Facebook Plunges Again
Tumblr 101: Tips And Tricks To Get Started
Save Your Friends and Family From Malware!
Silly me. I figured as antivirus and antimalware protection became more sophisticated that I'd see fewer infected machines for repair. Man, was I wrong. Even my friends and family - who are fairly computer savvy and careful - have wound up in trouble.
If you're at all competent with a computer, chances are you've had requests from people to fix these problems. I've heard different programs menioned (XP Antivirus, Antivirus 2009, etc.), but it usually goes like this: "Hey, I'm getting this messages from [program] that I'm infected, can you fix that?"
Sure you can.
Over the past couple of months, I've tried different combinations of apps and find these four to do the job nicely. Download them, keep them up-to-date, and you'll be a hero with unlucky friends and family that wind up with an infected computer.
Note: run the first two in safe mode, if possible!
1. Combofix. This one has seen some major upgrades recently, and I use it on every cleanup. Where the old version just gave you a blue screen and said "Hang out for about ten minutes," the current version provides feedback about what's going on. Before any changes are made, ComboFix backs up the registry.
It then hunts out malware it recognizes and removes it. You may need to reboot, but you'll be prompted if it's necessary. It's portable, so just keep it updated on your flash drive.
Based on the comments, BE CAREFUL. Combofix has never caused me any issues, but your experience may be different.
2. SmitFraudFix. I've used it for ages, but there was a brief span where it wasn't doing such a great job (that's when I started with ComboFix again). Things are back in order, and SmitFraudFix is doing a bang-up job once again. Make sure you run all the options with it (update, dns hijack, trusted zone, clean) and answer yes to "Clean the registry?" when asked. Nothing to install here, either, it's portable.
3. SuperAntiSpyware. When I first saw this one, I thougt it was bogus. It looked like some of the rogue apps I was trying to remove - now I know better. While I'm sure some people think this is a crap choice, it's been working great for me. It's got a lot of nice features, and it catches damn near everything that ComboFix and SmitFraudFix don't. Follow-up scans with Malwarebytes and Ad-Aware never turn up more than a few cookies. This one you'll have to install, but it's worth it.
4. CCleaner. Crap Cleaner bats cleanup. It's a great final, general cleanup to run on a system that you've just scanned. Keep the portable version handy for fast cleanup jobs.
This combo never lets me down, and I'm surrounded by users that can't keep themselves out of trouble. Here's hoping it does the job for you, too! Check this post for more malware fighting tips.
Comments
28
Subscribe to commentslawrence.n.luSep 11th 2008 4:10PM
So what's the conclusion? Which one should we go for? Any better direction? Many thanks!
Fred ThompsonSep 12th 2008 2:34AM
Combofix also kills Acrobat 9 3D Printer and prevented autoload. It didn't disable the settings, it prevented it. It also scotched up PDF Converter.
Sloppily designed is entrely accurate. If it were properly designed, it would have configured a clean boot and not just said "don't run anything." Stupid is as stupid does. Combofix fits that sentence.
Day 2 and I'm still fixing the messes it made.
Oh, yes, it also modified the hosts file on it's own. It's too stupid to recognize what 127.0.0.1 before a URL does.
This thing doesn't remove malware, it IS malware.
ArmyOfAardvarksSep 12th 2008 8:15AM
I still rely on HiJackThis.
BobalooSep 12th 2008 9:41AM
I've been using sandboxie with avast for the last couple of years and have never been safer. Sandboxie is a freeware virtual sandbox to run your browser and keeps all the malware, spyware, etc... out of your system. I'm amazed more people don't know about it. I use to have all those other third party apps, but not anymore... they're just not needed. I laugh in the face of attacks now because I know they can't access my OS.
anth wilsonSep 12th 2008 9:29AM
MalwareBytes does the trick for AV2009 and its cohorts. Just a point, all the machines I have removed this from (15+) have not had Java updated (hopefully this is just a coincidence)
DaveSep 12th 2008 11:00AM
The simplest way to get people out of malware trouble: tell them to stop using windows.
rich cSep 12th 2008 10:38AM
Had a nasty re-spawning virus last week. It highjacked my search engines and wouldn't let me access sites for like hijack this or anything that would give me a fix. After 3 days of pulling my hair out I found a program and using multiple malware removal products to no avail, I downloaded a program called Malware Bytes, which identified and removed 16 infected files in about 20 minutes. I highly recommend it.
rabeyeSep 12th 2008 9:06PM
Thanks for the above proggies. I have never heard of them. I just ran them on my *tweated*Vista box and it actually found about 10 things that AVG, Avast!, Spybot, Ad-Aware didn't and they weren't cookies. I tried these because of your article and after cleaning a co-worker's PC of the "UPS" virus with SDfix. My Vista box is at least 5 times faster now.