Print
We are normally a very big advocates of Combofix since the program works so well, but there is a possibility that the program can cause damage to your computer. Download Combofix from the following link and save it to your Desktop.
You may be requested to update the program when you open Combofix, please do so. After the update, the program will restart. Don’t restart the program yourself. On the next start you may get a warning if you have active security software on your system <insert Combofix_Warning.jpg> disable your antivirus or other security protection since it may interfere with Combofix.
You will get an EULA pop-up from Combofix. This EULA explains the basic terms and conditions of using the program. Make sure you read this and understand the terms and conditions.
Combofix will now create a system restore point and start scanning, don’t move the program window. Your taskbar may disappear several times as it goes through the various stages and you may lose network connectivity temporarily. If it asks if you want to clean the registry, please allow it to do so.
The program will try to generate a logfile. Do not move or close the window.
After the reboot, if necessary, a logfile will have opened automatically on your screen. Please close the logfile. Altering any files that Combofix displays could cause serious, irreversible damage to your system if you don’t know what you are doing.
Panda Activescan 2.0 is a general malware scanner, but runs through a web browser instead of natively on your hard drive. It has a good detection rate, but does not remove the malware it finds, so you will have to do this yourself. This scanner is primarily used with Internet Explorer, but also works with Firefox.
To start scanning with Panda Activescan 2.0, go to their official site. Click the big Scan Now button. If you are using Mozilla Firefox, you need to download the appropriate plug-in to run the scanner.
Let the program update and install temporary files to your computer. The temporary files allow Panda to scan your computer’s hard drive. Panda should start automatically scanning your computer’s physical hard drives.
If malware is detected, it will alert you and allow you to see a logfile. Save this logfile, you will need it later. You can close Panda Activescan 2.0 after you save the logfile.
In order to get these malware files off of your computer, you need to delete them yourself. Since Panda is a pay program, it won’t be able to remove these for free.
Open the Panda Activescan 2.0 logfile. Locate the full pathway. A pathway looks similar to C:\Windows\System32\sdfhl.exe. Copy and paste that entire line starting with the "C:" from your logfile and paste in a new Notepad file. Please do this for every file or directory that has been identified as malicious.
When you are done, you should have a list of files and directories. Do not close this list of files.
Download Pocket Killbox from the following link. Extract the files to your Desktop or wherever you choose.
Double-click the Killbox red Killbox file. Go back to your list of files and highlight all the pathways and copy them to your clipboard.
Set the program to Delete on Reboot and make sure it is set to All Files. If it is set to Single File, it will only delete the first file in the list and leave the rest.
Now click File and select Paste from Clipboard. If no text appeared in the Full Path of File to delete, then try again. Click the Red X. Pocket Killbox will automatically restart your computer.
Comments are closed on this article
MacimumPC
January 29, 2009 at 3:22am
I do not use Vista very much and I am figuring out most of how Vista works by my experiences with the Windows 7 beta...so most of my Windows knowledge is from XP and earlier. I was not aware of the extra measures utilized in Vista/Win 7 along with the UAC interface.
However, you do bring up an interesting point. Yes, in a limited user account in XP, system files are safe from tampering from the user and perhaps external sources. This still does not save the system from the admin though. This is also true in OSX. In the user's folder, you can actually create new folders and not have any access to the system folder, however, the system files are still safe from even the admin (to the extent of needing the admin password) and external sources. However, if Vista/7 are working on new ideas to trick or stop viruses/malware/spyware...then I'm all for it, but I have a feeling the fact that Windows Vista/7 still tell you to download a virus scanner...still leads me to believe the problems are still far from resolved. Perhaps Vista/7 are stepping in the right direction though. Thank you for the heads-up.
TheZomb
January 29, 2009 at 8:06am
Vista does everything you describe OS X does by limiting control to system files with passwords and prompting users for permission to access or change and goes a step further to do the same with the program files folder. Yet microsoft still recommends you to use virus software. Why, they dealing with millions of people and there are two sure things about that group of people. They will be smart and stupid and stupid people will click on things to get them off the screen no matter they are and smart malicious people are happy to exploit. In short they can't account for everything by closing off system files.
I bet if you call apple right now and ask them whether you should use anti virus software they would tell you yes. You do acknowledge that windows has more viruses because of its higher amount of users, but some other information you don't know is that many more vulnerabilities are found per year on mac and most of them are more severe than their windows counter parts. Apple also does not report or acknowledge security vulnerabilities it has. So in general your Mac has vulnerabilities, apple won't tell you what they are, apple won't tell you when they fix them, they can be exploited any day without proper firewall/ anti virus software.
P.S. XP is a 9 year old OS your comparing to a brand new one.
Keith E. Whisman
January 29, 2009 at 1:27am
What are the Best AntiSpyware/AntiMalware and junk file removers that work in Windows Vista 64bit? I tried to install Adaware anniversary edition and it laughed at me. "You want to do what? LOL.."
What free programs out there specifically work with Vista 64bit?
Thanks..
B.A.Frayd
March 01, 2009 at 6:02pm
Malwarebytes works well, as does CCleaner. I use both on my 64 bit Vista machine. AVG antivirus also works fine.
One other program that should have been mentioned in the article is SpywareBlaster. SpywareBlaster is different from the others because it actually prevents infections by blocking bad items before they can get into your system.
ghot
January 29, 2009 at 12:29am
.....google Jv16 Powertools the last free version (for XP users, that is).....its one of the best registry cleaners made and can remove Java easily, as wel as many other hidden installed apps. For Vistsa....you'll need JV16 Power Tools 2008. Another great program is Glary Utilities (just google it)...Glary has all the Windows tools in one easy to find location, a track eraser, a mild registry cleaner and a startup program listing, with check boxes for easy remove or replace. It also installs a "wipe with Glary Utilities" option to any right click menu, and lastly has an uninstaller also.
JV16 Power Tools is like glary Utilities on crack! If its on your comp it shows in JV16. Not only will JV16 allow you to remove it, but it will also allow you to remove all associated entries. Further it has a great registry FINDER....just type in the box what items you want to find and run it. Nothing is removed by JV16 w/o your allowing it. It too has a startup program list and is the most powerful registry cleaner I've ever used....and I've tried them all.
....I'm sure everyone that knows about this site also knows about Unlocker.....it installs an option to any right click menu also and allows you to delete files even when they can't normally be deleted because they are in use.
I also use and recommend all of the programs mentioned in the article...I have used them for years and never had an issue with any of them.
But a day w/o JV16 Power Tools is like a day w/o.....Maximum PC :)
Take efficiency, and edit out all the intelligence and what you have left is a post-XP Microsoft operating system :)
DogPatch1149
April 03, 2009 at 9:08pm
Surely you jest.
Java isn't crap...if it was, we wouldn't have tools like the Speakeasy.net SpeedTest, or those really cool time-wasting games at Pogo.com.
What IS crap is the fact that IE still doesn't have granular control of Java (or ActiveX, for that matter) to the point you can be sure you're safe. Since IE is the browser running on assloads of PCs out there, with a lot of non-techie non-geeks behind the keyboard, there have been and will continue to be problems. Guaranteed.
BTW...since when is Java hidden? It shows up in my Programs and Features list (via Revo Uninstaller), and shows up on every Add/Remove Programs list on XP machines I've seen. Is this called hiding in plain sight?
If you use Firefox with the NoScript add-on, and enable only what you need for sites to load/run correctly, you'll have no problems.
No, I'm not a Java fanboy - I just think Java gets blamed for problems that aren't the fault of Java, but of the applications that make use of it.
winmaster
January 31, 2009 at 5:23pm
I use Add/Remove Programs to unstall Java. I don't see anything with that.
--------------------------------------------------------------------------------------------------
The quick brown fox jumps over the lazy dog.
GFC
January 29, 2009 at 12:12am
I've been using CCleaner for a while, and let me tell you - it's awesome. It's free, fast, and it get's the job done, and on top of that - it has registry fix, i mean.. how friggin' cool is that?
geekhelp4u
January 28, 2009 at 6:56pm
great article, but I would suggest a few things:
1) ATF Cleaner - run this first then
2) CCleanerRemoving junk files will allow the virus/malware/spyware scans to run faster - as they dont need to scan as much "junk"
3) Dial-a-fix
MBAM and SUPER are my two favorite scanners
when all is said and done, I still recommend you run HijackThis
but what if you computer is so bad it runs SLOW or has a hard time booting?
then before you start, run a linux based boot time scanner... I remommend the Avira Rescue CD or the DrWeb live CD ... google them!
Vegan
January 28, 2009 at 6:05pm
7 programs? Why do we accept this? It shouldn't have to be this difficult.
BaggerX
January 28, 2009 at 9:20pm
They're free. What's with the overblown sense of entitlement? Want something better? Create it yourself and sell it and be rich. Otherwise I'll take what works and is free and thank those that take the time to create these tools.
paulsoaresjr
January 28, 2009 at 3:37pm
Old Java versions should be shown in Add/Remove Programs. Or better yet, go grab JavaRa which will do the job for you.
http://raproducts.org/
winmaster
January 31, 2009 at 5:31pm
I think the recent versions (like the last two) actually do remove their predecessors, but only like the one right before that. For instance, if you are running Java 6 Update 10, and you install Java 6 Update 11, Update 10 willl be removed, but if you are running Java 6 Update 7, it will remain on your system. Also, I believe the first version that does this is Java 6 Update 10. Otherwise, they should appear in both Add/Remove Programs and CCleaner if they are on your system unless you deleted the entry in CCleaner and forgot about it. Anyway, its about time Sun Microsystems did this. Having an installer that doesn't remove the old version of the program in the 21st century is Bull Shit.
--------------------------------------------------------------------------------------------------
The quick brown fox jumps over the lazy dog.
GBH
January 28, 2009 at 3:28pm
Thank you for the great article
But these still wont stop the "Hackman help!" threads =P
