit and press Enter.
    Disable Windows System Restore
    Windows XP utilize a restore utility that backs up and protects selected files automatically to the C:\_Restore folder. This means that an infected file could be stored there as a backup and VirusScan would be unable to delete these files. The System Restore utility must be disabled to remove any infected files from the C:\_Restore folder.

    Windows XP
    Right-click the My Computer icon on the Desktop and click Properties.
    Click on the System Restore tab.
    Put a check mark in the box next to Turn off System Restore.
    Click the OK button.
    You may be prompted to restart the computer. Click Yes to restart.

    Note: To re-enable the System Restore utility, repeat the steps above and in step 3 remove the check mark from the box next to Turn off System Restore.
    Boot the Computer to DOS
    If the computer is on: From the Taskbar, click Start, then Shutdown and choose Restart.
    If the computer is off, turn the computer on.
    When the opening splash screen appears, begin tapping the F8 key every second.

    Note: On some computers, if you press F8 too soon you will get a keyboard error. If this happens, press the F1 key to continue.

    The Windows 2000 (or XP) Advanced Options Menu will appear. Use the arrow keys to choose Safe Mode with Command Prompt.
    Login to your computer (if necessary).
    When the computer is finished booting, the c:\> prompt will appear on the screen.

    Note: If there is anything typed after c:\>, type cd\ and press Enter.

    Continue with the scan instructions below.
    Scan the Computer
    At the c:\> prompt, type cd sdat and press Enter.
    Type scan /adl /clean /all /program /report report.txt and press Enter.
    This will perform a virus scan, which will clean and delete any viruses you may have on your computer.
    Multiple Infections
    After the scan has run, a summary report of the scan will be created in the sdat folder on the C:\ drive. If this summary reports that your computer had multiple infections, it is recommended that you run the scan again to make sure the computer has been completely cleaned.

    To determine if an additional scan is needed, please complete the following steps:
    Review the Scan Report
    Restart the computer into Normal Mode.
    Double-click the My Computer icon.
    Double-click the C:\ drive.
    Double click the sdat folder.
    Locate the file named report.txt and double-click to open.
    The report contains several lines that look similar to this:

    If the top line named Possibly Infected has a number greater that 5, it is recommended that you run the scan in DOS again.
    If you need to run the scan again, repeat the above instructions for Boot the Computer to DOS and Scan the Computer
  2. combo

    combo Registered Member

    Aug 2, 2007
    thanks computer geek :thumb:
  3. EliteKiller

    EliteKiller Registered Member

    Jan 18, 2007
    Another option:

    Make a new folder called McAfee in the root of the c:\ drive of the computer you're going to scan. Download the and extract the contents of the file into c:\McAfee

    Download and save this batch file* to c:\McAfee since it is responsible for launching the command-line scanner with all of its options enabled, including heuristics and adware/spyware options. You can run scan.exe /? to get a list of available options.

    I usually recommend starting the system in Safe Mode with Command Prompt (so explorer.exe doesn't run) and then running the command c:\McAfee\RUNSCAN.bat to launch the scanner. It'll run in normal mode too, but if malware has multiple processes that watch each others' backs, and they're running, then they'll just repair each other up after the scanner kills them off.

    When the scan is done, it will put a report.html file in c:\ showing what it found.

    *The batch file contains the following parameters: scan.exe /adl /del /all /allole /analyze /mailbox /manalyze /mime /panalyze /program /streams /unzip /winmem /sub /html C:\report.html
  4. computer geek

    computer geek Registered Member

    Oct 6, 2007
    Your welcome.
Thread Status:
Not open for further replies.