New: Help keep this site independent with few ads by buying a Gizmo Cap or T-shirt or by Donating
Hot: Get  free personalized security suggestions from Gizmo's Security Wizard
Help: Know your freeware? Then suggest a hot product or become a reviewer or moderator for Gizmos

 

Best Free Trojan Scanner/Trojan Remover

 
In a Hurry?
  Go straight to the Quick Selection Guide
Introduction

Malware, trojans and threats

Most PCs are now connected to the Internet and networks, making easier the spread of malicious software (malware), which includes trojans (also known as trojan horses), viruses, worms, spyware, adware, rootkits and other malicious or unwanted programs.

Like spyware and adware, trojans can get onto your computer in a number of ways, including from a web browser, via e-mail, or in a bundle with other software downloaded from the Internet.  You may also inadvertently transfer malware via a USB flash drive or other portable media.  It is possible that you could be forced to reformat your USB flash drive or other portable device in order to eliminate the infection and avoid transferring it to other machines.  (You don't want to be the one who infected your network at work because you were bringing in some music to listen to.)

Unlike viruses or worms, trojans do not replicate themselves but they can be just as destructive. On the surface, trojans appear benign and harmless, but once the infected code is run, trojans kick in and perform malicious functions to harm the computer system without the user's knowledge.

For example, waterfalls.scr is a waterfall screen saver as originally claimed by the author, but it can be associated with malware and become a trojan to unload hidden programs and allow unauthorized access to the user's PC.

Some typical examples of threats by trojans are as follows:

  • Erase, overwrite or corrupt data on a computer
  • Help to spread other malware such as viruses (by a dropper trojan)
  • Deactivate or interfere with anti-virus and firewall programs
  • Allow remote access to your computer (by a remote access trojan)
  • Upload and download files without your knowledge
  • Gather e-mail addresses and use them for spam
  • Log keystrokes to steal information such as passwords and credit card numbers
  • Copy fake links to false websites, display porno sites, play sounds/videos, display images
  • Slow down, restart or shut down your computer
  • Re-install themselves after being disabled
  • Disable the task manager
  • Disable the control panel

To minimise the threats, most PC users will need an effective anti-malware program to remove trojans along with other malware.

Anti-malware and anti-trojan programs

As more computer security developers are extending their product capabilities to address more than one type of malware, the boundary between different types of anti-malware programs is no longer clear cut and has become blurred.

For example, an anti-virus program such as AVG Anti-Virus covers not only viruses, but offers protection against spyware, adware and others. An anti-spyware program such as SuperAntiSpyware not only detects spyware, but removes trojans, rootkits and other threats. Likewise an anti-trojan program can offer to remove viruses, spyware and other types of malware.

More appropriately, these security products are to be classified as anti-malware programs rather than to be grouped by the name of the products.

In this respect, anti-malware products which are designed to detect and remove trojans more effectively than the others will be reviewed in this category.

How many anti-malware programs need to install?

Do you still need an anti-virus program plus an anti-spyware program and an anti-trojan scanner?
 
"For the majority of average users the answer is no. A single competent broad spectrum anti-malware product is enough."
 
"Of course, not everyone is an average user. Users who engage in high risk activities, like sourcing their software from P2P services, should load up their PC with all the protection they can get. Similarly, there are users for whom the best possible protection is paramount, regardless of cost or performance implications. Finally, users of freeware scanners who cannot afford [or unwilling to pay for] a premium product may be well advised to use more than one signature-based scanner."
 
-- excerpted from Gizmo Richards' Support Alert Newsletter Issue 156 April 2008.

Disclaimer

Despite their ratings in this review, some anti-malware programs in certain cases are able to detect more malware than the others depending on their designs, online databases and the infections on computers.

Discussion

Emsisoft Anti-MalwareEmsisoft Anti-Malware (previously known as a-squared Free) is a good choice to scan and remove malware, especially trojans, from your PC. It removes reliably the trojans containing backdoors, keyloggers, dialers and other destructive pests which make it dangerous to surf the web.

Other than trojans, it also can be used to recognize and remove spyware, adware, tracking cookies, worms, viruses, and rootkits from your PC.

Designed for ease of use, this program combines Emsisoft Anti-Malware  and the Ikarus Anti-Virus engine in the latest version to cut down on unnecessary double detection routines for one and the same malware.

Features such as quarantine, online updates and heuristic scan for unknown malware are included.

From the Emsisoft website, "When downloading, you'll get the full version including all protection features for 30+3 days for free. Afterwards the unpaid software switches to a limited freeware scanner mode that allows you to scan and clean your PC whenever you want, but does not include the protection features against new infections".

In other words, the free version does not provide other features such as file guard, behavior blocker and surf protection.

 

ThreatFireIf you prefer background guard, PC Tools ThreatFire is an excellent option. It provides proactive defense against both known and unknown threats by trojans as well as viruses, worms, spyware, rootkits and other malware.

ThreatFire provides real-time behavior-based malware protection against new or unknown threats without scanning, but running constantly in the background, light on system resources.

ThreatFire automatically quarantines known and unknown threats detected for your protection. After quarantining, you can choose to permanently delete the threats from your system.

The program interface shows you a world map of prevalent threats, either trojans, worms, viruses, or other malware. Further, ThreatFire provides ThreatExpert Reports on the latest 200 findings of threats, more often with more than 30% of them related to trojans.

ThreatFire comes with a feature which allows you to help identify new threats and provide feedback to its Secure Community while you receive automatic updates from them. If you opt out of the Community, automatic updates will not be supported.

 

Malwarebytes' Anti-MalwareMalwarebytes' Anti-Malware is another alternative which can be used to scan and remove trojans, along with other malware such as viruses, worms, rootkits, dialers and spyware.

MalwareNET, which is Malwarebytes' online database, revealed that nearly 20% of the total objects detected by Anti-Malware were related to trojans.

Other features of this program include multiple-drive scanning, quick scanning, ignore list, quarantine to hold threats and restore them, context menu integration to scan files on demand, extra utilities to help remove malware manually, and settings to enhance performance of the program. It works together with other anti-malware utilities as well.  This program has been proven to work very well in removing trojans from an infected system.

However, real-time protection and scheduler are only available in the full paid version.

 

SUPERAntiSpywareSUPERAntiSpyware is worth a try as well. In addition to its focus on detecting and removing spyware infections, this program deals with trojans and other types of threats such as dialers, keyloggers, worms, rootkits, etc.

It supports a quick scan, complete system scan or custom scan with trust items and exclude folders. It also provides an option to check for latest definition updates before scanning to protect you from the threats. On its Threat Research, some typical threats by about 100 trojans are listed here, while the same by about 150 spyware items and other malware items are listed as well.

Among other features, it includes Hi-Jack Protection to prevent other application, except for Task Manager, from terminating the program.

On the down side, the free version of this program does not support real-time blocking, scheduled scanning and some other features.

Other Related Products
These are a number of other free trojan scanners and removers which were brought up in comments here or noted from other sources. As they are not rated in this review, I am listing them here with brief descriptions and links to their sites for ease of reference.
 
  • Rising PC Doctor comes with a scanner for trojans and spyware, and an option to enable automatic protection such as Trojan Interceptor, Trojan Download Blocker along with some other protections. Other tools such as start up control, process manager, service manager, file shredder, etc., are also included.
  •  
  • SDFix is a free trojan removal program written by AndyManchesta to remove trojans along with other malware such as worms, rootkits and others. It requires rebooting the system into safe mode to run the program.
  •  
  • FreeFixer scans your system and can remove trojans and other malware but the user has to be able to interpret the results. Extra care must be taken as deletion of crucial files could damage your system. However, there is a FreeFixer user forum to help you with the scan results and the software is regularly updated.
     
Have Your Say

You are invited to share and discuss your views in our freeware forum.  To post in the forum you need to register first but that's quick and immediate. Alternatively, anyone can leave a comment at the bottom of this page.

NB We would be most grateful if you can keep your comments short and concise.

 

Please help us by rating this review

Related Links
Quick Selection Guide

Emsisoft Anti-Malware   Rating 8 of 10  Gizmo's Top Pick

Pros   Scan and remove especially trojans and other malware such as worms, viruses, spyware, trackers, dialers, etc. Easy to use, quarantine and updates are available.
Cons   File guard, auto updates, scheduled scans, etc., are not included in the free version.
Developer Home Page   http://www.emsisoft.com/en/software/free/
Download link   http://download.cnet.com/Emsisoft-Anti-Malware/3000-2239_4-10292236.html?part=dl-6251182&subj=dl&tag=button
File Size     86 MB   Version 5.0.0.68   License Type Private Freeware (not free for commercial use)   Installation Requirements  XP to Windows 7 (32-bit and 64-bit)

PC Tools ThreatFire    Rating 7 of 10

Pros   Proactive defense against both known and unknown threats by trojans as well as viruses, worms, spyware, rootkits and other malware.
Cons   Automatic updates not provided if opted out of ThreatFire's Secure Community.
Developer Home Page   http://www.threatfire.com/
Download link   http://www.threatfire.com/download/
File Size  

8.59 MB   Version 4.7.0  License Type Private Freeware (not free for commercial use)   Installation Requirements Windows 2003 to Windows 7 (32-bit and 64-bit)

NB Version 4.1 is compatible with Windows 2000 SP4

Malwarebytes' Anti-Malware    Rating 6 of 10

Pros   Scan and remove trojans along with other malware. Features include multiple drive and quick scans, database updates, ignore list and quarantine to hold threats, etc.
Cons   Real-time protection and scheduler are only available in the full paid version.
Developer Home Page   http://www.malwarebytes.org/mbam.php
Download link   http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button
File Size   5.87 MB   Version 1.46  License Type Restricted Freeware (full commercial version available)   Installation Requirements Windows 2000 to Windows 7 (32-bit and 64-bit)

SUPERAntiSpyware    Rating 6 of 10

Pros   Scan and remove trojans along with spyware and other malware. Other features include quick, complete, or custom scans with definition updates, Hi-Jack protection, etc.
Cons   Real-time blocking and scheduled scanning not supported in the free version.
Developer Home Page   http://www.superantispyware.com/index.html
Download link   http://www.superantispyware.com/superantispywarefreevspro.html
File Size  

8 MB   Version 4.42.1000   License Type Private Freeware (not free for commercial use)   Installation Requirements Windows 2000 to Windows 7

NB Version 4.24 is compatable with Windows 98, 98SE, and ME

Portable version available   Portable version available
Tags

anti-malware, anti-trojan, anti-virus, anti-spyware, adware, remover, scanner, freeware, free trojan scanner, free trojan remover

Share/Save
4.01087
Average: 4 (92 votes)
Your rating: None

Comments

by Uncle Bill (not verified) on Wed, 08/11/2010 - 23:12  (#55817)

If I want to install Emsisoft, do I have to first uninstall my present AV program...ie "Windowa Live One Care'?

by torresmagnifico on Thu, 08/12/2010 - 13:58  (#55863)

Windows Live OneCare is not freeware and therefore, it is a security product I know little about. It stopped being sold online as of October 15th, 2009.

Installing two different anti-malware products that both offer real time protection will only result in conflicts on your system ie a less secure PC.

However, running one with real time protection and another security software as an on demand scanner poses no such problems.

WLOC has been superseded by MSE and is free:

http://www.techsupportalert.com/best-free-anti-virus-software.htm

by rudyg (not verified) on Thu, 08/12/2010 - 05:24  (#55839)

Honestly, you should have uninstalled Windows Live OneCare back on 30 June 2009. But Emsisoft will work with any other AV, its only on demand.

by Brett (not verified) on Mon, 07/26/2010 - 21:18  (#54958)

Since A Squared is included in Hitman Pro is it redundant to run a seperate Emsisoft product or scanner? The new "Emergency Kit" seems to be garnering very good reviews...but is the (A Squared component in) Hitman Pro scanner just as effective at detecting malware? Thanks

by torresmagnifico on Wed, 07/28/2010 - 13:22  (#55040)

The a-squared scanner in Hitman Pro is part of the same software that is also available in Emsisoft's Emergency Kit.

Hitman Pro has 4 other in the cloud anti-malware scanners which increases the chances of detection. However, after 30 days it will not remove any malware found but can still be used for detection purposes.

EEK is portable and has no such removal restrictions and also, has HiJackFree for manual removal of malware. It also, has BlitzBlank which can run at boot time prior to Windows loading.

by mikecorbeil on Wed, 07/28/2010 - 19:39  (#55051)

Thanks for that information torresmagnifico.

If I understand you correctly, then both HiJackFree and BlitzBlank are needed to replace the need for Hitman Pro.

by torresmagnifico on Thu, 07/29/2010 - 15:52  (#55127)

"...If I understand you correctly, then both HiJackFree and BlitzBlank are needed to replace the need for Hitman Pro."

Imagine that both EEK and Hitman Pro are two separate toolboxes; in each of the toolboxes there are different sets of tools for doing different jobs. None of the tools can replicate exactly what another tool can do.

Therefore, they are unique and can not be compared to each other.

HiJackFree and BlitzBlank do NOT replace the need for Hitman Pro they are just part of EEK's (to continue the above analogy) toolbox.

It is a simple case of horses for courses.

by Jon the Panda (not verified) on Mon, 07/26/2010 - 01:19  (#54930)

My computer want to thank you for introducing me SUPERAntiSpyware. It healed it to normal state. :)

The AVG AntiVirus is useless though.

by Stasou on Tue, 07/20/2010 - 16:30  (#54593)

Is it wise to keep asquared free 4.5 or should i ditch it for emsisoft antimalware? Also, i would like to ask if the emsisoft antimalware maintains the ability of heuristic scan after the 30+3 days.

by torresmagnifico on Thu, 07/22/2010 - 12:54  (#54734)

Stasou, I concur completely with Anupam, as quoted from the Emsisoft website:
"...does not include the protection features against new infections".

I hope this clarifies things for you.

by RooneyBetter (not verified) on Tue, 07/27/2010 - 18:48  (#55006)

Thanks for the tip. RooneyBetter

by Anupam on Tue, 07/20/2010 - 17:43  (#54596)

I was also confused about this. I got to know that A-Squared is now known as Emsisoft Anti-malware. So, yes, you should start using Emsisoft Antimalware now, since that's the latest. I am not sure about this, but I think the heuristic ability won't be available after 30+3 days, because its a realtime protection. Only the scanning and removal capabilities will be enabled.

by Chiron on Fri, 07/16/2010 - 05:23  (#54356)

Does anyone know how to remove the nag screen for Emsisoft Anti-Malware?

It's very annoying. After the trial period has expired each time you open it there is a nag screen asking if you want to purchase the full product. It's be great if I could disable it. It also seems to slow down the loading of the program.

Thanks.

by torresmagnifico on Sat, 07/17/2010 - 11:29  (#54412)

Hi Chiron,

The nag screen can probably be disabled by a registry hack but I have no knowledge of the exact procedure.

Have you considered downloading Emsisoft Emergency Kit?

http://www.emsisoft.com/en/software/eek/

I currently have it installed on a USB stick and will shortly be reviewing the product.

Regards,

Torresmagnifico

by MidnightCowboy on Mon, 06/28/2010 - 21:26  (#53401)

In the end, we decided to award eight of the ten licenses donated by Immunet for our "how to stay safe online" competition winners here:

http://www.techsupportalert.com/freeware-forum/security/4430-win-license...

The remaining two plus three more will be given away to the first five members to send me what I think are the funniest one sentence reasons why they should get one! Humorous personal abuse is acceptable so long as it's only directed at me :D

Entries by PM only please. Keep them clean as we need to publish the results!

by Anonymous on Sat, 06/26/2010 - 19:49  (#53197)

a2 free is gone

by Anonymous on Mon, 06/28/2010 - 08:13  (#53347)

Not exactly...
Take a look here:

http://download.cnet.com/A-squared-Free/3000-8022_4-10262215.html?part=dl-6251182&subj=dl&tag=button

by MidnightCowboy on Sat, 06/26/2010 - 20:37  (#53205)

Tweaked a bit and re-named as Emsisoft Anti-Malware

"When downloading, you'll get the full version including all protection features for 30+3 days for free. Afterwards the unpaid software switches to a limited freeware scanner mode that allows you to scan and clean your PC whenever you want, but does not include the protection features against new infections"

http://www.emsisoft.com/en/software/antimalware/

by Marcus (not verified) on Fri, 07/02/2010 - 21:42  (#53651)

So in other words it is sayimg no real time protection just as in the prior version of A Squared free correct? Also must we uninstall the previous version first? And is Revo ok to use or do we need an uninstaller from Emsisoft?

by MidnightCowboy on Fri, 07/02/2010 - 23:13  (#53660)

Yes on all three counts including Revo. Still suffers a bit from false positives but that's the price you pay for high detection. Just involves a bit more work to check out what it finds but overall an excellent product.

by Donnel (not verified) on Sat, 07/03/2010 - 20:08  (#53699)

MC The Emsisoft website is very confusing with the various free products available for malware scanning under their Freeware Tools section! What are the differences and which will be most effective for simple scanning? Finally since Emsi/Ikarus is in Hitman Pro is it even necessary to use a seperate Emsisoft product? Thanks

by MidnightCowboy on Sat, 07/03/2010 - 23:53  (#53708)

I think that with all the recent developments, this is all about vendors jockeying for position and market share. Another reason why Emsisoft have just bought out Online Armor. With the whole world seemingly moving towards suites their existing software mix desperately needed a firewall.

I use the word developments in it's true sense without inferring that the results are necessarily better than what went before :D If counting features was important then we'd be swapping out programs on a weekly basis. To be honest, the freeware version of Emsisoft Antimalware still requires a whopping download and then some after that for the updates. If you have the time and bandwidth for it then fine, but it's not in my current arsenal.

by Donnell (not verified) on Sun, 07/04/2010 - 02:56  (#53713)

So in summation, would Hitman Pro, having A Squared and Ikarus be just as effective as a scanner?

by MidnightCowboy on Sun, 07/04/2010 - 09:11  (#53724)

It's not as simple as this to give a quick answer.

HitmanPro is "tuned" towards scanning certain file types only.

"The Behavioural Scan in Hitman Pro is specialized in analyzing executable files, so called Portable Executables (PE). These are usually EXE, DLL and SYS files".

This means that you could have an active .vbs worm which it misses, although if you uploaded this to VirusTotal, the same scanners used by HitmanPro would likely pick it up.

On the other hand, HitmanPro is also designed to apply certain "characteristics" to what it scans for as detailed here.

http://www.surfright.nl/en/hitmanpro/behaviouralscan#behaviouralscan

In the real world you could use a dozen of these things and still miss something. IMO for most of us HitmanPro and Malwarebytes are more than adequate for secondary scanners. The focus should really be on safe surfing practices and other preventative measures, rather than hunting for stuff after it's already arrived.

by HeWhoRocks on Sun, 07/04/2010 - 11:44  (#53730)

I just downloaded and ran Hitman Pro v.3.5.6 after reading this post. Hitman immediately flagged TrueCrypt.exe as a trojan and quarantined it, but when i uploaded it to Virus Total it was declared clean. Can anybody confirm either way? Thanks :)

by MidnightCowboy on Sun, 07/04/2010 - 19:35  (#53751)

TrueCrypt is safe enough providing you downloaded it from a reliable source. This will be a FP generated by HitmanPro's behavioural scanner no doubt simply because of the nature of the program. I remember that Avast! also used to flag this as a trojan at one point.

by HeWhoRocks on Sun, 07/04/2010 - 22:02  (#53758)

I got it from lupopensuite.com. None of the other portables i got from there were flagged up . Thanks MC.

by Anupam on Sat, 07/03/2010 - 20:33  (#53701)

Emsisoft A-Squared has been renamed to Emsisoft Anti-malware. Its a very useful product because of its high detection rate. Hitman Pro might be useful in detecting threats, but Emsisoft Anti-malware cleans them too. Its just that it does not provide real-time protection.

by Anonymous on Sat, 06/26/2010 - 02:30  (#53158)

I just tried to use Emsisoft Anti-malware 5.0 (referred to in the above article as A-squared Free) for the first time and it straight away identified some critical Windows files as Trojans!

I've had a problem for a while now with something on my PC hijacking my web browser but scanning with Malwarebytes and Superantispyware has picked up nothing. Neither has McAffee. So I downloaded and installed Emsisoft Anti-malware, updated the malware definitions and then ran the Smart Scan scanning option. The scan picked up some Cookies which it identified as Low threat, a "Trace" item which it identified as Medium threat and then 2 "Trojans" which it marked as High threat. I selected the option to quarantine everything. A prompt told me I needed to restart to complete the removal so I allowed it to. And now Windows cannot boot up! I get the blue screen of death with a message along the lines of "Stop: C0000135 (unable to locate component). This application has failed to start because user32.dll was not found."

Don't know what I'm going to do now! I definitely would not recommend this product to anyone (like me) who isn't savvy enough to know when the Malware programme is displaying a false positive. And you'd think that as it relates to a standard Windows file this problem is common enough for it to have been resolved by now (e.g added to a known safe list.)? Not happy! :(

by torresmagnifico on Sat, 06/26/2010 - 14:36  (#53180)

This is sadly the curse of the false +ve, any action taken regarding quarantining files has to be done in an informed way. If in doubt, leave it out would be my maxim.

by MidnightCowboy on Sat, 06/26/2010 - 08:02  (#53170)

False positives are a phenomenon common to all malware scanners although some have a lesser rate than others. It is repeated many times in the articles and comments here that you should never remove anything without back checking it first. One choice for doing this is Virus Total.

http://www.virustotal.com/

by Anonymous on Fri, 06/25/2010 - 18:17  (#53124)

I'm surprised the latest version, Dr.Web CureIt 6.0, is not on the list. It is getting rave reviews as being very effective.

by Anonymous on Sat, 06/26/2010 - 20:15  (#53202)

Rave reviews from where? Can you provide sources?

by Anonymous on Fri, 06/25/2010 - 09:39  (#53089)

Does anyone have a cure for Win32\Rustock trojan, its running in system operating memory and after removing memory and many restarts its still there, nod , malware bytes etc doesn't remove it

by MidnightCowboy on Fri, 06/18/2010 - 10:09  (#52389)

Win a License for Immunet Protect Plus!

Followers of Immunet Protect cloud based antivirus will be aware that the 2.0 version has just been released.

www.immunet.com/free/index.html

I have to say that I’ve been quite impressed with how Alfred Huger and the rest of his team have conducted this exercise. Their dedication and commitment to customer generated improvements is a sure fire lesson some other vendors would do well to copy. The net result is an effective antimalware solution which will continue to improve as development moves forward. A bonus is that the program will run alongside many of the traditional solutions. The official and unofficially supported programs are listed here:

http://support.immunet.com/tiki-read_article.php?articleId=4

In recognition of the feedback received from TSA members, Immunet have graciously made available 10 free licenses for the “Plus” version of Immunet Protect. In order to give everyone a fair shot at these we’ve decided to run a competition. All you need do to enter is to write a short piece about the steps you take to stay safe online, including the *programs you use and why you think these are the best solutions.

*Any entries containing references to commercial products will be disqualified.

Entries should be submitted to myself by using the “Contact Info” button which is accessible by clicking my user name (MidnightCowboy) in the forum.

If you are not already registered for the site please use the "register" button at the top of the forum page.

The ten winners will each receive a free license for the “Plus” version of Immunet Protect and their entries will be published in a special “Security” section forum thread.

Closing date for receipt of entries is Monday 28th June, 2010.

The judges decision will be final and no correspondence will be entered into concerning entries.

by Chiron on Sat, 06/12/2010 - 20:29  (#51997)

If I'm not wrong A-Squared has been replaced by Emisoft Ant-Malware:
http://www.emsisoft.com/en/software/antimalware/

I don't know much about it yet, but does anyone know if the free version has the same capabilities as a-squared had?

by torresmagnifico on Tue, 06/15/2010 - 22:13  (#52198)

I should point out that you can still obtain A-squared Free from the download link under the Quick Selection Guide.

Torresmagnifico

by Anonymous on Wed, 06/23/2010 - 12:30  (#52847)

At what link?

Unless I am missing something, the A-Squared heading itself links to Threatfire (?), and the links underneath A-Squared all end up at EmsiSoft.

Regards,

James

by torresmagnifico on Wed, 06/23/2010 - 13:25  (#52855)

Hi James,

The reason the A-squared link (under A-squared in the Quick Selection Guide)
links to Emsisoft is because it is a Emsisoft product.

Many thanks for pointing out that the A-squared heading links to Threatfire; this has now been corrected.

Kind regards,

Torresmagnifico

by torresmagnifico on Tue, 06/15/2010 - 22:04  (#52197)

The following is from your link to the Emsisoft website:

'When downloading, you'll get the full version including all protection features for 30+3 days for free. Afterwards the unpaid software switches to a limited freeware scanner mode that allows you to scan and clean your PC whenever you want, but does not include the protection features against new infections.'

I will be updating my category regarding A-squared in the near furure.:-)

Kind regards,

Torresmagnifico

by Anonymous on Thu, 05/27/2010 - 13:46  (#50458)

Guys, I need your inputs and your expertise regarding this issue as I am not a technical person at all.

I have malwarebytes,AVG and ESET installed in my laptop, however, the virus seems not to be removed by these antivirus/ antimalware applications. AVG and ESET doesn't even detects any virus. I have just downloaded SUPERantispyware earlier since most of the comments here dictates or proves that the SUPERantispyware does a good job, but it also seems that the virus hasn't been totally removed/cleaned yet. the number of objects infected stays to 2 no matter how many times i scan in a day whether by quick scan nor even by full scan.

this is what the mbam log says:

Registry Data Items Infected: 2
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BITS\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemRoot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wuauserv\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemroot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Quarantined and deleted successfully.
Vendor: Hijack.WindowsUpdates

does anyone know how I could get rid of this?
do I need to purchase the full version of malwarebytes just to remove this virus?

PLEASE HELP :(---rachelle---

by Chiron on Mon, 06/07/2010 - 07:38  (#51539)

You can try scanning with an anti-rootkit application.

Also, you can check out my guide on how to clean an infected computer:
http://forums.comodo.com/virusmalware-removal-assistance/what-you-need-t...
You'll find the advice to be quite similar to that on this site, but I think it's well organized and therefore quite useful.

by torresmagnifico on Mon, 06/07/2010 - 19:32  (#51572)

Chiron,

Thanks for your comments and the link.

As the new editor for this category I will slowly but surely be updating this article; so folks please be patient while I learn the editing process! ;-)

by Anupam on Thu, 05/27/2010 - 14:40  (#50462)

Things like this require someone specialist in malware handling. You should post this in forum like those which handle such requests.... like BleepingComputer.

by Anonymous on Sun, 05/09/2010 - 22:00  (#49429)

April 09
I need help...
At work on I was modifying an Old C, program, (Old C) I forgot some old syntax Code. No problem, I have old C files an old computer (386 - Remember those ?), So I went home and Pulled out My Old 386 with The old C programs and copied them to Floppies but all the Floppies were all infected with ANTIEXE and so was My OLD 386 too. I cannot Remove the ANTIEXE, I will not put these old C files on floppies to My computers at work...
Can some one suggest What I can do... How can I remove the Old ANTEXE... As my virus protectors ; Trend , Norton , Panda cannot clean them I have various at work all on standalone PC's. I have Tried everything and I am at My wits end... Somebody help me, PLEASE !!!
Darren
Moderators comment:
Email address removed. These are not permitted for safety reasons. Requests for individual support should be made in the forum.

by Anonymous on Sun, 04/18/2010 - 22:29  (#47932)

The "Trojan Killer" software mentioned as "Free" from GridinSoft is NOT Freeware. It is a 15-day trial, after which a license must be purchased. Furthermore, any threats found during trial period scans are not automatically removed or fixed by the program, but instead notice is given that in order to "fix" the errors, the program must be purchased.

by MidnightCowboy on Sun, 04/18/2010 - 22:48  (#47934)

Thank you for pointing out the changed status of this product which has now been removed from the review.

by Anonymous on Fri, 01/08/2010 - 02:34  (#40540)

It seems that Panda Anti-Rootkit doesn't work on Vista, along with Threatfire, Panda Cloud AV, AVG, AdAware, and a whole bunch of other free programs. Thank you, Microsoft!

by nirvana39 on Thu, 01/21/2010 - 12:47  (#41680)

Many of the anti-rootkit products are now, allegedly, included in broader security suites. Threatfire, for instance, is now considered an antivirus program that also detects rootkits.

by Anonymous on Sun, 12/27/2009 - 03:17  (#39564)

MalWareBytes:

Files Scanned: 293,845
Total Time: 4hrs + 20min +56secs

Software Notes:

Cons - takes forever to scan 294k files, takes 5 hours completion time.

AVG Internet Security scans 769k files in 2 1/2hrs. I do not recommend Malware bytes.

by Anonymous on Wed, 06/16/2010 - 09:23  (#52228)

Strange but I had a slow scanning quick scan problem with SAS, 40 minutes in the latest version, used to take under 10. Malwarebytes has maintained the same speed about 10 minutes for the quick scan.

by Anonymous on Tue, 04/13/2010 - 01:22  (#47528)

MalwareBytes:

Files scanned: 563,764
Total Time: 2hrs + 23min.....

Software Notes:

No problems with MBAM here....You running Windows 95 or what..??

by nirvana39 on Thu, 01/21/2010 - 12:48  (#41681)

While it may be slower, if you have the time to scan overnight, I've found MalwareBytes to be much more effective.

by Anupam on Sun, 12/27/2009 - 08:27  (#39582)

What are the specs of your PC... will you share please?

by Anonymous on Sun, 12/27/2009 - 07:00  (#39575)

Did you run a Quick Scan? From their forum.

"The quick scan will find any malware that's active on the system that MBAM is capable of detecting. The only real usefulness of the full scan is detecting the occasional trace that get's missed by the quick scan, and even that's pretty rare. According to one of the developers the quick scan catches 99.9% of the malware that MBAM will detect."

by Anonymous on Tue, 05/11/2010 - 21:24  (#49587)

Yup. I never run the full scan. Comparing AVG to Malwarebytes is a bit apples to oranges. Speaking strictly about spyware and trojan detection and removal, AVG cannot compete with Malwarebytes. Its not even close.

I think alot of folks need to spend some time on malware forums like bleeping computer. The recommended free tools on those sites are always the best available. Hijack this, Malwarebytes and superantispyware are the currently favorites among the security specialists.

Specialized tools like combo fix and sdfix are also popular but more complicated.

-J

by Anonymous on Sat, 12/19/2009 - 02:49  (#38991)
by Anupam on Sat, 12/19/2009 - 06:43  (#39000)

Thanks for the information.

by MidnightCowboy on Sat, 12/19/2009 - 08:53  (#39002)

I do like to see developers admit they have a problem and do the right thing while they get it sorted. Especially with security and recovery apps there's been a tendency in the past to pretend nothing is wrong at the expense of those using the product and getting burned. Hats off to ComboFix, I hope they get it fixed soon.

by Anonymous on Thu, 12/03/2009 - 18:25  (#37780)

i use avira personal with superantispyware pro and a squared this combination does a great job

by Anonymous on Thu, 12/03/2009 - 09:33  (#37754)

this is totally cool man, I will not waste my time and try it if I were you !!!

by Anupam on Sat, 11/21/2009 - 00:32  (#37021)

Threatfire 4.7.0 has been released.

Anupam

by Anonymous on Fri, 11/20/2009 - 00:55  (#36958)

I just have to say that Threatfire seems to have slowed down the pc's here alot. We thought we had a trojan, but running Sys-Internals Process Explorer showed that it was Threatfire dragging the system down. The older version was hardly noticeable, but the latest caused a serious drag & delay response on older systems.
After removing Threatfire, pc's seem to run much faster, more memory available. Too bad, it seemed to be an OK program.

We are now using a combo of MS Security Essentials, Outpost Firewall, and PC Tools Spyware DR (starter ed via Google pack). Run Malware Byts AM once a week too.
A2 Squared seems pretty good, but the update download is huge. Once a month we also run Spybot S&D too.

As for rootkits, try Panda Anti-rootkit or Sophos Antirootkit.

by rick_mo37 on Sun, 11/08/2009 - 00:18  (#36198)

I can no longer recommend Superantispyware. For one thing Malwarebytes is a quality replacement for a free scanner. For another, I just cannot 'look the other way' when I see that "one day only" price of $9.99 for the Pro version or $19.99 for a Pro version lifetime license. Sure it's a nice deal for a quality program but the fact remains that the offer is misleading. It's not "one day only", it's pretty much every day.

Now we could go into how long 64X support has been promised and we could go into how long true Vista support has been promised for their sister product, SuperAdBlocker. It's been years. But that is another subject altogether.

Go on some security forum and criticize the misleading advertising and what will some SAS rep do? Probably try to get your posts deleted. That's pretty cheap in my opinion. But it's easier than answering to the fact that the company favors misleading advertising.

So in all, I just do not recommend SAS anymore.

by nirvana39 on Fri, 11/13/2009 - 13:10  (#36561)

I find SuperAntispyware to be very effective, but I have to echo your sentiment. Those ads that offer "1 day only" or exclusive sales annoy me. Since it is free though, I will probably continue to recommend/use it (and stay away from the commercial version)

by MidnightCowboy on Sun, 11/08/2009 - 09:37  (#36216)

I'm into this too and agree completely. I have great respect for Emsisoft for instance but every time I open the a-squared page there's a message about $x discount "today" for people in Brazil. Unfortunately this is standard net marketing practice and unfair I suppose to single Emsisoft out as there are plenty of others at the same party. Prevx is another one. Great software, highly capable so why do they have to resort the the type of tactics exhibited on their front page? At the end of the day I guess it's all about the power of money and most of the time we'll just have to live with it.

by JonathanT on Sun, 11/08/2009 - 02:12  (#36200)

Although I agree the ads are misleading, I do not think that it's a reason to not use SAS. Many other companies have gone further and tried to validate either tests conducted by themselves or tests from dubious organisations, which is far more serious IMHO.

Also, have you actually seen these posts getting deleted, or is it merely speculation?
Thanks

by rick_mo37 on Sun, 11/08/2009 - 02:59  (#36201)

I have questioned their advertising campaign/policy on other forums and they have made reply posts asking that my post be removed. I did not start a thread about their advertising, just responded to posts they have made.

by rick_mo37 on Sat, 11/07/2009 - 23:49  (#36197)

Combofix is one of those programs nobody speaks much about until nothing else seems to work, then someone makes a combofix suggestion and the results are usually pretty good. Combofix seems to work well getting rid of many of the present day rogue downloads. I have seen results where Combofix has restored a few computers where Malwarebytes couldn't clear everything up. That's not a knock against MBAM as it is really a super program. But if MBAM seems to not complete the job of cleaning persistent malware then maybe give combofix a shot.

As a side note, combofix has many rogue variants so only download combofix from the site below, which comes with a nice tutorial-

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Post new comment

The content of this field is kept private and will not be shown publicly.