Home | Blog | Software | Reviews and Features | Forum | Help | Donate | About us
topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • December 04, 2016, 04:17:53 AM
  • Proudly celebrating 10 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Last post Author Topic: ComboFix=GREAT rootkit cleaner. (Kaspersky failed me big time).  (Read 9901 times)

superboyac

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 6,070
  • Is your software in my list?
    • View Profile
    • Donate to Member
http://www.bleepingc.../how-to-use-combofix

Well, Kaspersky actually failed me for the first time since I've been using it (many years).  A couple of days ago, I noticed my Firefox was having some weird problems.  It turns out I had a Google redirect virus that was causing significant trouble on my computer.  My Ad Muncher even broke, which is VERY rare.  I did a full computer scan with Kaspersky IS 2010, and it caught a bunch of stuff but didn't clean this particular problem.  First of all, Kaspersky should have never allowed it in in the first place...what's the point of having it running and slowing everything down???  Anyway, after all of that, I was still having the problem.  Then I used malwarebytes anti-malware program to clean, and that found some stuff also, but didn't clean this problem.

So I did a lot of reading, and came across the program ComboFix (link up top).  Actually, I discovered it in the comments section of some blog post, so it was rather difficult to find.  I know it's been mentioned here a little, but no big discussions or anything.  Anyway, I'm glad to say that it did a FANTASTIC job of cleaning out that rootkit.

More importantly, I'm VERY VERY disappointed in Kaspersky.  It's a world-class security suite and should be very capable of catching these things.  I'm also a little annoyed in knowing that even though it's constantly monitoring my pc, why do I get a bunch of malware when I do a full computer scan?  What's the point of it running and monitoring?  I don't get that.

This was bad.  I don't mind this happening to my laptop or mom's computer.  But not to my workhorse computer.  That's my baby.  I do everything on there, it's practically a mini-corporation.

These antivirus programs need to go through a makeover.  Less bloat, and focus on minimizing the performance impact and accuracy/effectiveness.  All other features are secondary.  Almost all users care primarily about those two things: performance impact and security.  The companies should spend 80% of their efforts on those two things.  For AV programs, they should cut out as much bloat as possible.  What is it about software...as soon as it gets anywhere near the big-times, they become slow and bulky.  They install files all over the place, etc.  I love those tiny little utilities that run super-fast, have nice simple interfaces, and install so simply, like all files in one folder, or even having a portable option.  All software should be portable unless there is a true need to get their fingers all up in the OS (which AV programs might very well need).

mrainey

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 436
    • View Profile
    • Website
    • Donate to Member
Re: ComboFix=GREAT rootkit cleaner. (Kaspersky failed me big time).
« Reply #1 on: August 31, 2010, 02:00:07 PM »
Quote
I did a full computer scan with Kaspersky IS 2010, and it caught a bunch of stuff

Quote
Then I used malwarebytes anti-malware program to clean, and that found some stuff also

Maybe you should focus on not exposing your "workhorse" to so much "stuff".
Software For Metalworking
http://closetolerancesoftware.com

rjbull

  • Charter Member
  • Joined in 2005
  • ***
  • default avatar
  • Posts: 2,925
    • View Profile
    • Donate to Member
Re: ComboFix=GREAT rootkit cleaner. (Kaspersky failed me big time).
« Reply #2 on: August 31, 2010, 02:40:53 PM »
These antivirus programs need to go through a makeover.  Less bloat, and focus on minimizing the performance impact and accuracy/effectiveness.

Well said.  And an absolute absence of false positives  >:(

superboyac

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 6,070
  • Is your software in my list?
    • View Profile
    • Donate to Member
Re: ComboFix=GREAT rootkit cleaner. (Kaspersky failed me big time).
« Reply #3 on: August 31, 2010, 02:59:04 PM »
Quote
I did a full computer scan with Kaspersky IS 2010, and it caught a bunch of stuff

Quote
Then I used malwarebytes anti-malware program to clean, and that found some stuff also

Maybe you should focus on not exposing your "workhorse" to so much "stuff".
Actually, the point of an AV program is to protect my computer in case I encounter such things.  As careful as I am, I do a lot of computing and things in general on the net, so I would have to disagree with that.  What if i wasn't a big time computer supergeek?  Does that mean I have to be afraid of everything I do?  No.  That's why we pay for the AV programs.  If it's just a matter of being cautious, why do we run AV programs which slow our computers down?

superboyac

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 6,070
  • Is your software in my list?
    • View Profile
    • Donate to Member
Re: ComboFix=GREAT rootkit cleaner. (Kaspersky failed me big time).
« Reply #4 on: August 31, 2010, 03:00:21 PM »
These antivirus programs need to go through a makeover.  Less bloat, and focus on minimizing the performance impact and accuracy/effectiveness.

Well said.  And an absolute absence of false positives  >:(
Yeah, really.  I bet a lot of the things it found were false positives, but I can't be sure.  At the very least, it should catch the things that are malware.  I've never had this happen with kaspersky before.  I've always had peace of mind with it, but now I've lost a little of the trust, and I don't like that.

wraith808

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 8,405
  • "In my dreams, I always do it right."
    • View Profile
    • Donate to Member
Re: ComboFix=GREAT rootkit cleaner. (Kaspersky failed me big time).
« Reply #5 on: August 31, 2010, 03:15:36 PM »
Quote
I did a full computer scan with Kaspersky IS 2010, and it caught a bunch of stuff

Quote
Then I used malwarebytes anti-malware program to clean, and that found some stuff also

Maybe you should focus on not exposing your "workhorse" to so much "stuff".
Actually, the point of an AV program is to protect my computer in case I encounter such things.  As careful as I am, I do a lot of computing and things in general on the net, so I would have to disagree with that.  What if i wasn't a big time computer supergeek?  Does that mean I have to be afraid of everything I do?  No.  That's why we pay for the AV programs.  If it's just a matter of being cautious, why do we run AV programs which slow our computers down?

Agreed.  I use my computer that I develop on for pretty much everything, so I don't have the luxury of not exposing it to 'stuff'.  I don't go to questionable places, but even reputable places can have problems, thus antivirus.  If you can't depend on them, then they are just giving you a false sense of security.  The fact that he's not had a problem for years depending on kaspersky says that it's most likely not a user issue...

Curt

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 7,089
    • View Profile
    • Donate to Member
Re: ComboFix=GREAT rootkit cleaner. (Kaspersky failed me big time).
« Reply #6 on: August 31, 2010, 03:52:22 PM »
...  I've never had this happen with kaspersky before.  ...

have you checked if you've made the same mistake that I once made, after teaching my security suite, forgetting to also take it out of 'learning-mode' again?

superboyac

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 6,070
  • Is your software in my list?
    • View Profile
    • Donate to Member
Re: ComboFix=GREAT rootkit cleaner. (Kaspersky failed me big time).
« Reply #7 on: August 31, 2010, 05:37:54 PM »
...  I've never had this happen with kaspersky before.  ...

have you checked if you've made the same mistake that I once made, after teaching my security suite, forgetting to also take it out of 'learning-mode' again?
What learning mode?  I wasn't even aware of one in kaspersky.

cyberdiva

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 982
    • View Profile
    • Donate to Member
Re: ComboFix=GREAT rootkit cleaner. (Kaspersky failed me big time).
« Reply #8 on: August 31, 2010, 09:50:17 PM »
What learning mode?  I wasn't even aware of one in kaspersky.
I've always associated "learning mode" with firewalls, probably because my firewall has one and my AV does not.  Since Curt is using a security suite, perhaps it's the firewall part of the suite that he accidentally left in learning mode.

SKA

  • Charter Member
  • Joined in 2006
  • ***
  • default avatar
  • Posts: 223
    • View Profile
    • Donate to Member
Re: ComboFix=GREAT rootkit cleaner. (Kaspersky failed me big time).
« Reply #9 on: September 01, 2010, 01:48:35 AM »
superboyac

Seems older Kaspersky versions(2010 and earlier) not so good, so you better need to use version KIS 2011(even this version needs Maintenance patch due shortly) or another product.

What Combofix fixes are only certain difficult "rats" - you should not think it can replace a regular antivirus/internet security product.  Combofix is only recommended by experts after they have eliminated other reasons , its not something you should rely on exclusively - its improper use can really break your system.  As its updated almost daily, so each time you need it its best to get a fresh /latest version from bleepingcomputer site.

Most AVs have to deal with greater sophistry of current malwares esp on Windows.  Protecting your system via Defensewall or similar HIPS and LUA/SRP , and/or suitable firewall can save you a lot of grief , but it will slow down your PC - one needs to live with this fact on Windows.

Recent lnk & dll search order flaws in Windows are further evidence that one needs to review one's protection on the net very carefully.

SKA

superboyac

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 6,070
  • Is your software in my list?
    • View Profile
    • Donate to Member
Re: ComboFix=GREAT rootkit cleaner. (Kaspersky failed me big time).
« Reply #10 on: September 01, 2010, 08:52:02 AM »
SKA, thanks.  I didn't even know 2011 was out.  How come the software update doesn't notify you of new versions?  That's weird also.

And I never meant to replace kaspersky with combofix.  i don't even think combofix can run on windows with other things running.  That wasn't the point.  The point was that Kaspersky let the rootkit in and should have caught it for such a well respected AV program. 

SKA

  • Charter Member
  • Joined in 2006
  • ***
  • default avatar
  • Posts: 223
    • View Profile
    • Donate to Member
Re: ComboFix=GREAT rootkit cleaner. (Kaspersky failed me big time).
« Reply #11 on: September 02, 2010, 12:15:13 AM »
You are right -KIS2010 misses stuff that Combofix & MBAM (or SAS) specialist apps may catch.

Another option to consider : use a "cloud" product like HitmanPro with your choice of AV :
from wilderssecurity: http://www.wildersse...wthread.php?t=236732

SKA

sajman99

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 664
    • View Profile
    • Donate to Member
Re: ComboFix=GREAT rootkit cleaner. (Kaspersky failed me big time).
« Reply #12 on: September 02, 2010, 02:01:26 PM »
+1 for Hitman Pro. It seems the developer is committed to developing a quality anti-malware which belongs on a short list with MBAM and SAS.

edit: Hitman Pro site is here:  http://www.surfright.nl/en
« Last Edit: September 02, 2010, 02:06:58 PM by sajman99 »

tranglos

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,079
    • View Profile
    • Donate to Member
Re: ComboFix=GREAT rootkit cleaner. (Kaspersky failed me big time).
« Reply #13 on: September 02, 2010, 02:09:59 PM »
Is there a way to prevent Hitman Pro from scanning at startup, does anyone know? The option can be disabled, but it gets re-enabled when I start the app again. It doesn't seem to save the configuration anywhere. Since it's on Win7, and the downloadable file is not an installer, but the direct executable program, I put it outside of Program Files, but it won't obey the changes in configuration. Or could it be that it is a paid feature?

Krishean

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 75
  • I like pie
    • View Profile
    • Draconis Labs
    • Donate to Member
Re: ComboFix=GREAT rootkit cleaner. (Kaspersky failed me big time).
« Reply #14 on: September 02, 2010, 06:33:16 PM »
As SKA said, ComboFix is a dangerous program that should only be used when all other options have been exhausted. Improper use can hose your system completely. It does do its job tho I have to say, I've used it several times and it usually fixes the problem.

On the subject of antiviruses, I personally don't run one on my main computer [see note 1], I have them installed on a bunch of my secondary computers, and I install one as part of maintenance on other people's computers, but my main computer is optimized for performance. I know what it should behave like, and any behavior out of the ordinary will be dealt with. Unknown processes will be investigated, I have sandbox and virtualization software installed so I can test programs before installing them. (A windows xp virtual machine with an antivirus installed is a nice thing to have) I also have software/tools installed for disassembling/analyzing computer programs so I can see what they are going to do before running them at all. I always have process explorer running 24/7 to keep an eye on whats running. It dosen't matter if you only visit trusted sites or not, advertisers have bluntly stated they are not responsible for their clients' content meaning visiting a trusted site can get you infected just as easily as a questionable site. Firefox is locked down with noscript and adblock, and firebug and a bunch of other extensions for website analysis. Its been more than 6 years since I (unintentionally) got a virus on my computer. I have run viruses in virtual machines to analyze their behavior and learn how to remove them manually - sometimes because (lol) the antivirus dosen't work on them. Also a lot of the time the antivirus will not remove all traces of a virus, registry keys and non-infectious data files may be left behind.

Its nice to be able to boot up in 30s flat.

Another thing about antiviruses, they are only as effective as their latest definitions, they are powerless againt a virus that does not match any of the definitions. There was an article a few months ago (similar ones linked below) stating that modern antiviruses are fighting a losing battle, and their "definitions" approach is rapidly failing. Creating definitions that match billions of viruses, with little or no false positives is an impossible task. That said, its more important than ever to know how to manually remove a virus. Another recent newsworthy event was mcafee making a false positive on windows xp sp3's svchost.exe, which caused quite a commotion.

Signature-based antivirus is dead: Get over it
RSA: New threats could make traditional antivirus tools ineffective
Eighty percent of new malware defeats antivirus

note 1: I'll say this right away (sort of), if you want to badmouth me about not running an antivirus read the rest of the post and don't bother. I'm confident in my ability to identify problems and fix them on my own without the aid of an antivirus and nothing you say will change that. I know what a computer should behave like, and no virus is without side effects. Even the most stealthy rootkit is going to cause some kind of activity that will get my attention. I say this because every time I say that I don't use an antivirus, some bigmouth has to take a shot at me.
Any sufficiently advanced technology is indistinguishable from magic.

- Arthur C. Clarke

Carol Haynes

  • Waffles for England (patent pending)
  • Global Moderator
  • Joined in 2005
  • *****
  • Posts: 7,986
    • View Profile
    • Dales Computer Services
    • Donate to Member
Re: ComboFix=GREAT rootkit cleaner. (Kaspersky failed me big time).
« Reply #15 on: September 02, 2010, 07:36:30 PM »
The lesson to learn is that no solution is 100% accurate and it is impossible to make it so.

If you think you can trust any security suite or app to give 100% protection you are deluding yourself. The only 100% solution is to not connect to the internet and never use removable media (and even then it isn't 100% because as we all know there has been a history of some companies sending out preinfected computers!).

The only solution is common sense ---> don't download 'stuff' without knowing what you are getting first ... this applies to webpages as well as active downloads!

In the last few months I have been cleaning numerous infected computers - all were running 'good' suites which were up to date (where the update still worked!) - MacAfee, Norton, Kaspersky, Avast, AVG, Avira, Panda .... the list goes on (and where free versions are available they don't seem to be any worse than the paid versions at this). Every single person I dealt with was completely unaware of how their computer got infected.

My 2p comments are:

  • if in doubt don't download it
  • if you must download things get them from reputable sources where they have been virus checked before you download
  • if you are reasonably happy at least run the installer through www.virustotal.com before installing it
  • use a sandbox or VM (preferably one with easy snapshot restore) to test application before installing them for real
  • don't use Internet Explorer or if you must don't install ActiveX addons or BHOs (toolbars etc)
  • with other browsers use only well known and thoroughly tested addons and download from safe sources
  • if your browser starts popping up windows unexpectedly don't click on any buttons in the windows and don't try to close them - just kill the browser in TaskManager (often the close button is used as a way of installing the thing you are trying to avoid). Immediately do a full system scan with a range of tools.
  • keep incremental or differential image backups of your system and at the first hint of trouble roll back to a good state
« Last Edit: September 02, 2010, 07:38:19 PM by Carol Haynes »

superboyac

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 6,070
  • Is your software in my list?
    • View Profile
    • Donate to Member
Re: ComboFix=GREAT rootkit cleaner. (Kaspersky failed me big time).
« Reply #16 on: September 02, 2010, 10:01:02 PM »
Krishean, I've often thought of doing it your way: no antivirus.  But I'm afraid to.  I'm very comfortable with computers myself and can probably do anything with a Windows computer that doesn't involve actual programming.  However, I also like having the peace of mind of just being able to turn my brain off and just do stuff without worrying about it.  That's why I have an AV installed.  However, I am sort of questioning if I really need it.  I absolutely don't like the performance hit that AV's cause on the machine.  I love how freaking fast my computer is without Kaspersky running.  It's blazing.

I've always though of doing it, but I'm too scared.  I'm actually going through a phase where I don't want to be such a computer supergeek anymore.  I don't want to constantly be fiddling around with my computer.  Even though I like it and I'm good at it...there are other things I'm trying to do now as an adult and I'm just a little burnt out with all the computer stuff.

I forgot who, but someone here did a Kaspersky mini-review, and he turned off a lot of the components he thought were unnecessary.  I wonder if I would be any worse off if I turned off my AV entirely and just ran a scan at night after I sleep or go to work.  Would that be any worse than constantly monitoring all the time?  I don't know.  Thoughts?

Krishean

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 75
  • I like pie
    • View Profile
    • Draconis Labs
    • Donate to Member
Re: ComboFix=GREAT rootkit cleaner. (Kaspersky failed me big time).
« Reply #17 on: September 02, 2010, 11:01:00 PM »
Unless you are confident you have the skills and usage habits to avoid or manually remove any threat that comes your way, I wouldn't recommend going commando. I have a background of years in computer programming, ranging from (my favorite) javascript all the way down to assembly code. I've manually removed hundreds of viruses/malware from friends' and clients' computers. I have so much computer experience, I do a lot of things that would probably horrify other computer users, but since I know what I'm doing, I don't give it a second thought.

So, unless you could say the same you probably should keep the antivirus on duty.

edit: If you are looking for a antivirus that is light on system resources i've had pretty good luck with Microsoft Security Essentials. Its free, and as far as i've seen does its job just as well, if not better than the big subscription-based antiviruses that will slow your computer to a crawl (looking at you norton, mcafee).
Any sufficiently advanced technology is indistinguishable from magic.

- Arthur C. Clarke
« Last Edit: September 02, 2010, 11:12:11 PM by Krishean »

mrainey

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 436
    • View Profile
    • Website
    • Donate to Member
Re: ComboFix=GREAT rootkit cleaner. (Kaspersky failed me big time).
« Reply #18 on: September 03, 2010, 06:37:24 AM »
I'm going to continue to rely on an AV program, a bit of caution, and weekly backup images.  I'm reasonably capable with computers, but nowhere near as smart as some of the bad guys are.
Software For Metalworking
http://closetolerancesoftware.com

Bamse

  • Supporting Member
  • Joined in 2009
  • **
  • Posts: 410
    • View Profile
    • Donate to Member
Re: ComboFix=GREAT rootkit cleaner. (Kaspersky failed me big time).
« Reply #19 on: September 03, 2010, 07:31:18 AM »
Turn brain off, scared, Kaspersky/Malwarebytes found a bunch of stuff. Something is not right :) Unless you can roll back to where problem started, can and have analyzed incident you should not dump AV just yet. Was it Limewire?, porn?, warez?, usb stick? not updated flash getting tricked by your clicks? You forgot to log in as std. user? You must know how to get infected and your own usage in details to be sure there is no need for AV.

But you can get close. Increase passive protection like using a dns-service which blocks malware sites effectively. So forget about Opendns. Then use some browser add-on which effectively blocks more of the same. Let browser itself be unless you want to get rid of ads. Can claim that is a security threat as well. Some are, scams at least. Now to AV. Install Avast 5 but do a custom install. Untick everything but File and Network shield. File shield because that is Avast! and network shield because it also block malware domains :) Behavior shield is still under development, might be worth considering if on 32bit OS. Rest is fluff. Do a full scan, reboot, fire up task manager and keep eye on cpu time, i/o read/write. There is practically none and you have not even tweaked settings.

Last week I tried beta of MSE 2.0, feels way better than 1.0 - caching is magic, now also in MSE. More setttings to fiddle with, can be tuned for speed. So you can go all Microsoft if not in mood for Avast or other free offers with risk of ads, toolbars, changing policies. I only trust Avast in this regard. Still too high cpu usage for my taste but since MSE 1.0 is popular I guess 2.0 will be worshiped.

All this you can test in VM. Go to a site listing latest and greatest malware links. How easy is it to get infected, even with brain turned off? Not impossible but much is blocked with little to no overhead or requirements. If you can also manage to keep all important stuff updated I would like to know details of how normal internet activity can go wrong - with you being on top of Windows things in general I bet very unlikely. Not through "downloads" at least. Does not include warez of course.

I think this is the best you can do if not in the mood for auto-quarantine, auto "safe-runs", auto sandboxing and what other gadgets AV-makers come up with. See feature list from Norton, Kaspersky etc. Typically only available in full paid packages. They are aware signature security is only half the story, has always been the case. ClamWin has cloud testing today! Not a weakness but opportunity to suggest you need more "layers" ;)

If your real problem is more the "feeling" of being attacked you should still do this but then also learn about removal. Like you should know why Kasperskys TDSSKiller is so popular, or Hitman Pro, Combofix. Tons of tools. Also you can without much trouble have several bootable cds ready. Throw them all on a usb stick, multi-boot. There are programs for this, well I only know one but I think there are more. Find a "bootable" oriented site. If preparing for cyber attack make you feel better then prepare. Worst than can happen is you get a more realistic relationship to "security" problems. Get rid of the "scared" part perhaps. When scared you listen to security gossip which is not the same as useful consumer information.

tranglos, last I tried Hitman Pro I could add "/quiet" to entry in task scheduler so popup window went away. Was not reset during program update. So if you change schedule to once per year I guess that should equal no bootup scanning. Test. I did not think much of Hitman Pro to begin with but it seems to improve and improve. You know "Force Breach" or hold-down-left-CTRL-button trick? Brilliant.
« Last Edit: September 03, 2010, 07:41:34 AM by Bamse »

Bamse

  • Supporting Member
  • Joined in 2009
  • **
  • Posts: 410
    • View Profile
    • Donate to Member
Re: ComboFix=GREAT rootkit cleaner. (Kaspersky failed me big time).
« Reply #20 on: September 03, 2010, 07:53:02 AM »
Forgot that using paid "solution" could mean you will not use FREE stuff? If so it can be hard to avoid getting drowned in features. I still say Avast (Internet Suite), has not so much to annoy you with but build in sandbox is cool. But you could check something special and weird like Prevx http://www.prevx.com/products.asp Very much focused on attacks from internet side, through browser. I read Prevx normal file scanner is mainly there to calm down those who live in the past and feel better seeing a bar move against 100% :)

They have a free version targeting browser only, "Safeonline" http://www.prevx.com...r=4367&pn=routes Can add that to Avast+blocking ideas.
« Last Edit: September 03, 2010, 08:21:43 AM by Bamse »

Eóin

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,401
    • View Profile
    • Donate to Member
Re: ComboFix=GREAT rootkit cleaner. (Kaspersky failed me big time).
« Reply #21 on: September 03, 2010, 10:52:11 AM »
Nice to see a mention of ClamWin. I'd been using it for a while, seemed nice alright. But I felt it was slowing down my PC after boot up so I uninstalled it a few months ago. Just ran Malwarebytes' Anti-Malware and got a clean result, kinda promising considering I've been running without any AV for approx. 6 months.

app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,666
    • View Profile
    • App's Apps
    • Read more about this member.
    • Donate to Member
Re: ComboFix=GREAT rootkit cleaner. (Kaspersky failed me big time).
« Reply #22 on: September 03, 2010, 11:00:19 AM »
However, I also like having the peace of mind of just being able to turn my brain off and just do stuff without worrying about it. 


If you have XP or Vista, install Windows SteadyState, configure it correctly (read the FAQ and handbook), then turn off brain and do stupid things. Don't forget to reboot when you are finished brainlessly trashing your system.  ;)

From what I understand, if you have Win7, it's supposed to be already built into the OS, but I am not sure what they are calling it.

Bamse

  • Supporting Member
  • Joined in 2009
  • **
  • Posts: 410
    • View Profile
    • Donate to Member
Re: ComboFix=GREAT rootkit cleaner. (Kaspersky failed me big time).
« Reply #23 on: September 03, 2010, 11:06:57 AM »
Damn, I confused ClamWin for ClamAV. ClamAV has cloud scanning from Immunet http://www.clamav.ne...lang/en/about/win32/ ClamWin is still on-demand only. Must be evil "right-click menu integration" if it slow down computer. Security software can be a pain so who knows.


Eóin

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,401
    • View Profile
    • Donate to Member
Re: ComboFix=GREAT rootkit cleaner. (Kaspersky failed me big time).
« Reply #24 on: September 03, 2010, 11:12:08 AM »
App, Windows 7 has PC Safeguard, but to be honest it's not nearly as good as SteadyState. Superboyac has mentioned elsewhere he runs XP, so yeah SteadyState is an excellent suggestion. So is Sandboxie of course :)

[edit] Bamse, I was refeering to the cloud version too, I just didn't double check the name either :-[