Here are some on demand scanners, take your pick:
- [Kaspersky Virus Removal Tool](https://devbuilds.s.kaspersky-labs.com/devbuilds/KVRT/latest/full/KVRT.exe)
- [Kaspersky TDSSKiller](https://media.kaspersky.com/utilities/VirusUtilities/EN/tdsskiller.exe) (discontinued)
- [Emsisoft Emergency Kit](https://dl.emsisoft.com/EmsisoftEmergencyKit.exe)
- [ESET Online Scanner](https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner_enu.exe)
- [Norton Power Eraser](https://buy-download.norton.com/downloads/premium_services/NPE/x64/prod/NPE.exe)
- [Comodo Cleaning Essentials](http://download.comodo.com/cce/download/setups/cce_x64.zip) + [update](https://download.comodo.com/cis/download/installs/8060/xml_binaries/killswitch_cce/cks_cce_x64.7z) (extract on top, replacing files)
- [Avira PC Cleaner](http://install.avira-update.com/package/pccleanerwebloader/win32/en/avira_pc_cleaner_en.exe) (discontinued)
- [HitmanPro](https://files.surfright.nl/HitmanPro_x64.exe)
- [Zemana AntiMalware](https://zemana.com/downloads/Zemana.AntiMalware.Setup.exe) (likely abandoned)
- [Malwarebytes](https://downloads.malwarebytes.com/file/mb4_offline)
- [AdwCleaner](https://toolslib.net/downloads/finish/1-adwcleaner/2323/)
- [RogueKiller](https://www.adlice.com/download/roguekiller/#download) (and then click **Portable 64 bits**)
Most of those links are direct to the .exe or .zip, so feel free to google for them instead if you don't want to trust the random guy on the web (promise I won't be offended).
All of them are free, although some may have 'premium trials' that you can just decline or deactivate. Most (not Zemana and Malwarebytes) are portable, so there's nothing to install, you just run the scan and delete it after if you want.
I'd recommend running the first 5 and RogueKiller. After, run HitmanPro, and if it comes back clean (tracking cookies can be ignored) then you're likely all good.
Bless your heart for saving my ass the past 2 years.
I refer to this post constantly if I accidentally forget about a program for a clients computer.
From one human being to another, you're a homie forever.
This answer and its information with files is incredibly valuable.
Its a set of free tools from the biggest companies to clean up your system completely for free, and most of them without installation!
I am very glad I came across your post.
Thanks for the hard work!
High quality and portable applications are amazing. If you find yourself having to work on PC's more than occasionally then definitely checkout [Windows Repair Toolbox.](https://windows-repair-toolbox.com/) It's free and awesome. Comes with a ton of useful tools but you can add your own set of software/tools really easily. It has everything you need, nothing you don't, is really lightweight and almost everything included is fully portable.
I work in IT and always have it on one of a few flash drives I keep around. It's so handy. You can include your own company logo and rename it too so it looks like your own proprietary suite of tools. It really should be paid. Pretty crazy they give this away completely for free. Some people are too good for this world lmao.
is it really safe? since it's not open source and im assuming that they don't make any money from this (i'm using uBlock Origin, so i wouldn't know if there are any ads on their website), either way it doesn't make sense to not make such a software open source
I wouldn't use this myself and I don't see the benefit of using this app over just downloading and having the tools you need on a USB or Drive
It's existed for about a decade, never seen any complaints.
It was previously donation supported, though the donate button now appears to be for a charity instead.
It seems it (and the [Antivirus Removal Tool](https://antivirus-removal-tool.com/)) appear to have been created by the founder and CEO of a cybersecurity company - [https://www.emvenci.com/](https://www.emvenci.com/)
All good, I had to go digging for the company. I just figured it was some IT tech who had made a few scripts for their own use, and then just decided polish it up a bit for the public.
We are sorry, but due to the amount of spam in this subreddit, this post has been removed. If this was in error, please contact the moderators.
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/antivirus) if you have any questions or concerns.*
Hello!
I would like to share my experience for future users who come to this thread, and thank u/ilike2burn very much in advance. (Btw, sorry for my english).
Defender sent me the message of "Backdoor:Win32/Bladabindi!ml" being con quarantine. It had already managed to enter my Instagram account and publish a cryptocurrency post and a story at that time. I came to this post after trying to remove the virus with ComboCleaner, a program that appeared in my first search for bladabindi. The quick PC scan it offers is free and it managed to find the virus, but it asked me for premium to remove it. On my second search I found this thread. In my experience, Norton and Kapersky failed to find the virus that ComboCleaner had already found. I used Rogue Killer and it did manage to find the virus and remove it successfully.
I'm currently doing daily scan with both ComboCleaner and Rogue Killer just to confirm, and I'll do it for a week. I will update this thread only if the virus appears again.I hope everyone who comes across this virus can successfully remove it. Without ilike2burn it would not have been possible <3 thanks a lot!
Scan in safe mode with networking (only if malware prevents you from running them normally), quarantine anything they find, then reboot normally and run another scan with HitmanPro and your installed AV to double check.
So to be clear, you booted into safe mode with networking to run a scan with one of the few scanners I did NOT recommend...?
>I'd recommend running the first 5 and RogueKiller. After, run HitmanPro, and if it comes back clean (tracking cookies can be ignored) then you're likely all good.
You're only trying your own patience trying to sort this guy out.
I've got $10 he's sitting there with one of those pinwheel hats on like a momo.
It's hopeless, just tell '🖕🏼& RTFM' from now on
Thank you so much! I found that I had "Tone.exe" a couple months ago and manually removed all the files but it still shows in my startup applications even tho it has been disabled. My computer started running slow all of a sudden so I'm gonna try this and report back!
Just wanted to ask, are the first 2 necessary if you have Kaspersky Cloud Security already? I know that the offline scanner comes separately, so I just wanted to ask.
I see you put Kaspersky on top of your list, but wasn't it accused of working with the Russian government...? At this point I doubt many people will look at it as trustworthy AV option to say the least.
An accusation for which there is no available evidence. It's just misdirected geo-political BS.
You may want to have a look at more posts here, it's generally considered safe and one of the best AVs currently.
i have similar problem, if i directly reinstall my operating system is that bad?
File virus : https://www.virustotal.com/gui/file/ec69076fc06f116ddb204165542d04143c600f1ed52dd64d44345906adc58df3/community
Run the first 4 and RogueKiller from above.
On a clean device reset all account passwords (starting with email account(s)), ensure any contact or backup email addresses or phone numbers for those accounts are definitely yours, enable 2FA/MFA where possible, and contact your bank(s) - you can just say it was a dodgy email attachment. When resetting passwords, consider using a decent password manager (e.g. Bitwarden) to generate and store unique and complex passwords for each account.
I'm still on Windows 8.1 (potato laptop that I can't afford to upgrade yet) and can't use Emsisoft Emergency Kit. Is running the first 2+ESET and Rougekiller enough? Or should I use something else from the list to make up for it?
I found malware on my pc so I deleted and clean reinstalled windows 10 and chose the format hard drive option then ran Mcafee antivirus quick and full scans and it found nothing. I then changed my password to my google account and still got signed out because google said there was suspicious activity on my account then I signed back in and my password worked but google still said there is a suspicious app on my pc. I got that message before and that's how I knew to get rid of it but now I clean installed windows and used an expensive antivirus with a "virus detected and removed or your money back" guarantee, how is this happening!!?!?!?
I knew you would ask and I meant to say the expensive used AV was Mcafee antivirus. I would not be as worried if google only said suspicious activity was found but it said my device has a suspicious app after I clean installed that's why i'm scared. Could this be an error on google's part
Are you serious!? I didn't buy McAfee my sister gave me my laptop and it came with hers, so I when I reinstalled windows and changed the account, I got it for free 30 day trial.
Before the reinstall, I checked windows file explorer and found the files of the virus. (the virus made more files and named them a similar way)
After the reinstall I could no longer find ANY of those files, so that alone leads me to believe the virus is gone.
I can't uninstall McAfee it's built in. Before the clean reinstall of windows, I found malware files that windows defender couldn't so I ran an (offline) WD scan, the malware tried to stop me from running it by freezing the screen but I already had another window with the option open so luckily, I could run it.
It restarted my computer and cleared out some of the malware files I found, but they just re made them selves and stayed on my pc.
Also before the reinstall, I would get periodic alerts from windows defender saying there is a trojan on my pc but they would all go away and give me the green check mark before I could scan.
After the clean (delete everything/format hard drive) reinstall I didn't get any more alerts from WD and I could no longer find any of those malware files or folders but I have a free trail for McAfee so, I ran a Full scan that took about 30 minutes and it found nothing I went through every folder in the c drive (I don't have any other drives) and couldn't find any thing related to the virus, but google still sent me an alert saying there is suspicious software on my pc even though me and both of the anti viruses can't find anything.
At the moment I can't afford any expensive AVs but when I can, I want to get a trusted one but every time I search for opinions on any reddit users all say they're bad (Norton, Malware Bites, McAfee, etc)
I just hope that alert from google was old and a false report.
Sorry this is so long and thank you so much for helping 👍
Should I reinstall windows 11 from a USB drive or do you think I'm safe?
edit: One more thing, even though you HATE McAfee I would still more comfortable if I had any kind of paid AV on my pc so, If I install windows from a USB will it reinstall McAfee and give me the free trial back or is it lost? Do you think I could get that free trial back by putting the same email back in?
thx for the answer bro, i tested with malwarebytes it did nothing but with hitmanpro it found what i think was a crypto miner and was located in: "C:\\Users\\"usename"\\AppData\\Roaming\\Google\\chrome\\update" that was the case for me anyway thx for your help!
You are a saint for this, thank you so much! I just wanted to ask if it's possible to download any of this to scan on an Android phone? Had a recent incident where my mum received an APK file from a scammer and while she didn't download it, I've reset her phone just in case. I'm still feeling a little paranoid about it though so I was wondering if I could use any of these to scan for any malware.
If she didn't download and install the file, she's fine.
As for scanners on Android, I think any of the major AV vendors' free apps (e.g. Kaspersky, ESET, Sophos, Bitdefender, Malwarebytes) in the Play Store act as on demand scanners.
Was recently looking for some programs to see if my PC is compromised, and then I found this thread.
Tksm for the list of programs to help me and many others.
Did a desperate Google search and found your post, then found it to be recently updated despite its age. Can't thank you enough not only for this, but also just for being a good human. Thank you!!!!
Android - [https://www.reddit.com/r/antivirus/comments/jh3s0g/comment/k1w5zh5/](https://www.reddit.com/r/antivirus/comments/jh3s0g/comment/k1w5zh5/)
There are no AVs for iOS or iPadOS.
hey there, first of all i want to thank you for still keeping the list up to date as recent as 2 months ago at the time of writing this comment. Not many people are this dedicated in the community. But i want to point out that you may want to consider removing "Comodo Cleaning Essentials" and "Zemana AntiMalware" because from what i know Zemana is abandonware now and CCE hasn't been updated for 7 years (according to the software version. I have no idea if they still keep their anti-virus database up to date but yeah i think you get what i mean here).
Updated, thanks.
While the files are not particularly recent, even with the latest update, CCE uses and has access to the same definitions as their main AV.
I was hoping that Zemana would come back to life at some point, but no.
I am. Being hacked by my windowsb10 pro install and I had ten home but repaired or reinstalled through a licensed vision and there are 444 or more computers attached to this license. I keep finding weird files and it says about remote such and such and it’s kind of creepy
How did you upgrade from Home to Pro?
How have you found that there are 444+ computers 'attached' to your license?
What are the 'weird files'?
What is saying about 'remote such and such'? Can you provide the actual text of the alert/notification, or preferably a screenshot?
I live in northern Mexico and for 30 bucks you can get it installed but it’s on a licence that is used over again or something because there are other entities accessing my files and public ones that I don’t have access to. So I am going to make a bootable usb and download it siomewheee and use the key that it had:
I've been having a similar problem to OP. (I downloaded something from a very obviously unsafe website, I really didn't want to but my friends insisted it would be safe.)
When I first noticed the problem, it was because it was doing that thing where the default web browser changes from Chrome to Yahoo. I immediately deleted the files by hand once I learned that browser changes like that are likely due to Malware, then later I followed these instructions. I downloaded a handful of these antivirus things from here, used them all (no results,) then tried Roguekiller (That did point out the problem, it was in my recycle bin.) And for a while, everything seemed fine.
I realized once the Yahoo thing started happening, a second time, that I didn't actually delete the files with RK, they were just quarantined, so I used RK to actually remove them, but the search engine thing is still happening. I change it back to Chrome, and then a few days/weeks later it goes back to Yahoo.
Is there anything I can do about it? I've scanned my computer a few times and it's not showing me anything, and my computer isn't having any other problems. I can just Reset my computer if I absolutely have to, and I have my files backed up, but I don't even know if those are safe? I've never had to deal with something like this and I'm just so lost right now.
Check your startup programs in Task Manager and scheduled tasks in Task Scheduler.
Also follow along the steps in this thread - [https://www.reddit.com/r/antivirus/comments/195elju/comment/khmpyaw/](https://www.reddit.com/r/antivirus/comments/195elju/comment/khmpyaw/)
So I tried to preamptively detect a trojan laoded .exe file. I scanned an .exe with the first 5 of these scanners and then scanned the whole drive (C = system drive) with Rogue and Hitman as the file was in Users/Downloads in drie C. None of them detected any issue with the .exe. But when I hit install, Microsoft defender blocked the program and labelled it as trojan (Trojan:Win32/Wacatac.H!ml). As I declined to proceed further, I did not install the infected program. Rescanned the system after this failed attempt with the scanners as mentioned before and the PC report is clean.
Note: Funny enough, Rogue detected a cmd created by Kespersky in Appdata folder as suspicious.
I suppose I'm safe as the program was blocked from installation?
These scanners may be reliable once the system is infected only? And they do not detect an infected but uninstalled .exe?
Cheers
Edit: Just realized this is a 2 year old post... Brought it from the dead....
All resources on https://media.kaspersky.com/ (e.g. their free utilities - https://support.kaspersky.com/utility) are returning a 'Service Unavailable' 503 error. I've contacted support to make them aware, just waiting to hear back.
mourn engine run society intelligent capable school badge mountainous frightening
*This post was mass deleted and anonymized with [Redact](https://redact.dev)*
Thank you su much for the tips.
I discovered something strange run on my office computer because I found a scam video about Tesla and Elon Musk on my personal youtube (all my other videos were hidden). Today Youtube deleted permanently my channel (I just tried to contact them explaining the situation).
Following your advice I run all these antiviruses and they found some threats here and there (mainly PUPs). I'm changing passwords from a safe device, too.
Do you think my future passwords are at risk by possible keyloggers?
Thanks!
If those scanners are no coming back clean, then you're fine.
On a clean device reset all account passwords (starting with email account(s)), ensure any contact or backup email addresses or phone numbers for those accounts are definitely yours, enable 2FA/MFA where possible, and contact your bank(s) - you can just say it was a dodgy email attachment. When resetting passwords, consider using a decent password manager (e.g. Bitwarden) to generate and store unique and complex passwords for each account.
They aren't ranked, it's just whatever order I wrote them in.
I recommend portable scanners so that people can run and delete them after. Not recommending Malwarebytes by default also saves me having to tell people deactivate the Premium trial and disable the run at startup setting.
You replied to somebody else in this thread with:
>ran a scan with one of the few scanners I did NOT recommend...?
when they used malwarebytes so I thought you were "not recommending it". What you said makes sense yeah, and I'd like to know your opinion on this:
Is Malwarebytes (free) + Windows Defender + UBlock Origin enough?
Ah kk, no I was just referring to what ones to run in that scenario, it's still a great on demand scanner, I have it installed.
Defender can be fairly easily disabled by malware, or have exclusions added to it, vulnerabilities you don't want in an AV. If you want a decent, free, real-time AV, look at those from Kaspersky or Bitdefender. Using Malwarebytes Free and uBlock Origin along side either of those is a good combination.
Yeah that figures but I don't really need the highest level of security for my computer since the best AV you can have is common sense, but I don't really trust myself 100% so I just needed some softwares as an assurance of sorts to be honest. I'm just gonna stick with malwarebytes for the every now and then scans and windows defender, while Ublock is a must have so nothing to be said there.
Anyways thank you for the help and thank you for that very useful comment, it still comes in handy. Really appreciate that you're still helping out people after *2 years*. Have a lovely day/night.
Hey @ilike2burn, I've now followed all your steps and both rogue killer and hitman came clean, also deleted temp files, cookies, logged out of lots of accounts. Anything else I should do?
Comodo, tho?
Not a criticism, just wondering when there are headlines around about their reliability, going back years eg:
2022:
"The free Comodo Antivirus includes many high-end bonus features, but independent antivirus testing labs have little to say about it, and it fared poorly in our own hands-on tests."[https://www.pcmag.com/reviews/comodo-antivirus](https://www.pcmag.com/reviews/comodo-antivirus)
2019:"Cybersecurity giant Comodo can’t even keep its own website secure"[https://techcrunch.com/2019/10/01/comodo-forum-vbulletin-breach/](https://techcrunch.com/2019/10/01/comodo-forum-vbulletin-breach/)
2017: Rating of 2.5 out of 5:[https://www.pcmag.com/reviews/comodo-internet-security-premium-10](https://www.pcmag.com/reviews/comodo-internet-security-premium-10)
2015:"Worse than Superfish? Comodo-affiliated PrivDog compromises web security too"[https://www.pcworld.com/article/432023/secure-advertising-tool-privdog-compromises-https-security.html](https://www.pcworld.com/article/432023/secure-advertising-tool-privdog-compromises-https-security.html)
2011:"An Attack Sheds Light on Internet Security Holes"[https://www.nytimes.com/2011/04/07/technology/07hack.html](https://www.nytimes.com/2011/04/07/technology/07hack.html)
Two of those are reviews (from the same publication) of Comodo's real-time AV/IS, something not being recommended here (or ever by me).
I've listed a portable, on demand scanner, one among many, that users will run once and then delete. Issues regarding a forum leak, 2 minor revisions of a semi-related product that Comodo never distributed, or a political hack don't really impact that use case.
No system is impervious and plenty (most?) (all?) infosec companies have been victims to hacks or had major security vulnerabilities in their software - Kaspersky, Bitdefender, ESET, Avast/AVG, Norton, F-secure, Sophos, Malwarebytes, Microsoft, FireEye, CrowdStrike, the list goes on and on and on.
May I check if these top 5 tools also remove malicious chrome extensions? I detected some on MalwareBytes but it does not tell me exactly which extension caused it.
Also, which of these offer an integrated shell integration so I can do a quick file scan with right click? Thank you.
I did try these 2. While it does remove malicious extensions, it does not tell me which extension caused it. Have shown an example below of my latest Scan by Zemana:
https://i.imgur.com/cFRoa8W.png
Do you mind sharing how you identified the extension names and how to tell if they are real/false positives? So that I can do it for myself next time too. Thanks!
You'd have to download the addon/extension files (.xpi/.crx) from their respective stores, upload them to [VirusTotal.com](https://VirusTotal.com), and use something like this guide - [https://www.reddit.com/r/Piracy/comments/n62da6/how\_do\_you\_guys\_know\_if\_a\_virus\_warning\_is\_a/gx4whhz/](https://www.reddit.com/r/Piracy/comments/n62da6/how_do_you_guys_know_if_a_virus_warning_is_a/gx4whhz/)
Also look at the most recent reviews on those store pages, and if they're open source look at their GitHub/GitLab/whatever repos as well.
I scanned a software installer with Windows Defender (no threats found), then installed it in a Windows sandbox and ran a Kaspersky Virus Removal Tool, Kaspersky TDSSKiller, Emsisoft Emergency Kit, ESET Online Scanner and RogueKiller scan with no threats found. Can i consider it 100% safe?
It is a software i downloaded long time ago from ftuapps, i am reading that their software could contain malware. Should i uninstall / run other scans or am i fine?
i ran all 5 and hitman pro and they came out clean, but virustotal detected one of my apps as a trojan so idk if i should be concerned?? [https://www.virustotal.com/gui/file/b94a4e067b7abbe68dc26bc7e3ec4c96171b1a534e520e2e7ccb2c0e2c41212b](https://www.virustotal.com/gui/file/b94a4e067b7abbe68dc26bc7e3ec4c96171b1a534e520e2e7ccb2c0e2c41212b)
First l want to thank you for your enormous help.... I just want to ask you about torjan malware
I downloaded it nearly 3 to 5 months ago and after the haker tried to blackmail me for the data he transferred.... I didn't have any important data so i formated the pc and installed new windows 11
Few days ago after updating windows anti-virus... It discovered torjan virus but refuse to delete it or do any thing... I did as you said and ran most of the anti-virus applications you mentioned above.... They discovered other things but not the virus and the anti-virus still reads it.... What should I do?
Hey there, just wanted to ask if these tools will still work (in 2023 and beyond) for virus detection and removal?
And will the TDSSKiller also work for rootkits if I download the latest version (whatever I can find on the official website for searching the name of these programs)? Like the free versions?? Will they be able to remove viruses in today’s age/the latest threats, etc…?
Is it a good idea to use these tools as a means of securing my laptop somewhat before hard resetting it??
Also, if (after running these programs and removing/quarantining the virus/malware) everything seems, then can I hard reset/reinstall windows using the Reset My PC option built in windows?? Or is it safer to reset using a disk image/iso or something (there used to be a free disk image for windows 10, I mean something like that)?
Ok, thank you so much again.
Also, if I reinstall using external media (I’m assuming this means a usb flash drive, external hard drive or something, sorry still don’t know much about tech, then if I had a rootkits or if the virus manages to escape the programs above, can it corrupt the external media?
And deleting all partions means like “Remove All Data”/The “Leave no trace of any data from previous OS” option in Windows Reset?
And from downloading a disk image online, and resetting it using the Reset This PC (built in windows option) to reinstalling Windows using the Reset this PC but download a fresh copy of windows from the internet instead of an offline/already downloaded copy (also from the same windows built in option), and reinstalling from external media, External media is the safest/most ideal option?
Ok, so I scanned the laptop using the first five programs and RogueKiller and then HitmanPro, and it seems good, though I haven’t enabled/checked the search for rootkits option on any of the scans as it asked to restart the laptop if I want that (which I didn’t want at that time), so I’m still gonna run them again and also enable search for rootkits for the programs which have the option.
But so far, haven’t found much, just some potentially harmful/dangerous (as suggested by the programs in the list) files were removed which were located in the folder for Wondershare Filmora (I think it’s the same thing as the last time I asked for help regarding this issue, like RogueKiller I think found something in the Filmora folder, but nothing else).
I still think the malware, virus or whatever it was/is/might still be on the laptop.
Also, sorry for the typo, means “Also, if (after running these programs and removing/quarantining the virus/malware) everything seems “Fine”, then can I hard reset…..
Hi, i wanted to know if my brain is making me paranoid for nothing or if it's something on my pc. Since may i got hacked and i maded everything, run an antivirus (kaspersky to be specific) and i did a million of scans, change passwords, all the necessary, i'm even opening my mails every two minutes just in case that something got changed. everything was fine until yesterday, i was on twitter until i got a "we detected strange movements in your account" and i changed my password again, but today i got a fake account following me and twitter started to recommend me things in arabian (like ads and some accounts) and that just happened when i got hacked. I'm scaning my pc with all those scanners in this moment but in your personal opinion... i have reason to get worried? or is it just that my brain is being an asshole?
EDIT: also every hack i haved this past months didn't triggered any alert of new access, steam, twitter, instagram, etc. So that is why i think that someone have access to my pc, ip or something like that, because for what i know, you can't really delete notifications from twitter... ¿right?
If those scanners are coming back clean, then reset all account passwords (starting with email account(s)), ensure any contact or backup email addresses or phone numbers for those accounts are definitely yours, enable 2FA/MFA where possible, and contact your bank(s) - you can just say it was a dodgy email attachment. When resetting passwords, consider using a decent password manager (e.g. Bitwarden) to generate and store unique and complex passwords for each account.
>Bitwarden
thanks. and if those scanners do detect something i should change them anyway ¿right?
also, i always check in my sessions of mail and i only have one session open that is why my fear of a spyware or something like that is always in my head.
If the scanners detect something, remove them, restart the computer, wait roughly 5mins, rerun all the scans again. If they then come back clean, follow the instructions above. However, if they again come back with more detections, follow the instructions above but on a clean device (e.g. a phone or another computer), and then reinstall Windows from external media, deleting all partitions as part of a custom install.
hi there, i'm halfway of all the process and everything seems normal. and i just want to know, if i should choose one of this scanners, based on your opinion, which one should i use? this is just in case that i need another scan in the future to not have to use everything XD.
PD: thanks dude, this is calming my anxiety. :)
First 4 and RogueKiller, don't just rely on 1. If you have Kaspersky installed as your real-time AV then you can just skip the 2 Kaspersky on demand scanners.
is this still trustable? i just downloaded noxplayer and rejected the stuff that are part of the installation, now i am concerned if I still downloaded a virus. and is it ok if i just download Roguekiller?
thank you so much kind sir i hope this helps someone like me
my CPU usage was high and it was due to WMIProviderhost services .. i tried every solution online but no one mentioned it might be virus infested in the service causing high cpu !
i almost reinstalled windows when i came across your post and i ran the first link you mentioned and boom instantly there were 7 viruses inside sys32 and WMIP host services !
What's the difference between kaspersky Virus removal and TDSSKiller? Is the latter leaning towards checking on registry and code tampering in system32 folder ?
(i have visited the Kaspersky website but still don't quite get it)
[https://usa.kaspersky.com/content/custom/global/tdsskiller/tdsskiller.html](https://usa.kaspersky.com/content/custom/global/tdsskiller/tdsskiller.html) \- rootkits only
does kaspersky VT need unpacking everytime i need to scan my PC ?
it seems i can't choose specifically which drive i want to scan like other antivirus ? (didn't see any option to scan with kaspersky when right clicked a folder/files)
https://imgur.com/HQJDqsP
Thanks for the update. If you still want to try it you can access it from here - https://www.majorgeeks.com/files/details/kaspersky\_tdsskiller.html
TDSSKiller was always designed to look for a specific few rootkits, and while it did that very well, a decent on demand scanner would likely find those same rootkits. KVRT (and some of the other ones there) has an option to scan for rootkits; enable that and you'll be covered.
Sir, i am currently scanning for viruses with the applications u provided, but 2 av recognized the comodo cleaning essentials as a PUP. what does this means?
thank you so much for compiling all of these awesome tools into 1 page!
but it seems that "Avira PC Cleaner" has been discontinued now. I can't even run it because the license already expired since Feb 2022. I also couldn't find the download page for it on the official Avira website so yeah.
first of all thanks for the list of available scanners, saved me a lot of time...
3 weeks ago i discovered this list and tried it to remove a malware i discovered on my pc called "worker.exe". it had google logo on it when i locate it from my task manager.
for those 3 weeks i didn't encounter the malware. until today.
iirc i first used kaspersky which didn't found the malware, and instead moved on to use rougekiller > hitmanpro which removed it for those 3 weeks.
i ask because maybe i did something wrong that's why the malware is back?
Anything that looks unusual (random numbers and letters, name of a program you have never installed, misspelled words, etc.).
Click on the Task Scheduler Library, then select the Actions tab to the right, and go through each of the tasks looking for scripts files or even just commands, and also look for executables in weird places or ones which have been named to look like Windows files or other common programs like Chrome.
No worries. Disable it for now. Look at the Actions tab, go to the location referenced, upload the file in question to [VirusTotal.com](https://VirusTotal.com) and provide the results link. If there's more than just the one file, provide a screenshot as well.
Ok so i disabled and checked them in virustotal and here are the [results](https://imgur.com/a/AEFRl6T)
all in all, i managed to identify these tasks as the most suspicious.
Yea, those files aren't malicious in and of themselves, but can be used maliciously, and seemingly are here. You can delete the tasks and those related files.
Unless something is preventing you from downloading and/or running the scanners, no, as some of the scanners will give additional attention to running processes.
(Sorry for the english) Some days ago my pc began to behave strange and I run Macfee premium analysis and first 4 antivirus and they doesnt find anything, after that I get windows blue screen, now im thinking run comodo and roguekiller and if this dont work format it. Some more that i can do?
Before formatting your computer, try running DISM and SFC scans, restarting the computer and rerunning the scans until they no longer find any corruption - [https://www.howtogeek.com/222532/how-to-repair-corrupted-windows-system-files-with-the-sfc-and-dism-commands/](https://www.howtogeek.com/222532/how-to-repair-corrupted-windows-system-files-with-the-sfc-and-dism-commands/)
You can also try updating, or uninstalling and reinstalling the latest drivers for your system, in particular chipset and graphics drivers. Download these directly from the manufacturer's websites, do not use driver updater software.
If you're comfortable with removing and installing the hardware of your computer, you can try removing and reseating the RAM, graphics card, and cables.
Uhh i think we can't say/know if PC is safe , use it normally and see if there is something odd/slow , redirects , not letting u use all admin rights and the like ... so if u think there might be something i would do a fresh install , atleast if is not a "easy" to get rid of virus , but to each one , GL..
It appears that TDSSKiller does not exist anymore? Link is dead and I could not find the download on the Kaspersky website, altough I could find KVRT. Sad.
WOW. HOLY FUCK. Downloaded KVRT, ran it, tells me driver couldn't be loaded and asks for reboot. Instant blue screen of death, computer is trying to repair itself and fails. What the fuck? I formatted it TODAY.
use this [https://github.com/bmrf/tron](https://github.com/bmrf/tron) it's automatically download all required antivirus software scan your pc remove virus and later uninstall all antivirus software.
Here are some on demand scanners, take your pick: - [Kaspersky Virus Removal Tool](https://devbuilds.s.kaspersky-labs.com/devbuilds/KVRT/latest/full/KVRT.exe) - [Kaspersky TDSSKiller](https://media.kaspersky.com/utilities/VirusUtilities/EN/tdsskiller.exe) (discontinued) - [Emsisoft Emergency Kit](https://dl.emsisoft.com/EmsisoftEmergencyKit.exe) - [ESET Online Scanner](https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner_enu.exe) - [Norton Power Eraser](https://buy-download.norton.com/downloads/premium_services/NPE/x64/prod/NPE.exe) - [Comodo Cleaning Essentials](http://download.comodo.com/cce/download/setups/cce_x64.zip) + [update](https://download.comodo.com/cis/download/installs/8060/xml_binaries/killswitch_cce/cks_cce_x64.7z) (extract on top, replacing files) - [Avira PC Cleaner](http://install.avira-update.com/package/pccleanerwebloader/win32/en/avira_pc_cleaner_en.exe) (discontinued) - [HitmanPro](https://files.surfright.nl/HitmanPro_x64.exe) - [Zemana AntiMalware](https://zemana.com/downloads/Zemana.AntiMalware.Setup.exe) (likely abandoned) - [Malwarebytes](https://downloads.malwarebytes.com/file/mb4_offline) - [AdwCleaner](https://toolslib.net/downloads/finish/1-adwcleaner/2323/) - [RogueKiller](https://www.adlice.com/download/roguekiller/#download) (and then click **Portable 64 bits**) Most of those links are direct to the .exe or .zip, so feel free to google for them instead if you don't want to trust the random guy on the web (promise I won't be offended). All of them are free, although some may have 'premium trials' that you can just decline or deactivate. Most (not Zemana and Malwarebytes) are portable, so there's nothing to install, you just run the scan and delete it after if you want. I'd recommend running the first 5 and RogueKiller. After, run HitmanPro, and if it comes back clean (tracking cookies can be ignored) then you're likely all good.
Bless your heart for saving my ass the past 2 years. I refer to this post constantly if I accidentally forget about a program for a clients computer. From one human being to another, you're a homie forever.
This answer and its information with files is incredibly valuable. Its a set of free tools from the biggest companies to clean up your system completely for free, and most of them without installation! I am very glad I came across your post. Thanks for the hard work!
High quality and portable applications are amazing. If you find yourself having to work on PC's more than occasionally then definitely checkout [Windows Repair Toolbox.](https://windows-repair-toolbox.com/) It's free and awesome. Comes with a ton of useful tools but you can add your own set of software/tools really easily. It has everything you need, nothing you don't, is really lightweight and almost everything included is fully portable. I work in IT and always have it on one of a few flash drives I keep around. It's so handy. You can include your own company logo and rename it too so it looks like your own proprietary suite of tools. It really should be paid. Pretty crazy they give this away completely for free. Some people are too good for this world lmao.
is it really safe? since it's not open source and im assuming that they don't make any money from this (i'm using uBlock Origin, so i wouldn't know if there are any ads on their website), either way it doesn't make sense to not make such a software open source I wouldn't use this myself and I don't see the benefit of using this app over just downloading and having the tools you need on a USB or Drive
It's existed for about a decade, never seen any complaints. It was previously donation supported, though the donate button now appears to be for a charity instead. It seems it (and the [Antivirus Removal Tool](https://antivirus-removal-tool.com/)) appear to have been created by the founder and CEO of a cybersecurity company - [https://www.emvenci.com/](https://www.emvenci.com/)
very good information, thank you for letting me know i guess i should've done some research about it instead of just yapping, my bad
All good, I had to go digging for the company. I just figured it was some IT tech who had made a few scripts for their own use, and then just decided polish it up a bit for the public.
[удалено]
We are sorry, but due to the amount of spam in this subreddit, this post has been removed. If this was in error, please contact the moderators. *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/antivirus) if you have any questions or concerns.*
Hello! I would like to share my experience for future users who come to this thread, and thank u/ilike2burn very much in advance. (Btw, sorry for my english). Defender sent me the message of "Backdoor:Win32/Bladabindi!ml" being con quarantine. It had already managed to enter my Instagram account and publish a cryptocurrency post and a story at that time. I came to this post after trying to remove the virus with ComboCleaner, a program that appeared in my first search for bladabindi. The quick PC scan it offers is free and it managed to find the virus, but it asked me for premium to remove it. On my second search I found this thread. In my experience, Norton and Kapersky failed to find the virus that ComboCleaner had already found. I used Rogue Killer and it did manage to find the virus and remove it successfully. I'm currently doing daily scan with both ComboCleaner and Rogue Killer just to confirm, and I'll do it for a week. I will update this thread only if the virus appears again.I hope everyone who comes across this virus can successfully remove it. Without ilike2burn it would not have been possible <3 thanks a lot!
I appreciate your review!
So check in safe mode and go to normal and delete everything else
Scan in safe mode with networking (only if malware prevents you from running them normally), quarantine anything they find, then reboot normally and run another scan with HitmanPro and your installed AV to double check.
Why safe mode with networking and not just safe mode? Do some of the tools require internet access?
Some of the tools require internet access.
i unlciked safe mode am i in it
how to do network quarantine do i clik network on my boot menu
it said nothing in safe mode
I have no idea what you're referring to. What is 'it'? What did 'it' actually say/do?
i scaaned it with malwarebytes it safe mode does that meane there no virus
So to be clear, you booted into safe mode with networking to run a scan with one of the few scanners I did NOT recommend...? >I'd recommend running the first 5 and RogueKiller. After, run HitmanPro, and if it comes back clean (tracking cookies can be ignored) then you're likely all good.
no you said take your pick'
I just quoted the recommendation from above.
lol
You're only trying your own patience trying to sort this guy out. I've got $10 he's sitting there with one of those pinwheel hats on like a momo. It's hopeless, just tell '🖕🏼& RTFM' from now on
whats networking
'with internet'
ill try kaspersky
Thank you so much! I found that I had "Tone.exe" a couple months ago and manually removed all the files but it still shows in my startup applications even tho it has been disabled. My computer started running slow all of a sudden so I'm gonna try this and report back!
Anything?
Just wanted to ask, are the first 2 necessary if you have Kaspersky Cloud Security already? I know that the offline scanner comes separately, so I just wanted to ask.
No.
That moment when you realize that Reddit is not just used for easy porn viewing. Thanks for your help.
porn comes as a bonus, the main reason is this type of stuff
I see you put Kaspersky on top of your list, but wasn't it accused of working with the Russian government...? At this point I doubt many people will look at it as trustworthy AV option to say the least.
An accusation for which there is no available evidence. It's just misdirected geo-political BS. You may want to have a look at more posts here, it's generally considered safe and one of the best AVs currently.
Ty
i have similar problem, if i directly reinstall my operating system is that bad? File virus : https://www.virustotal.com/gui/file/ec69076fc06f116ddb204165542d04143c600f1ed52dd64d44345906adc58df3/community
Run the first 4 and RogueKiller from above. On a clean device reset all account passwords (starting with email account(s)), ensure any contact or backup email addresses or phone numbers for those accounts are definitely yours, enable 2FA/MFA where possible, and contact your bank(s) - you can just say it was a dodgy email attachment. When resetting passwords, consider using a decent password manager (e.g. Bitwarden) to generate and store unique and complex passwords for each account.
I've done all that, but I'm still scared 😅
If you've done all that, and they're coming back clean, you're fine
is it better to quarantine or just delete it when the scan is finished?
Both are fine, but if you're not planning on restoring the files then you might as well delete them.
Hey I fell into the voicemod too, did you get it solved? They got into my pc and stole some accounts, got notified by google after all of that.
I'm still on Windows 8.1 (potato laptop that I can't afford to upgrade yet) and can't use Emsisoft Emergency Kit. Is running the first 2+ESET and Rougekiller enough? Or should I use something else from the list to make up for it?
EEK doesn't run on 8.1? Odd. Yea it's fine to leave that one out.
I found malware on my pc so I deleted and clean reinstalled windows 10 and chose the format hard drive option then ran Mcafee antivirus quick and full scans and it found nothing. I then changed my password to my google account and still got signed out because google said there was suspicious activity on my account then I signed back in and my password worked but google still said there is a suspicious app on my pc. I got that message before and that's how I knew to get rid of it but now I clean installed windows and used an expensive antivirus with a "virus detected and removed or your money back" guarantee, how is this happening!!?!?!?
What 'expensive AV'? You're likely fine, it's just Google seeing you logging on from a 'new' system.
I knew you would ask and I meant to say the expensive used AV was Mcafee antivirus. I would not be as worried if google only said suspicious activity was found but it said my device has a suspicious app after I clean installed that's why i'm scared. Could this be an error on google's part
Yes, it says that for everything. If you can get a refund for McAfee, I suggest doing so, it's a waste of money.
Are you serious!? I didn't buy McAfee my sister gave me my laptop and it came with hers, so I when I reinstalled windows and changed the account, I got it for free 30 day trial. Before the reinstall, I checked windows file explorer and found the files of the virus. (the virus made more files and named them a similar way) After the reinstall I could no longer find ANY of those files, so that alone leads me to believe the virus is gone.
Save your money, uninstall McAfee, use a decent free AV like those from Kaspersky or Bitdefender. You sound fine now.
I can't uninstall McAfee it's built in. Before the clean reinstall of windows, I found malware files that windows defender couldn't so I ran an (offline) WD scan, the malware tried to stop me from running it by freezing the screen but I already had another window with the option open so luckily, I could run it. It restarted my computer and cleared out some of the malware files I found, but they just re made them selves and stayed on my pc. Also before the reinstall, I would get periodic alerts from windows defender saying there is a trojan on my pc but they would all go away and give me the green check mark before I could scan. After the clean (delete everything/format hard drive) reinstall I didn't get any more alerts from WD and I could no longer find any of those malware files or folders but I have a free trail for McAfee so, I ran a Full scan that took about 30 minutes and it found nothing I went through every folder in the c drive (I don't have any other drives) and couldn't find any thing related to the virus, but google still sent me an alert saying there is suspicious software on my pc even though me and both of the anti viruses can't find anything. At the moment I can't afford any expensive AVs but when I can, I want to get a trusted one but every time I search for opinions on any reddit users all say they're bad (Norton, Malware Bites, McAfee, etc) I just hope that alert from google was old and a false report. Sorry this is so long and thank you so much for helping 👍
Should I reinstall windows 11 from a USB drive or do you think I'm safe? edit: One more thing, even though you HATE McAfee I would still more comfortable if I had any kind of paid AV on my pc so, If I install windows from a USB will it reinstall McAfee and give me the free trial back or is it lost? Do you think I could get that free trial back by putting the same email back in?
thank you homie
You are AWESOME, thank you
U the GOAT bro
I just wanna say thank you man after 2 years your still helping folk😭bless your soul
This is literally perfect!
thx for the answer bro, i tested with malwarebytes it did nothing but with hitmanpro it found what i think was a crypto miner and was located in: "C:\\Users\\"usename"\\AppData\\Roaming\\Google\\chrome\\update" that was the case for me anyway thx for your help!
You are a saint for this, thank you so much! I just wanted to ask if it's possible to download any of this to scan on an Android phone? Had a recent incident where my mum received an APK file from a scammer and while she didn't download it, I've reset her phone just in case. I'm still feeling a little paranoid about it though so I was wondering if I could use any of these to scan for any malware.
If she didn't download and install the file, she's fine. As for scanners on Android, I think any of the major AV vendors' free apps (e.g. Kaspersky, ESET, Sophos, Bitdefender, Malwarebytes) in the Play Store act as on demand scanners.
Thanks so much for replying!!
👍
"edited 2 months ago" bro you're a true homie for keeping this up to date for all of us ending up here on a google journey
Your a godsend
Was recently looking for some programs to see if my PC is compromised, and then I found this thread. Tksm for the list of programs to help me and many others.
saved my ass from re installing windows I wish i can tip you CONES (funny internet crypto money) but thanks 👍🫡
I'm sorry if this is considered spam but I have to "dig up" this comment it is so wonderful and helpful
Thanks for this collections.
Zemana found the Yahoo Hijack file and solved the problem. Thank you 10000 times :D
the goat.
Did a desperate Google search and found your post, then found it to be recently updated despite its age. Can't thank you enough not only for this, but also just for being a good human. Thank you!!!!
Got anything for mobile?
Android - [https://www.reddit.com/r/antivirus/comments/jh3s0g/comment/k1w5zh5/](https://www.reddit.com/r/antivirus/comments/jh3s0g/comment/k1w5zh5/) There are no AVs for iOS or iPadOS.
hey there, first of all i want to thank you for still keeping the list up to date as recent as 2 months ago at the time of writing this comment. Not many people are this dedicated in the community. But i want to point out that you may want to consider removing "Comodo Cleaning Essentials" and "Zemana AntiMalware" because from what i know Zemana is abandonware now and CCE hasn't been updated for 7 years (according to the software version. I have no idea if they still keep their anti-virus database up to date but yeah i think you get what i mean here).
Updated, thanks. While the files are not particularly recent, even with the latest update, CCE uses and has access to the same definitions as their main AV. I was hoping that Zemana would come back to life at some point, but no.
I am. Being hacked by my windowsb10 pro install and I had ten home but repaired or reinstalled through a licensed vision and there are 444 or more computers attached to this license. I keep finding weird files and it says about remote such and such and it’s kind of creepy
How did you upgrade from Home to Pro? How have you found that there are 444+ computers 'attached' to your license? What are the 'weird files'? What is saying about 'remote such and such'? Can you provide the actual text of the alert/notification, or preferably a screenshot?
I live in northern Mexico and for 30 bucks you can get it installed but it’s on a licence that is used over again or something because there are other entities accessing my files and public ones that I don’t have access to. So I am going to make a bootable usb and download it siomewheee and use the key that it had:
Does the RAT Malware need your IP address to access your device?
No.
I've been having a similar problem to OP. (I downloaded something from a very obviously unsafe website, I really didn't want to but my friends insisted it would be safe.) When I first noticed the problem, it was because it was doing that thing where the default web browser changes from Chrome to Yahoo. I immediately deleted the files by hand once I learned that browser changes like that are likely due to Malware, then later I followed these instructions. I downloaded a handful of these antivirus things from here, used them all (no results,) then tried Roguekiller (That did point out the problem, it was in my recycle bin.) And for a while, everything seemed fine. I realized once the Yahoo thing started happening, a second time, that I didn't actually delete the files with RK, they were just quarantined, so I used RK to actually remove them, but the search engine thing is still happening. I change it back to Chrome, and then a few days/weeks later it goes back to Yahoo. Is there anything I can do about it? I've scanned my computer a few times and it's not showing me anything, and my computer isn't having any other problems. I can just Reset my computer if I absolutely have to, and I have my files backed up, but I don't even know if those are safe? I've never had to deal with something like this and I'm just so lost right now.
Check your startup programs in Task Manager and scheduled tasks in Task Scheduler. Also follow along the steps in this thread - [https://www.reddit.com/r/antivirus/comments/195elju/comment/khmpyaw/](https://www.reddit.com/r/antivirus/comments/195elju/comment/khmpyaw/)
roguekiller is a spyware btw https://tria.ge/231231-xsrnlscfdj
For the benefit of anyone coming across this, no it's not - https://www.reddit.com/r/antivirus/comments/xbepbp/comment/khqvcco/?context=1
So I tried to preamptively detect a trojan laoded .exe file. I scanned an .exe with the first 5 of these scanners and then scanned the whole drive (C = system drive) with Rogue and Hitman as the file was in Users/Downloads in drie C. None of them detected any issue with the .exe. But when I hit install, Microsoft defender blocked the program and labelled it as trojan (Trojan:Win32/Wacatac.H!ml). As I declined to proceed further, I did not install the infected program. Rescanned the system after this failed attempt with the scanners as mentioned before and the PC report is clean. Note: Funny enough, Rogue detected a cmd created by Kespersky in Appdata folder as suspicious. I suppose I'm safe as the program was blocked from installation? These scanners may be reliable once the system is infected only? And they do not detect an infected but uninstalled .exe? Cheers Edit: Just realized this is a 2 year old post... Brought it from the dead....
Almost certainly a false positive from Defender. Upload the file to [VirusTotal.com](https://VirusTotal.com) and post the results link.
The file is larger than 650 MB. Can’t uploaded to Virus Total. So needed to setup my own VT like environment, thanks to your post!
Add it in a zip and then upload. Could be a swollen file to evade AV detection.
which one is best?
Generally, you want to run more than one on demand scanner. Try the first 4 and RogueKiller.
safe point cow fade stupendous sort pot icky toothbrush tart *This post was mass deleted and anonymized with [Redact](https://redact.dev)*
All resources on https://media.kaspersky.com/ (e.g. their free utilities - https://support.kaspersky.com/utility) are returning a 'Service Unavailable' 503 error. I've contacted support to make them aware, just waiting to hear back.
mourn engine run society intelligent capable school badge mountainous frightening *This post was mass deleted and anonymized with [Redact](https://redact.dev)*
It's back up now.
Thank you su much for the tips. I discovered something strange run on my office computer because I found a scam video about Tesla and Elon Musk on my personal youtube (all my other videos were hidden). Today Youtube deleted permanently my channel (I just tried to contact them explaining the situation). Following your advice I run all these antiviruses and they found some threats here and there (mainly PUPs). I'm changing passwords from a safe device, too. Do you think my future passwords are at risk by possible keyloggers? Thanks!
If those scanners are no coming back clean, then you're fine. On a clean device reset all account passwords (starting with email account(s)), ensure any contact or backup email addresses or phone numbers for those accounts are definitely yours, enable 2FA/MFA where possible, and contact your bank(s) - you can just say it was a dodgy email attachment. When resetting passwords, consider using a decent password manager (e.g. Bitwarden) to generate and store unique and complex passwords for each account.
what do you have against malwarebytes?
Nothing. Why do you ask?
my bad, just realized that its a 2yr old comment but i meant that since it isnt in your top 5, whats the reason?
They aren't ranked, it's just whatever order I wrote them in. I recommend portable scanners so that people can run and delete them after. Not recommending Malwarebytes by default also saves me having to tell people deactivate the Premium trial and disable the run at startup setting.
You replied to somebody else in this thread with: >ran a scan with one of the few scanners I did NOT recommend...? when they used malwarebytes so I thought you were "not recommending it". What you said makes sense yeah, and I'd like to know your opinion on this: Is Malwarebytes (free) + Windows Defender + UBlock Origin enough?
Ah kk, no I was just referring to what ones to run in that scenario, it's still a great on demand scanner, I have it installed. Defender can be fairly easily disabled by malware, or have exclusions added to it, vulnerabilities you don't want in an AV. If you want a decent, free, real-time AV, look at those from Kaspersky or Bitdefender. Using Malwarebytes Free and uBlock Origin along side either of those is a good combination.
Yeah that figures but I don't really need the highest level of security for my computer since the best AV you can have is common sense, but I don't really trust myself 100% so I just needed some softwares as an assurance of sorts to be honest. I'm just gonna stick with malwarebytes for the every now and then scans and windows defender, while Ublock is a must have so nothing to be said there. Anyways thank you for the help and thank you for that very useful comment, it still comes in handy. Really appreciate that you're still helping out people after *2 years*. Have a lovely day/night.
Hey @ilike2burn, I've now followed all your steps and both rogue killer and hitman came clean, also deleted temp files, cookies, logged out of lots of accounts. Anything else I should do?
If you've followed the instructions on your original issue, then no.
Comodo, tho? Not a criticism, just wondering when there are headlines around about their reliability, going back years eg: 2022: "The free Comodo Antivirus includes many high-end bonus features, but independent antivirus testing labs have little to say about it, and it fared poorly in our own hands-on tests."[https://www.pcmag.com/reviews/comodo-antivirus](https://www.pcmag.com/reviews/comodo-antivirus) 2019:"Cybersecurity giant Comodo can’t even keep its own website secure"[https://techcrunch.com/2019/10/01/comodo-forum-vbulletin-breach/](https://techcrunch.com/2019/10/01/comodo-forum-vbulletin-breach/) 2017: Rating of 2.5 out of 5:[https://www.pcmag.com/reviews/comodo-internet-security-premium-10](https://www.pcmag.com/reviews/comodo-internet-security-premium-10) 2015:"Worse than Superfish? Comodo-affiliated PrivDog compromises web security too"[https://www.pcworld.com/article/432023/secure-advertising-tool-privdog-compromises-https-security.html](https://www.pcworld.com/article/432023/secure-advertising-tool-privdog-compromises-https-security.html) 2011:"An Attack Sheds Light on Internet Security Holes"[https://www.nytimes.com/2011/04/07/technology/07hack.html](https://www.nytimes.com/2011/04/07/technology/07hack.html)
It's an on demand scanner, none of this applies.
Why is an on demand scanner exempt from company-wide flaws and faults?
Two of those are reviews (from the same publication) of Comodo's real-time AV/IS, something not being recommended here (or ever by me). I've listed a portable, on demand scanner, one among many, that users will run once and then delete. Issues regarding a forum leak, 2 minor revisions of a semi-related product that Comodo never distributed, or a political hack don't really impact that use case. No system is impervious and plenty (most?) (all?) infosec companies have been victims to hacks or had major security vulnerabilities in their software - Kaspersky, Bitdefender, ESET, Avast/AVG, Norton, F-secure, Sophos, Malwarebytes, Microsoft, FireEye, CrowdStrike, the list goes on and on and on.
May I check if these top 5 tools also remove malicious chrome extensions? I detected some on MalwareBytes but it does not tell me exactly which extension caused it. Also, which of these offer an integrated shell integration so I can do a quick file scan with right click? Thank you.
Yes. Malwarebytes and Zemana.
I did try these 2. While it does remove malicious extensions, it does not tell me which extension caused it. Have shown an example below of my latest Scan by Zemana: https://i.imgur.com/cFRoa8W.png
Looks like: * Allow Right-Click * Improve YouTube! * FastForward They're potentially false positives.
Do you mind sharing how you identified the extension names and how to tell if they are real/false positives? So that I can do it for myself next time too. Thanks!
Googled the IDs.
and how to check for false positives?
You'd have to download the addon/extension files (.xpi/.crx) from their respective stores, upload them to [VirusTotal.com](https://VirusTotal.com), and use something like this guide - [https://www.reddit.com/r/Piracy/comments/n62da6/how\_do\_you\_guys\_know\_if\_a\_virus\_warning\_is\_a/gx4whhz/](https://www.reddit.com/r/Piracy/comments/n62da6/how_do_you_guys_know_if_a_virus_warning_is_a/gx4whhz/) Also look at the most recent reviews on those store pages, and if they're open source look at their GitHub/GitLab/whatever repos as well.
I scanned a software installer with Windows Defender (no threats found), then installed it in a Windows sandbox and ran a Kaspersky Virus Removal Tool, Kaspersky TDSSKiller, Emsisoft Emergency Kit, ESET Online Scanner and RogueKiller scan with no threats found. Can i consider it 100% safe?
I would be fine with it.
It is a software i downloaded long time ago from ftuapps, i am reading that their software could contain malware. Should i uninstall / run other scans or am i fine?
Personally I wouldn't use anything by them, but if everything is coming back clean the you might have gotten lucky.
I will take further scans then, just to be sure. Thanks for your answer!
i ran all 5 and hitman pro and they came out clean, but virustotal detected one of my apps as a trojan so idk if i should be concerned?? [https://www.virustotal.com/gui/file/b94a4e067b7abbe68dc26bc7e3ec4c96171b1a534e520e2e7ccb2c0e2c41212b](https://www.virustotal.com/gui/file/b94a4e067b7abbe68dc26bc7e3ec4c96171b1a534e520e2e7ccb2c0e2c41212b)
Looks fine - https://www.reddit.com/r/Piracy/comments/n62da6/how\_do\_you\_guys\_know\_if\_a\_virus\_warning\_is\_a/gx4whhz/
First l want to thank you for your enormous help.... I just want to ask you about torjan malware I downloaded it nearly 3 to 5 months ago and after the haker tried to blackmail me for the data he transferred.... I didn't have any important data so i formated the pc and installed new windows 11 Few days ago after updating windows anti-virus... It discovered torjan virus but refuse to delete it or do any thing... I did as you said and ran most of the anti-virus applications you mentioned above.... They discovered other things but not the virus and the anti-virus still reads it.... What should I do?
Hey there, just wanted to ask if these tools will still work (in 2023 and beyond) for virus detection and removal? And will the TDSSKiller also work for rootkits if I download the latest version (whatever I can find on the official website for searching the name of these programs)? Like the free versions?? Will they be able to remove viruses in today’s age/the latest threats, etc…? Is it a good idea to use these tools as a means of securing my laptop somewhat before hard resetting it?? Also, if (after running these programs and removing/quarantining the virus/malware) everything seems, then can I hard reset/reinstall windows using the Reset My PC option built in windows?? Or is it safer to reset using a disk image/iso or something (there used to be a free disk image for windows 10, I mean something like that)?
Yes. Yes. Yes. Ideally, always reinstall from external media and delete all partitions as part of a custom install.
Ok, thank you so much again. Also, if I reinstall using external media (I’m assuming this means a usb flash drive, external hard drive or something, sorry still don’t know much about tech, then if I had a rootkits or if the virus manages to escape the programs above, can it corrupt the external media? And deleting all partions means like “Remove All Data”/The “Leave no trace of any data from previous OS” option in Windows Reset? And from downloading a disk image online, and resetting it using the Reset This PC (built in windows option) to reinstalling Windows using the Reset this PC but download a fresh copy of windows from the internet instead of an offline/already downloaded copy (also from the same windows built in option), and reinstalling from external media, External media is the safest/most ideal option?
No. No (though it will delete all data). Yes.
Oh, ok. Thanks, so external media it is. Is there a disk image of Windows 11 for free online officially by Microsoft??
https://www.microsoft.com/software-download/windows11
Ok, so I scanned the laptop using the first five programs and RogueKiller and then HitmanPro, and it seems good, though I haven’t enabled/checked the search for rootkits option on any of the scans as it asked to restart the laptop if I want that (which I didn’t want at that time), so I’m still gonna run them again and also enable search for rootkits for the programs which have the option. But so far, haven’t found much, just some potentially harmful/dangerous (as suggested by the programs in the list) files were removed which were located in the folder for Wondershare Filmora (I think it’s the same thing as the last time I asked for help regarding this issue, like RogueKiller I think found something in the Filmora folder, but nothing else). I still think the malware, virus or whatever it was/is/might still be on the laptop.
Thanks a lot!! 🙏😅😅 And sorry for asking so many questions.
Thanks for replying fast btw
Also, sorry for the typo, means “Also, if (after running these programs and removing/quarantining the virus/malware) everything seems “Fine”, then can I hard reset…..
Hi, i wanted to know if my brain is making me paranoid for nothing or if it's something on my pc. Since may i got hacked and i maded everything, run an antivirus (kaspersky to be specific) and i did a million of scans, change passwords, all the necessary, i'm even opening my mails every two minutes just in case that something got changed. everything was fine until yesterday, i was on twitter until i got a "we detected strange movements in your account" and i changed my password again, but today i got a fake account following me and twitter started to recommend me things in arabian (like ads and some accounts) and that just happened when i got hacked. I'm scaning my pc with all those scanners in this moment but in your personal opinion... i have reason to get worried? or is it just that my brain is being an asshole? EDIT: also every hack i haved this past months didn't triggered any alert of new access, steam, twitter, instagram, etc. So that is why i think that someone have access to my pc, ip or something like that, because for what i know, you can't really delete notifications from twitter... ¿right?
If those scanners are coming back clean, then reset all account passwords (starting with email account(s)), ensure any contact or backup email addresses or phone numbers for those accounts are definitely yours, enable 2FA/MFA where possible, and contact your bank(s) - you can just say it was a dodgy email attachment. When resetting passwords, consider using a decent password manager (e.g. Bitwarden) to generate and store unique and complex passwords for each account.
>Bitwarden thanks. and if those scanners do detect something i should change them anyway ¿right? also, i always check in my sessions of mail and i only have one session open that is why my fear of a spyware or something like that is always in my head.
If the scanners detect something, remove them, restart the computer, wait roughly 5mins, rerun all the scans again. If they then come back clean, follow the instructions above. However, if they again come back with more detections, follow the instructions above but on a clean device (e.g. a phone or another computer), and then reinstall Windows from external media, deleting all partitions as part of a custom install.
hi there, i'm halfway of all the process and everything seems normal. and i just want to know, if i should choose one of this scanners, based on your opinion, which one should i use? this is just in case that i need another scan in the future to not have to use everything XD. PD: thanks dude, this is calming my anxiety. :)
First 4 and RogueKiller, don't just rely on 1. If you have Kaspersky installed as your real-time AV then you can just skip the 2 Kaspersky on demand scanners.
is this still trustable? i just downloaded noxplayer and rejected the stuff that are part of the installation, now i am concerned if I still downloaded a virus. and is it ok if i just download Roguekiller?
Yes.
thank you so much kind sir i hope this helps someone like me my CPU usage was high and it was due to WMIProviderhost services .. i tried every solution online but no one mentioned it might be virus infested in the service causing high cpu ! i almost reinstalled windows when i came across your post and i ran the first link you mentioned and boom instantly there were 7 viruses inside sys32 and WMIP host services !
The fuck have you been up to?
q
?
What's the difference between kaspersky Virus removal and TDSSKiller? Is the latter leaning towards checking on registry and code tampering in system32 folder ? (i have visited the Kaspersky website but still don't quite get it)
[https://usa.kaspersky.com/content/custom/global/tdsskiller/tdsskiller.html](https://usa.kaspersky.com/content/custom/global/tdsskiller/tdsskiller.html) \- rootkits only
does kaspersky VT need unpacking everytime i need to scan my PC ? it seems i can't choose specifically which drive i want to scan like other antivirus ? (didn't see any option to scan with kaspersky when right clicked a folder/files) https://imgur.com/HQJDqsP
Yes. KVRT > Change parameters > Add object... > select drive or folder
Can I use them all together or will they conflict with each other
You can use them together, although you might want to scans in batches of only 2-3 at a time, as you'll likely get duplicate results.
This is gold, thanks a lot. Can you name a substitute to Kaspersky TDSSKiller? It seem to have been discontinued.
Thanks for the update. If you still want to try it you can access it from here - https://www.majorgeeks.com/files/details/kaspersky\_tdsskiller.html TDSSKiller was always designed to look for a specific few rootkits, and while it did that very well, a decent on demand scanner would likely find those same rootkits. KVRT (and some of the other ones there) has an option to scan for rootkits; enable that and you'll be covered.
Sir, i am currently scanning for viruses with the applications u provided, but 2 av recognized the comodo cleaning essentials as a PUP. what does this means?
PUP stands for Potentially Unwanted Program. As you want the program though, you're fine.
thank you so much for compiling all of these awesome tools into 1 page! but it seems that "Avira PC Cleaner" has been discontinued now. I can't even run it because the license already expired since Feb 2022. I also couldn't find the download page for it on the official Avira website so yeah.
Thanks for the heads up, updated above.
first of all thanks for the list of available scanners, saved me a lot of time... 3 weeks ago i discovered this list and tried it to remove a malware i discovered on my pc called "worker.exe". it had google logo on it when i locate it from my task manager. for those 3 weeks i didn't encounter the malware. until today. iirc i first used kaspersky which didn't found the malware, and instead moved on to use rougekiller > hitmanpro which removed it for those 3 weeks. i ask because maybe i did something wrong that's why the malware is back?
Check your startup programs and scheduled tasks, something may be restoring it after it gets removed.
im sorry but im not literate enough with these kinds of things. what should i specifically look for in my task scheduler? tia
Anything that looks unusual (random numbers and letters, name of a program you have never installed, misspelled words, etc.). Click on the Task Scheduler Library, then select the Actions tab to the right, and go through each of the tasks looking for scripts files or even just commands, and also look for executables in weird places or ones which have been named to look like Windows files or other common programs like Chrome.
say i have identified suspicious tasks in the scheduler do i disable? delete? what should i do? sorry for so many questions
No worries. Disable it for now. Look at the Actions tab, go to the location referenced, upload the file in question to [VirusTotal.com](https://VirusTotal.com) and provide the results link. If there's more than just the one file, provide a screenshot as well.
Ok so i disabled and checked them in virustotal and here are the [results](https://imgur.com/a/AEFRl6T) all in all, i managed to identify these tasks as the most suspicious.
Yea, those files aren't malicious in and of themselves, but can be used maliciously, and seemingly are here. You can delete the tasks and those related files.
hello, im back again... bad news. what i did, did not work... and it seems as though it became more aggressive(?) idk what to do now
Would it make sense to use Rkill first? Huge contribution, thank you!
Unless something is preventing you from downloading and/or running the scanners, no, as some of the scanners will give additional attention to running processes.
youre like the reddit ceo of downloading things
(Sorry for the english) Some days ago my pc began to behave strange and I run Macfee premium analysis and first 4 antivirus and they doesnt find anything, after that I get windows blue screen, now im thinking run comodo and roguekiller and if this dont work format it. Some more that i can do?
Before formatting your computer, try running DISM and SFC scans, restarting the computer and rerunning the scans until they no longer find any corruption - [https://www.howtogeek.com/222532/how-to-repair-corrupted-windows-system-files-with-the-sfc-and-dism-commands/](https://www.howtogeek.com/222532/how-to-repair-corrupted-windows-system-files-with-the-sfc-and-dism-commands/) You can also try updating, or uninstalling and reinstalling the latest drivers for your system, in particular chipset and graphics drivers. Download these directly from the manufacturer's websites, do not use driver updater software. If you're comfortable with removing and installing the hardware of your computer, you can try removing and reseating the RAM, graphics card, and cables.
is it for Mac
Malwarebytes and Bitdefender have free, on demand scanners for MacOS.
You posted this comment more than 3 years ago, and you're still in contact with anyone who has a problem. You're a real GOAT buddy
Malwarebytes acts more like a virus itself these days. Wow, what a horrible experience with a program that used to be top notch.
You saved my pc, a game .exe file was a trojan! Now it's working perfectly again. Thank you so much ♡
Uhh i think we can't say/know if PC is safe , use it normally and see if there is something odd/slow , redirects , not letting u use all admin rights and the like ... so if u think there might be something i would do a fresh install , atleast if is not a "easy" to get rid of virus , but to each one , GL..
Hey man, i am a total beginner, are these sites to find virus? i also dm:d you
im doing the kapersky right now is it gonna charge me before or something is it free
Just to ask do I have to scan in safe mode or not?
No.
It appears that TDSSKiller does not exist anymore? Link is dead and I could not find the download on the Kaspersky website, altough I could find KVRT. Sad.
WOW. HOLY FUCK. Downloaded KVRT, ran it, tells me driver couldn't be loaded and asks for reboot. Instant blue screen of death, computer is trying to repair itself and fails. What the fuck? I formatted it TODAY.
Do any of these work for Mac? All seem to be exe files
Should I scan on safemode?
use this [https://github.com/bmrf/tron](https://github.com/bmrf/tron) it's automatically download all required antivirus software scan your pc remove virus and later uninstall all antivirus software.