NoVirusThanks наскоро пуснаха комерсиална Anti-Rootkit програма.Сега виждам, че вече имат и безплатна версия, която не е много по-разлина.

http://www.novirusthanks.org/products/novirusthanks-anti-rootkit/

novirusthanks:

We should release in the next week the new version 1.2 that will have a lot of new features, I made a small video preview of NVTArk that detects and remove the new Black Energy 1.2+ Rootkit:

Detection and Removal of Black Energy 2.1+ Rootkit

-http://www.youtube.com/watch?v=RiIztE0IqsA?fs=1&hl=en_GB&rel=0-

Detection and Removal of Rustock Rootkit

-http://www.youtube.com/watch?v=f73edHo6_30?fs=1&hl=en_GB&rel=0-

http://www.wilderssecurity.com/showthread.php?p=1786431#post1786431

Редактирано 21 ноември 201015 г. от clonnning (преглед на промените)

NoVirusThanks наскоро пуснаха комерсиална Anti-Rootkit програма.Сега виждам, че вече имат и безплатна версия, която не е много по-разлина.

http://www.novirusthanks.org/products/novirusthanks-anti-rootkit/

novirusthanks:

http://www.wilderssecurity.com/showthread.php?p=1786431#post1786431

Ха гледам са използвали моето *.exe (DATEA08.exe) за Black energy-то.

Иначе имат симпатични инструменти...само не ми харесва, че скриптовия им инструмент изисква инсталиране за да работи.

И на клипа се вижда изтриването на драйвера, но дали това важи и за услугата в CurrentControlSet трябва да се провери.

И по принцип този рууткит дропва два файла...един с рандом букви (който се засича от инструмента им) и един str.sys който е с големина 0 kb, който също е добре да се изтрие. Хммм.

И според разликите излгежда безплатната версия не може да спира процеси и да трие файлове...

RogueKiller

Домашна страница

Comodo Cloud Scanner:

Comodo Cloud Scanner is the lightning fast online service that detects viruses, junk files, registry errors and hidden processes that may be lurking on your computer.

Домашна страница и сваляне:

http://www.comodo.com/home/internet-security/cloud-scanner.php

Редактирано 28 ноември 201015 г. от Wankata (преглед на промените)

Comodo Cloud Scanner:

Това доколкото си спомням само намираше, но не чистеше, защото искаше връзка с техния онлайн съпорт център или греша ?

Това доколкото си спомням само намираше, но не чистеше, защото искаше връзка с техния онлайн съпорт център или греша?

Хм, май не грешиш:

Comodo offers you the best solution:

* Our experts will solve it. Our experts will solve all the detected problems on your computer without you doing a thing. You will have personalized help for your specific problems. LivePCSupport is like having your very own tech support expert at your disposal 24/7.

Test the service free for 30 days by clicking the 'Help me clean my PC' button at the end of a scan. There's no registration procedure, no forms to fill out or any other obligation on your behalf - just click 'Try it Free' and you'll connect to a technician right away.

Ясно, което означава, че с тази си политика мисля да го пропусна след като има тонове и НАИСТНА безплатни CLOUD базирани скенери. Жалко, че така са го формулирали, но явно техническия им съпорт стои без работа...и трябва да си заслужат заплатата по някакъв начин.

 RUBotted

RUBotted monitors your computer for potential infection and suspicious activities associated with bots. Bots are malicious files that enable cybercriminals to secretly take control of your computer. Upon discovering a potential infection, RUBotted will identify and clean them with HouseCall.

What's New?

Improved detection

Enhanced cleaning capabilities

Accessible status and log reports

Compatible with other antivirus products

Interfaces with Trend Micro Smart Protection Network

It is capable of detecting known and unknown variants of known botnet families including some of the most notorious botnets today:

ZBOT/ZeuS – bank information stealer

KOOBFACE – most successful Web 2.0 botnet

WALEDAC – infamous spamming bot

http://free.antivirus.com/rubotted/

RectorDecryptor 2.1.1.0 !

A useful tool for eliminating Trojan-Ransom.Win32.Rector

RectorDecryptor is a dedicate tool that was designed in order to help you decrypt the information coded by the Trojan-Ransom.Win32.Rector.

Cybercriminals use Trojan-Ransom.Win32.Rector for disrupting normal performance of computers and for unauthorized modification of data making it unusable. Once the data has been “taken hostage” (blocked), its owner (user) receives a ransom demand. The victim is supposed to deliver the ransom in exchange for pirate's promise to send a utility that would restore the data or repair the PC.

http://www.softpedia.com/get/Antivirus/RectorDecryptor.shtml

Тулчето е на Касперски !

Редактирано 22 януари 201115 г. от Гост (преглед на промените)

W32.Virut Removal Tool !

http://www.symantec.com/security_response/writeup.jsp?docid=2009-022016-4444-99

Win32.Virut - Removal Tool!

http://free.avg.com/us-en/win32-virut

Kaspersky VirutKiller 1.0.6.0

http://www.softpedia.com/get/Antivirus/VirutKiller.shtml

Поствам ги тук защото тези тулчета ми бяха полезни при чистенето на Virut ...

Дано са полезни и на някой друг

На мен ми свършиха работа ...

Редактирано 23 декември 201015 г. от Гост (преглед на промените)

ESET Conficker Remover - http://download.eset.com/special/EConfickerRemover.exe

ESET Olmarik(TDSS) Remover - http://download.eset.com/special/EOlmarikRemover.exe

ESET Mebroot Remover - http://download.eset.com/special/EMebRemover.exe

ESET OlmarikTDL4 Remover - http://download.eset.com/special/EOlmarikTdl4Cleaner.exe

Norton PC Checkup 2.0.8.13

Домашна страница

Norton PC Checkup is a hassle-free diagnostic tool that will check your PC in order to identify performance, security and system-related problems. Over 200 elements of your PC are scanned each time, giving you a complete and customized report on your PC's overall health.

Helps keep your PC running trouble-free.

Norton PC Checkup is a FREE downloadable tool that automatically scans your computer for potential problems each week. It gives you a personalized in-depth report of your computer’s health and potential security risks to help you find and eliminate problems, improve security, and keep your computer running like new.

FREE PC Checkup will:

* Examine over 200 computer attributes to uncover security threats and weaknesses

* Uncover risks to your files and identity and provides easy access to solutions

* Give you tips for improving your computer’s performance

Fast, Easy and Fits Your Schedule:

* Fast and easy-to-use: Auto scan takes only 10 minutes a week

* Provides in-depth security and performance analysis that less sophisticated tools can’t match

* It’s FREE! (Similar services can cost up to $200.)

Data Sheet: http://us.norton.com/nortonlive/pdf/NortonData_PCCU3.pdf

Сваляне | BG Mirror | Portable

G Data CloudSecurity

G Data CloudSecurity Free realtime protection from malware and phishing attacks.

G Data CloudSecurity is a new, free-of-charge plugin for the popular browsers Internet Explorer and Mozilla Firefox.

It effectively blocks access to known malware distribution and phishing websites - in realtime. The plugin can be used alongside any other installed security suite and is ready for action after installing; no additional configuring required. A simple way to more security on the web by G Data, the award winning manufacturer of security software.

Free plugin for Internet Explorer and Mozilla Firefox

* Compatible with all other security products

* Prevents access to malware and phishing websites

* Install once – no updates required

* PC performance remains unaffected

* Deal supplement for free AV programs

Повече информация и сваляне:

- на английски;

- на немски.

Редактирано 3 март 201115 г. от Wankata (преглед на промените)

Avira Standalone Malware Scanner – De-Cleaner

http://techblog.avir...-de-cleaner/en/

We released a new standalone malware scanner, for the initiative of the German eco association with support of the BSI called Anti-Botnet Beratungszentrum– a project to fight back against bot infections. With the Avira De-Cleaner it is possible to analyze a PC for malware infection without any installation – no registry keys or drivers get installed; just the files needed for an on-demand scan are downloaded. This has a small drawback though: Deeply scanning for rootkits is only possible with an Avira product already installed on the computer as the drivers will then be used from the installation.

With the Avira De-Cleaner it is possible to analyze a PC for malware infection without any installation – no registry keys or drivers get installed; just the files needed for an on-demand scan are downloaded. This has a small drawback though: Deeply scanning for rootkits is only possible with an Avira product already installed on the computer as the drivers will then be used from the installation.

Also the user interface is German only, for now. It also has a feature to copy the files to a USB stick! This is useful if you wish to analyze a computer without network connection, for example. We like this tool very much as it is very handy to check and clean computers very easily and fast without installations for and from malware infections.

Редактирано 3 март 201115 г. от Coccinelle (преглед на промените)

7 страници с инструменти за премахване на специфични заплахи от южнокорейската гордост АнхлаБ http://global.ahnlab.com/en/site/download/removal/removalList.do Бележки от компанията: -преди използване на даденият инструмент, изключете антивируса си -инструментите не подлежат на обичайно ъпдейтване.

Редактирано 4 март 201115 г. от metodidamianov (преглед на промените)

StormShield Personal Edition http://www.skyrecon.com/en/StormShield-Personal-Edition

aswMBR 0.9

aswMBR is the rootkit scanner that scans for TDL4/3 and MBRoot (Sinowal) rootkits.

NoVirusThanks Malware Remover v3

Промени:

v3.0.0.0

+ Recoded most parts of the program
+ Optimized loading of database
+ Less memory usage during system scan
+ New detection engine: Extraterrestrial Scan -> Basic (Pro version)
+ New detection engine: Extraterrestrial Scan -> Advanced (Pro version)
+ Heuristic scan (Pro version)
+ Automatically update signature database (Pro version)
+ Perform a system scan when Windows starts (Pro version)
+ Optimized scan of registry entries
+ Save scan reports in custom location
+ Optimized removal of detected threats
+ Terminate spoolsv.exe before begin removal procedures
+ Use aggressive removal (remove persistent malware)
+ Force unload modules (remove persistent modules)
+ Optimized backup of files, folders and registry
+ Reset hosts file
+ Optimized Paranoid scan
+ Scan system hijacks
+ Scan browser hijacks
+ Flash scan (2 minutes system scan)
+ Start with Windows
+ Close web browsers before begin scan
+ Close web browsers before begin removal procedures
+ Tray icon support
+ Alert when threats are detected (when in tray icon)
+ Right click -> View in regedit
+ Right click -> Export as HTML
+ Right click -> Export as CSV
+ Right click -> Research on Google
+ Right click -> Copy to clipboard
+ Menu with Microsoft Utilities for fast open
+ Optimized updating of database
+ Scan cookies traces (Pro version)
+ Scan flash player objects (Pro version)
+ Scan java cache files (Pro version)
+ Scan temporary internet files (Pro version)
+ Scan current user temp files (Pro version)
+ Scan Windows temp files (Pro version)
+ Scan IE history (Pro version)
+ Terminate rundll32.exe before begin removal procedures
+ Fixed scan problems in Windows 7 x64
+ Fixed other small bugs in Windows 7 OS
+ Optimized detection of rogue software
+ Smart detection of zbot and spyeye trojans (Pro version)
+ Fixed bugs when scanning memory in particular situations
+ Minor generic bug fixes and optimizations

Обаче и той и The Cleaner 2012 проспаха няколко файла от темата за подпомагането...

Кой от кого е копирал сега се пита в задачата ,MBAM ли имитират или MBAM от NMR,че и по-тромаво сканира

Това МБАМ не го засича,пращам ти файла на ЛС.90% FP

VT:Result: 0/ 42 (0.0%)

F-Secure BlackLight Rootkit Elimination Technology

Price:Free

Trend Micro CWShredder-Trend Micro CWShredder is the premier tool to find and remove traces of CoolWebSearch the name for a wide range of insidious browser hijackers from your PC.

Download: цък

Trend Micro RootkitBuster-Trend Micro RootkitBuster scans for hidden files, registry entries, processes, services, drivers, kernel code patches, ports, operating system service hooks, and Master Boot Record (MBR) rootkits. Clean or remove hidden files, registry entries, and services. The latest version features an even more sensitive detection system.

Download: цък

Trend Micro Sysclean-Trend Micro Sysclean is a stand-alone fix package that incorporates the Trend Micro VSAPI Malware and Spyware scanning engines as well as the Trend Micro Damage Cleanup Engine and Template. It will terminate all detected malware instances in system memory, removes malware registry entries, removes malware entries from system files and scans for and deletes all detected malware copies in all local drives.

Download: цък

Trend Micro RUBotted-Trend Micro RUBotted monitors your computer for potential infection and suspicious activities associated with bots. Bots are malicious files that enable cybercriminals to secretly take control of your computer. Upon discovering a potential infection, RUBotted will identify and clean them with HouseCall.

Download: цък

BitDefender USB Immunizer

За повече информация на официалната страница: тук

Нова версия на TDSSKIller 2.5.0.0

Да се надяваме, че вече заобикаля новите варианти на TDL3 (volsnap.sys) и TDL4.

Нова версия и на ASWMBR 0.9.5.247 - изключително ефективен срещу най-новите TDL4 варианти. Все пак да не се използва от неспециалисти, защото MBR е деликатна област. (особено ако се поправя OEM MBR).

Trend Micro Fake Antivirus (FakeAV) Removal Tool 1.0.1016 BETA !

http://majorgeeks.com/Trend_Micro_Fake_Antivirus_FakeAV_Removal_Tool_d6984.html

Ashampoo® Virus Quickscan Free

https://www.ashampoo.com/en/usd/pin/0349/Security_Software/Ashampoo-Virus-Quickscan

XueTr v0.40

XueTr is a free anti-virus&rootkit utility.It offers you the ability to detect, analyze and fix various kernel structure modifications and gives you a wide scope of the kernel.With its help,you can easily spot and remove malwares hidden from normal software.

XueTr currently supports the following Windows 32-bit versions:

Windows 2000 SP4

Windows XP (no SP,SP1, SP2, SP3)

Windows Server 2003 (no SP,SP1,SP2,R2)

Windows Vista (no SP,SP1,SP2)

Windows Server 2008 (no SP,SP1)

Windows 7

http://www.xuetr.com/

Нова версия на TDSSKIller 2.5.5.0

Дано са го засилили малко, че имах две теми (една с TDL3 - volsnap.sys) и една с (TDL3 - update.sys) = и двете неуспешни с инструмента !!! (при версия 2.5.3.0 и 2.5.4.0)...

Едит: вече се справя с volsnap.sys (поне варианта от моята тема в почистващия раздел), за update.sys не мога да доложа, защото:

*го почистих ръчно

*Минков повече не е писал в темата...