McAfee Command Line Scan for Trojan / Malware attack
In this post you will get an idea about what malware is and how to clean it with McAfee command line tool.
Malware is any program intentionally designed to cause disruption to a computer, server, or computer network to leak private information, gain unauthorized access to information or systems, deprive users access to information or which unknowingly interferes with the user's computer security and privacy.
Trojan horse is any malware that misleads users of its true intent. Trojans generally spread by some form of social engineering; for example, where a user is duped into executing an email attachment disguised to appear not suspicious (e.g., a routine form to be filled in), or by clicking on some fake advertisement on social media or anywhere else.
If someone has clicked on phishing mail attachment or suspicious link, below are the steps to be followed immediately to avoid / minimize the impact. Here we will focus on steps related to command line scan.
1. Delete the suspicious mail and its contents if downloaded.
2. Go to McAfee Enterprise download page and sign in with Grant number and registered mail ID.
https://www.mcafee.com/enterprise/en-in/downloads/my-products.html
Download command line scanner for desired operating system like Windows or Linux.
3. Download latest DAT versions from - http://update.nai.com/
Download ZIP file with name starting - avvdat.
4. Unzip downloaded content to C:\scan folder.
5. Boot computer in Safe mode.
Go to Run - Type MSCONFIG - Boot tab - check Safe Boot - Apply. Then restart the machine.
6. Decompress scan.exe
C:\scan\scan.exe /decompress
7. Run below command to scan all directories and save results in text file. All the malicious and infected files will be cleaned and end results will be displayed on command prompt. This scan may take few hours to scan your computer.
scan.exe /adl /all /analyze /clean /program /unzip /winmem /rptall /report=c:\scan\report.txt
Hope this will be helpful.
