Toolkit

Anti-Malware Removal: On-Demand – You need to run these manually to detect and remove malware

Malwarebytes Anti-Malware – Download Malwarebytes® Protect, Detect & Remove Malware From Your PC
Hitman Pro - Hitman Pro is an AWESOME on-demand malware removal tool that can run along side your current antivirus without any conflicts. HMP comes with a FREE 30 day fully functional trial, scans your PC in about 5-10 minutes, detects and removes a wide range of malware and is only $19.95 if you’d like to purchase it.
HMP is currently one of my favorite tools due to the fact that you can hold down the left ctrl button and terminate those fake antivirus apps from running in real-time and then perform a scan/removal.

SuperAntiSpyware – Free version.

ComboFix – Amazing little app for removal. Can detect lot’s of malware (including rootkits) and remove them. OS corruption can happen, although it’s pretty rare and usually nothing that a system restore can’t resolve.

TDSS Killer - removes TDSS rootkits and attempts to restore uninfected drivers. It’s not perfect. Sometimes it’ll remove the rootkit and it’s not possible to restore the un-infected driver. In that case you’ll want to use something like an UBCD4win to replace the deleted driver.

GMER Anti-Rootkit – It’s another rootkit scanner that I run as a second opinion after TDSS killer.

Rkill – Terminates malware processes (most rogue/fake applications) so that you can manually delete the malware or run an on-demand scanner.

Anti-Malware Prevention and Removal: Real-Time – These are allows updating, scanning and protecting your computer without you lifting a finger. Some are free and some are not.

Malwarebytes Pro – all the power of the Malwarebytes free scanner with always on protection. One of the best ways to spend $24.95.
Comodo Internet Security

Anti-Malware Boot Disks - Malware is completely unprotected and at your mercy

Dr Web’s CureIT Live CD – Great for detection and disinfection

Kaspersky Rescue Disk – Great for detection and disinfection

UBCD4WIN – Fully customizable bootable environment. You can load and scan with as many anti-malware applications as you want to.

Sardu Boot Disk – I haven’t used this yet, but I assume it’s another type of UBCD4WIN

Michael.B (Queensland, Australia)

Malwarebytes
Dial-A-Fix
Windows MiniPE (Boot from a CD or Flash Drive)
HiJackThis
C. C.

Saw your YouTube Video on Comodo Firewall, To make your next installation a little easier if you will look in Program Data under Comodo Downloads you will find the app installation file. You want have to download it every time you want to install. Tip I don’t use Comodo AV but if you will run the firewall in proactive mode and you will get the best protection.
Cantrell Computer Services

How do you guys feel about Threatfire as a second level of protection?
C C

Have tried Threatfire as layered protection and didn’t really like the results. I prefer running Immunet or Immunet/Clam AV as second level. Both are Cloud AV’s and made by the same vendor. Very small application and light on resources.
I use ESET NOD 32 as my primary AV and Immunet has caught everything that has slipped by NOD 32.
http://www.immunet.com/protect
http://www.clamav.net/lang/en/
- malwarekilla
  
  Clam-Av…lol…open source was never so bad.
C. C/

Oh well! It works for me and has a fair detection rate and my computer hasn’t been infected. Check it with Malwarebytes and SAS daily. I would rather trust ESET and Clam/AV than AVG, Avast, Avira, Microsoft AV which is junk.or other freebies. .
http://informatorultau.blogspot.com marsse

You should know that Avira and Microsoft Security Esentials are the best antiviruses. In addition to this, any supplimentary protection (like a firewall) will work with those two without any problems. I am waiting for the second part of the Comodo Internet Security review. Good luck, Matt!
C C

Hi Matt
Have tried those products and don’t care for them. Hitman Pro 3.5 has even removed Avira from it’s application.
I think you will be pleased with the results from the Comodo v4 review. Proactive mode is best way to run that firewall.
You can see the results from the latests firewall comparative at.
http://www.matousec.com/projects/proactive-security-challenge/results.php

C C
Mario

Hi Matt
I was wondering if you could help me understand why I’m not able to install Kaspersky Internet Security 2010. I was able to download it from the website. When it comes to the point where the ‘ File Progress’ windows opens, the installation is interrupted 5 times and ends with a message that says ‘ rolling back action’ . When that finishes I get a window that says ‘ Installation interrupted ended prematurely because of an error’.
I have uninstalled Mcaffee which was the previous anti-virus and also used CCleanner and Power Tools Lite. My computer has got a lot faster but it is still unable to install Kaspersky. I have 6 GB of free memory.

Do you know how this can be fixed ?
Appreciate your help.
C C

Mario
You can send an email at askus@remove-malware.com
Hope that is the correct address.

C C
Mario

Thanks for the tip. I have sent the email today.
Jerry Diecidue

Mario,
From your comments, it does ntot sound like you downloaded and ran the Mcafee uninstall tool which is needed in orfder to install a different AV program, especially KIS 2010 (is VERY sensitive to other AV programs.

The easiest thing to do is google “mcafee uninstall (or removal) tool and go into the result that brings you to the mcafee support site.

Download the tool and run the uninstall tool which will remove some hidden files that regular windows based uninstall programs always leave behind.

Let me know how that works.. By they way, I run KIS 2010 and am pretty happy with it..
Bryan

I found a good combination for me to be Microsoft Security Essentials, Threatfire, and Immumet. All seem together see to run pretty good. I have done some antivirus tests myself and nothing has slipped past all three. I also run malwarebytes a couple of times a week. bryan
C C

Sounds like a good setup Bryan. I’ve had to change things here on my PC also. ESET NOD 32 was not detecting Malware (URL Testing) and was having to many false positives. I changed to Panda Cloud AV (Free) after running a 15 URL (Malware Domain List) test on it,.
Results
10 Trojans detected
4 Adware detected
1 Trojan (Load.exe) missed and was very easily removed will Malwarebytes.
Changed firewalls also. I have run Comodo for the last three years but since the new release v4, it is still to buggy and I switched to Online Armor 4.0 Premium.

C C
Mario

Jerry
I ran the mcafee uninstall but it didn’t help. The problem does persist. I have written to kaspersky.ie.cs@digitalriver.com. I hope they respond.
Thanks for trying to help.
C C

Mario
You might try going to Computer/Local Disk C/Program Files/ and look and delete the files that your previous Kaspersky installations.Don’t know what OS your running but if it Vista otr Windows & you can check in Program Data file and delete those Kaspersky installation files also.. To get to Program data folder you will have do this first if your running Vista or Win 7. Control Panel/Appearance & Personalization/Folder Options/Show Hidden Files/under hidden files and folders select the option to show hidden files.and folders. Then go back to where you found the Programs Folder and the Program Data folder will be next one under Programs Folder. Open it and delete the Kaspersky Folder and files and try your installation again. If this doesn’t work go to the Kaspersky website at http://www.kaspersky.com.and go to the support page and fill out the online support form.

C C.
Morgan

i use to clean computer are Malwarebytes anti-malware, Superantispyware, combofix on xp and vista, Gmer for 32bit and Avira antivir Personal Free version and for live Cd Kaspersky Rescue CD and windows installation disc if the malware corrupt windows and use the product key on the computer of the person i using and reply back any that i should not use OK
Henk

Hi Matt,
Can you please tell me which remote software you’re using in helping out your customers. I found TeamViewer but I’m not sure about it.

From Greece, Crete…thanks

Henk
Gary S

I use Teamviewer. It works great. I just wish there was a Linux version also.
C C

Does anyone know anything about Mamutu Behavioural Blocker?
Mario

Hey guys:

Just to let you know that while running the Kaspersky antivirus tool kit just in case that was the cause of the ‘rolling back action’ I found a Symantec file that had not been deleted previously with the respective tool. After this, my son was able to finally install the Kaspersky Internet Security 2010. What a relief!

Thanks for all the help. Case closed.

Mario
Christos

I have KIS2010 and thats all.
jjbula

I use MSE with Threatfire and PrevX.

I’d like to use Panda Cloud instead of PrevX but I don’t think it’s compatible with MSE. I’m a still uncomfortable going with a cloud based AV as the core AV on my system.

I like AVs that scan all downloaded files and help keep you away from known bad websites. I don’t think Avira does that. Avira seems to have trouble with infected computers but is known to defend a clean system fairly well.
C. C.

Avira using dirty redirection tactics to redirect people looking for Avast to the Avira website.
http://www.avast.eu

Malware removal tools downloads at GeeksToGo.com
Malwarebytes, Combofix, Vundofix, SUPERAntiSpyware and more.
http://www.geekstogo.com/forum/Anti-malware-Tools-downloads-cat6.html
C. C.

Comodo Internet Security v4 not Bullet Proof according to Moderator at Comodo Forums

Allows possible malicious files to drop through sandbox and install on PC.

https://forums.comodo.com/virusmalware-removal-assistance/problem-with-cis-t54628.0.html

C. C.
T. Teller

Hi Matt
You said Returnil was made by Comodo during your recent Shadow Defender Review. Think you better look again,
http://www.returnilvirtualsystem.com/
Contact Information
Finland – Sales and Online Operations
Fredrikinkatu 45 A
00100, Helsinki, Finland
Phone: +358 442056919
email: finland@returnil.com
USA – Administration
email: usa@returnil.com
China – Sales and Engineering
1306 Room
Huijie Plaza
Xuanwu District, Nanjing city, China
Phone: +86-25-83196308
Fax: +86-25-83196309
email: china@returnil.com
Russia – Engineering
Office 328C, Building 3
15 Kondratyevskiy Prospekt
St.Petersburg, 195197, Russia
Phone/Fax: +7 812 4585601
email: russia@returnil.com
- malwarekilla
  
  @Teller – yeah, I mis-spoke. I had comodo time machine on the brain at that time.
C. C.

Outpost 7 Public Beta Testing Is Underway

http://www.agnitum.com/lp/outpost-7-beta.php
C. C.

ZoneAlarm Pro Promotion – One day only-April 13th
License valid for 1 year (4/13/10 to 4/14/11).
License valid for 3 PCs, new customers only, 1 per customer

http://promotions.zonealarm.com/security/en-us/cdn/pt/index.htm

IDENTITY GUARD® Basic ProtectionSM in also available for free for one year but must enter personal info and give credit card info..$4.95 charge per month after first 12 months if you decide to keep IDENTITY GUARD®.
BOB MONTGOMERY

JUST PURCHASED NOD 32 SMART SUITE , SO NOW WHAT SHOULD I ADD ON, THEY SUGGEST MALWARE BYTES IN TANDEM W/ NOD , IS IMMUNET PREFERRED OR WHAT COMBO

SEEMS A2 BIT DEFENDER AND MAMUTU ARE GOOD CHOICES
WHAT SHOULD I DO , NOD 32 W/ MALWARE BYTES , IMMUNET
OR PANDA / ONLINE ARMOR
C. C.

I would add Malwarebytes Free or Purchased .and SuperAntiSpyware. If you purchased Eset Smart Security it already has the firewall and Online Armor and other firewalls want be needed. NOD32 is the Stand alone AV and you will need a firewall with that app unless you are happy with Windows Firewall There is another program called Prevx that you can run with Eset as a secondary line of defense. I would get the free version it will scan and let you know if malware is on your PC. The paid version will also block and remove. .
C C

Hi Matt
Found a Japanese AV in Beta online and it uses 4 scanning engines. 3 anti virus F-Prot, Bit-defender and Norman. Has a very large signature update after installation. It’s been checked and everyone says it’s not malware.
Free Download
http://www.coranti.com/
C C

Malwarebytes Anti-Malware Version 1,46 Released Today.(4/29/10)
C C

If your a Comodo user you need to read this post by one of Comodo’s very own Malware Researcher or as of now, former Malware Researcher. The truth about these products is finally coming out..

http://forums.comodo.com/general-discussion-off-topic-anything-and-everything/the-reason-for-leaving-experience-t55867.0.html
John V

Re: http://remove-malware.com/toolkit/

Avira using dirty redirection tactics to redirect people looking for Avast to the Avira website.
http://www.avast.eu
C. C. March 31, 2010 at 2:37 pm

avast.eu might not be set up by Avira. See:
http://www.mywot.com/en/scorecard/avast.eu
Warning! This site has a poor reputation.
– “Phishing or other scams”
– “Ethical issues”
NormanSecuritySuite!!

Are you actually going to update this part Matt? xx
http://www.runescape.com spj18

hey matt i watched the panda av test vid the av kinda sucked ermm idk a good av tbh if u need help search malwareup.selfip in google and join teh site my mate owns it he tests dos viruses and stuff might help u out hope to see you then
Ben

Hello,
My computer got infected on July 2, 2010. I followed ur videos on youtube and swep my computer of the viruses. But now, i don’t have any internect connection and it wont connect cause it can’t find the IP Address? Does anyone know how to fix this problem??
Jerry Diecidue

Ben,
Some malware will change or add a proxy to your internet settings which will block internet access… Matt has instructions on how to fix this. I will copy and paste here…
Once you remove the rogue the proxy settings stay in place and that means you can’t get to the internet. Fixing this is really easy.

Open Internet Explorer
Click Tools
Internet Options
Connections
Click Lan Settings
Uncheck the first proxy server setting
Click OK twice.
You should be able to get on the internet with any browser now.

This was taken from here… http://remove-malware.com/antimalware/anti-malware-howto/cant-access-the-internet-after-removing-a-rogue/

Hope this helps
James

I personally like MBAM Paid instead of the free version, just for it’s IP blocking. Norton 360 does the dirty work with SONAR and the firewall on agressive, including heuristics.

I am not really a believer in cloud AV, as despite it’s light load on the box, the constant internet connection means you’re helpless if you’re infected badly.
Ben

Jerry, bro, your awesome!! Thanks alot bro!
A48GOBLEN

what do you think about drive sentry an also what is you opinion on sd-fix
faq

how to download viruses for testing some antiviruses
Bobby V.

Chello, Matt. Saw yya post about Panda cloud on youtube, problem is audio is low, so I had to turn vol. up! Like what what you say about Avira version 9 which is what i use, and have for more than 5 yrs. Took look at Avira ver. 10. Not too please on some of the changes that was made. For instead, an extra window to close at the end of a scan. Unless that can be configure to where it will be as it is in ver. 9, not mention ver. 8. It remind me of older version, when I start using Avira personal free. I as of yet to find out if it can be reconfigure or not. Otherwish, it is one of the best freeware antivirus, I have use since the day’s a dos, when I was using Norton.

BV
Matt

Panda cloud full version is incorporated into the panda antivirus pro which protects you even if the license expires because it still uses cloud and has all the other gismos. Full protection with no updates but clouod support and free-best combo.
kev

once they implement DACS into Comodo’s antivirus it will be the best av bar none because will be able to scan unknow files with all av engines eventually and i’m sure they’ll make it to where it will scans both unknown files running both in and out of memory and theres nothing the other av’s can do about it that i know of
kev

once comodo gets DACS and they make it scan all unknown files in and out of memory with DACS then comodo will have the best av engine because it will use all av engines. it’s like having virus total scan your whole computer. you can read about DACS and killswitch based on processhacker on comodo forums. those 2 things are in comodo’s new project called comodo cleaning essentials (cce). it will be bootable. so you can say bye bye to having to make a ubcd4win all the time and having to have a xp disc to make it. this will be ubcd4win on steroids because you download it once (no install required) run it, update it, scane it and done. you just killed all malware. and i think it’s coming with repairs built in kinda like SAS so you fix setting malware changed while it was on the system. comod will save the world.
athithan

after avira’s license expires is it just going to stop working or like avast can i get a another license? thanks
Alan B.

Sardu is more like a combination of different, bootable Anti-Malware boot discs. However, you can put different things such as different linux distros, and different utilites such as Ophcrack.
Bry

@malwarekilla That’s a simple well-rounded list so far.
UnHackMe (http://greatis.com/unhackme/) should definately get added to the list. It’s perfect for removing those nasty driver rootkits on boot.
NOTE: if you don’t know your drivers be very careful!
http://www.youtube.com/user/godanddevilsucks?feature=mhee Trying2singopera

do you recommend Comodo Internet Security 2012?…..I have heard too many bad things about it……please comment
- ampeg187
  
  I use it and it’s great. D+ and Firewall alerts can be annoying sometimes and if you don’t know how to answer just click on block or sandbox depends on alert. And don’t listen to those “ladies” that complains about Comodo. It’s amazing program to use. That’s my opinion.
Mark H

Hi Matt,
Why don’t you have Hitman Pro in your toolkit?
Mark H

Matt, where is Hitman Pro? Can you please answer!
Mark H

Does anyone know why Matt hasn’t included Hitman Pro?
- mrizos
  
  I had a few bad experiences with it early on. It claimed it could remove bootkits/rootkits without the need of a bootable removal disc. BS. It left a couple of the boxes I was using it on unbootable.
  
  If they wanna send me a full license to eval it then I’m willing to retest it.
Pingback: Remove Malware News for the Week of 8/20/2012 - Remove-Malware.com
http://www.facebook.com/justin.nicholls.71 Justin Nicholls

hi MATT COMODO HAS A NEW BETA AND KINGSOFT HAS A NEW 2012 FREE ANTIVIRUS AND AVIRA HAS THE NEW 2013 FREE ANTIVIRUS WOULD YOU PLEASE DO A REVIEW ON THESE THANKS MATT !!! :)
Sagar Sehwag

You Should Also Add Emsisoft Emergency Kit & Comodo Cleaning Essential & Eset Online Scanner.
Mark H

Hi Matt,

What are your thought’s about Roguekiller by Tigzy? I find it better than Rkill, because it’s more thorough.
Mark H

Hi Matt,
I was wondering if you still use Superantispyware!
- http://remove-malware.com malwarekilla
  
  Yes. I use it to find the adware that malwarebytes seems to skip for some reason. It’s still a great scanner imo.
  - Mark H
    
    What about Roguekiller, do you rate it?
    - http://remove-malware.com malwarekilla
      
      I don’t. Never used it. I’m using Hitman Pro for rogue (hold down left control and then double click hitman pro…takes a few times). I will take a look at RogueKiller though.
      - Mark H
        
        Thanks for the feedback Matt!
Ken Fann

Hi Matt,

Nice list of tools.

Have you seen Lunarsoft’s similarly named Anti-Malware Toolkit. It can be found at http://wiki.lunarsoft.net/wiki/Anti-Malware_Toolkit
This free “Anti-Malware Toolkit” has an interface that lets you select and download multiple anti-malware programs at once.

It does not install any of these programs. It just lets you download multiple installers at once, and save them to a common location. I don’t have any affiliation with them. Just wanted to share this tool.

Currently at v1.13.326, it can download the following :

Applications
SpywareBlaster
CCleaner
Malwarebytes
SUPERAntiSpyware
HijackThis

Definitions
MalwareBytes
SUPERAntiSpyware
Avast
Avira AntiVir

Other Programs
Firefox
Opera
Thunderbird
Avast
MS Security Essentials
Avira AntiVir
Outpost Security Suite Free
MyDefrag
Auslogics Disk Defrag
Page Defrag

Utilities
Dial-a-fix
Autoruns
Process Explorer
RootkitRevealer
StartupLite
UnknownDevices

Anti-Virus Uninstallers
Avast uninstall utility
AVG remover
Avira RegistryCleaner
Bitdefender Uninstall
Kaspersky 9 Removal
Windows OneCare Removal

Enjoy

Navigation

Toolkit

Search for it…

Do You Like Me?

Top Posts & Pages

Recent Posts

For Questions or Comments:

Navigation

Toolkit

Share this:

Search for it…

Do You Like Me?

Top Posts & Pages

Recent Posts

For Questions or Comments: