Print
If you happened to luck out and get a list of registry entries that were infected, then you can go through this more advanced step. This particular step is not required as long as the computer is mostly disinfected since the entries will only be remnant registry entries. When we do the final cleanup, it should also get rid of most of the entries. But if the entries are causing problems right now, then you can remove them here.
Launch the Registry Editor. You can do this by pressing the Windows Key and then pressing r simultaneously. Type regedit into the run window and press Enter.
You should get a list of five registry hives to the left of your screen. Each hive is similar to a pathway on your hard drive, such as C:\Program Files\Microsoft Office. In this example, you would double-click C, then double-click Program Files, and then find the Microsoft Office directory. The same process works in the registry editor. The only difference is you are not working with files and directories. You navigate through the left pane of the screen.
Navigate through the tree of entries until you find the exact one you are looking for. Make sure you select the right entry because many of them look similar. Then delete that entry from the left side of the window. Don't touch the right side, since that side just contains information related to that key. You may also use .reg files to do this, which may be simpler. If you are interested in this, see this Microsoft KB article.
Often-times malware removal leaves the computer with some junk files (.dat, .txt, etc) on the hard drive and some invalid registry entries which may produce errors. There are two programs you can run, CCleaner and Comodo Registry Cleaner. CCleaner will get rid of temporary files and Comodo Registry Cleaner will get rid of the registry entries.
Download CCleaner from the following link. Save the file to your Desktop.
Install the program like any other program; make sure to keep the default settings.
Double-click the CCleaner file on your Desktop and click the Analyze button and then the Run Cleaner button. Close the program.
Download the Comodo Registry Cleaner from the following link. Save the file to your Desktop.
Install the program like any other program; make sure to keep the default settings.
Click the Scan My Registry button and wait for the results. Click the Clean Registry button.
The ultimate goal of malware removal is to prevent it from re-occurring. By following simple steps you can help ensure that you won’t be infected again.
Comments are closed on this article
MacimumPC
January 29, 2009 at 3:22am
I do not use Vista very much and I am figuring out most of how Vista works by my experiences with the Windows 7 beta...so most of my Windows knowledge is from XP and earlier. I was not aware of the extra measures utilized in Vista/Win 7 along with the UAC interface.
However, you do bring up an interesting point. Yes, in a limited user account in XP, system files are safe from tampering from the user and perhaps external sources. This still does not save the system from the admin though. This is also true in OSX. In the user's folder, you can actually create new folders and not have any access to the system folder, however, the system files are still safe from even the admin (to the extent of needing the admin password) and external sources. However, if Vista/7 are working on new ideas to trick or stop viruses/malware/spyware...then I'm all for it, but I have a feeling the fact that Windows Vista/7 still tell you to download a virus scanner...still leads me to believe the problems are still far from resolved. Perhaps Vista/7 are stepping in the right direction though. Thank you for the heads-up.
TheZomb
January 29, 2009 at 8:06am
Vista does everything you describe OS X does by limiting control to system files with passwords and prompting users for permission to access or change and goes a step further to do the same with the program files folder. Yet microsoft still recommends you to use virus software. Why, they dealing with millions of people and there are two sure things about that group of people. They will be smart and stupid and stupid people will click on things to get them off the screen no matter they are and smart malicious people are happy to exploit. In short they can't account for everything by closing off system files.
I bet if you call apple right now and ask them whether you should use anti virus software they would tell you yes. You do acknowledge that windows has more viruses because of its higher amount of users, but some other information you don't know is that many more vulnerabilities are found per year on mac and most of them are more severe than their windows counter parts. Apple also does not report or acknowledge security vulnerabilities it has. So in general your Mac has vulnerabilities, apple won't tell you what they are, apple won't tell you when they fix them, they can be exploited any day without proper firewall/ anti virus software.
P.S. XP is a 9 year old OS your comparing to a brand new one.
Keith E. Whisman
January 29, 2009 at 1:27am
What are the Best AntiSpyware/AntiMalware and junk file removers that work in Windows Vista 64bit? I tried to install Adaware anniversary edition and it laughed at me. "You want to do what? LOL.."
What free programs out there specifically work with Vista 64bit?
Thanks..
B.A.Frayd
March 01, 2009 at 6:02pm
Malwarebytes works well, as does CCleaner. I use both on my 64 bit Vista machine. AVG antivirus also works fine.
One other program that should have been mentioned in the article is SpywareBlaster. SpywareBlaster is different from the others because it actually prevents infections by blocking bad items before they can get into your system.
ghot
January 29, 2009 at 12:29am
.....google Jv16 Powertools the last free version (for XP users, that is).....its one of the best registry cleaners made and can remove Java easily, as wel as many other hidden installed apps. For Vistsa....you'll need JV16 Power Tools 2008. Another great program is Glary Utilities (just google it)...Glary has all the Windows tools in one easy to find location, a track eraser, a mild registry cleaner and a startup program listing, with check boxes for easy remove or replace. It also installs a "wipe with Glary Utilities" option to any right click menu, and lastly has an uninstaller also.
JV16 Power Tools is like glary Utilities on crack! If its on your comp it shows in JV16. Not only will JV16 allow you to remove it, but it will also allow you to remove all associated entries. Further it has a great registry FINDER....just type in the box what items you want to find and run it. Nothing is removed by JV16 w/o your allowing it. It too has a startup program list and is the most powerful registry cleaner I've ever used....and I've tried them all.
....I'm sure everyone that knows about this site also knows about Unlocker.....it installs an option to any right click menu also and allows you to delete files even when they can't normally be deleted because they are in use.
I also use and recommend all of the programs mentioned in the article...I have used them for years and never had an issue with any of them.
But a day w/o JV16 Power Tools is like a day w/o.....Maximum PC :)
Take efficiency, and edit out all the intelligence and what you have left is a post-XP Microsoft operating system :)
DogPatch1149
April 03, 2009 at 9:08pm
Surely you jest.
Java isn't crap...if it was, we wouldn't have tools like the Speakeasy.net SpeedTest, or those really cool time-wasting games at Pogo.com.
What IS crap is the fact that IE still doesn't have granular control of Java (or ActiveX, for that matter) to the point you can be sure you're safe. Since IE is the browser running on assloads of PCs out there, with a lot of non-techie non-geeks behind the keyboard, there have been and will continue to be problems. Guaranteed.
BTW...since when is Java hidden? It shows up in my Programs and Features list (via Revo Uninstaller), and shows up on every Add/Remove Programs list on XP machines I've seen. Is this called hiding in plain sight?
If you use Firefox with the NoScript add-on, and enable only what you need for sites to load/run correctly, you'll have no problems.
No, I'm not a Java fanboy - I just think Java gets blamed for problems that aren't the fault of Java, but of the applications that make use of it.
winmaster
January 31, 2009 at 5:23pm
I use Add/Remove Programs to unstall Java. I don't see anything with that.
--------------------------------------------------------------------------------------------------
The quick brown fox jumps over the lazy dog.
GFC
January 29, 2009 at 12:12am
I've been using CCleaner for a while, and let me tell you - it's awesome. It's free, fast, and it get's the job done, and on top of that - it has registry fix, i mean.. how friggin' cool is that?
geekhelp4u
January 28, 2009 at 6:56pm
great article, but I would suggest a few things:
1) ATF Cleaner - run this first then
2) CCleanerRemoving junk files will allow the virus/malware/spyware scans to run faster - as they dont need to scan as much "junk"
3) Dial-a-fix
MBAM and SUPER are my two favorite scanners
when all is said and done, I still recommend you run HijackThis
but what if you computer is so bad it runs SLOW or has a hard time booting?
then before you start, run a linux based boot time scanner... I remommend the Avira Rescue CD or the DrWeb live CD ... google them!
Vegan
January 28, 2009 at 6:05pm
7 programs? Why do we accept this? It shouldn't have to be this difficult.
BaggerX
January 28, 2009 at 9:20pm
They're free. What's with the overblown sense of entitlement? Want something better? Create it yourself and sell it and be rich. Otherwise I'll take what works and is free and thank those that take the time to create these tools.
paulsoaresjr
January 28, 2009 at 3:37pm
Old Java versions should be shown in Add/Remove Programs. Or better yet, go grab JavaRa which will do the job for you.
http://raproducts.org/
winmaster
January 31, 2009 at 5:31pm
I think the recent versions (like the last two) actually do remove their predecessors, but only like the one right before that. For instance, if you are running Java 6 Update 10, and you install Java 6 Update 11, Update 10 willl be removed, but if you are running Java 6 Update 7, it will remain on your system. Also, I believe the first version that does this is Java 6 Update 10. Otherwise, they should appear in both Add/Remove Programs and CCleaner if they are on your system unless you deleted the entry in CCleaner and forgot about it. Anyway, its about time Sun Microsystems did this. Having an installer that doesn't remove the old version of the program in the 21st century is Bull Shit.
--------------------------------------------------------------------------------------------------
The quick brown fox jumps over the lazy dog.
GBH
January 28, 2009 at 3:28pm
Thank you for the great article
But these still wont stop the "Hackman help!" threads =P
