Jump to content

Recommended Posts

the two apps that I'd love to see included are ComboFix and a-squared portable. I know there's doubts about CF but I use it all the time and it would round out the AMT very nicely IMO. Like anything along the lines of malware removal, it is "use at your own discretion".

I´ve recommended A-squared portable.... very nice tool.

Anyways there are a lot of Antispyware programs on AMT...

What about Winsock XP FIX ?

Share this post


Link to post
Share on other sites

Have you considered user configurable downloads? Say I want to include the Sophos Anti-Rootkit or other on demand scanners. I enter the description and URL into the Anti-Malware Toolkit and it's added to the user defined section. That would be most useful.

edit: Never mind. I just saw . Nice.

Share this post


Link to post
Share on other sites

Does it support command-line options?

Would be nice, since then it would be able to use it together with scripts.

Like awt.exe --silent, or --download-all.

And of course --version and --help.

by now it doesnt support cmd line , right Taurun?

Share this post


Link to post
Share on other sites

by now it doesnt support cmd line , right Taurun?

it supports the following command line arguments. as of v1.11.204.

looks like Tarun forgot to add the proxy ones to the about tab..

---------Proxy---------

--proxy-auth:Username:Password

--proxy-host:HostnameOrIp:Port

---------OS Selection overrides---------

--custom

--2000

--xp

--vista

--seven

--server2003

--server2008

I plan on adding some more in the future, but i've been too busy lately.

Share this post


Link to post
Share on other sites
Guest The Cleaner

Looks like a nice app. It would be great if we could make a set of selections, then save them as default so we didnt need to select them each time it was run. Also, I would like to see a few other items like included such as GMER, and some of the other AV removal tools like Norton's. Aside from that, you seem to have designed a very useful tool and I thank you for making it available to us.

Share this post


Link to post
Share on other sites

Version 2 is being worked on and we'll look into adding more to it. However, please keep in mind that when adding things like GMER and Combofix, these are available for the average user as well. With Norton we'll need ftp support since SymNRT is only ftp and not available on http.

Share this post


Link to post
Share on other sites

Because Combofix has continued to appear in this thread, I'd like to say there was a bug (yet again) just recently that...

caused CF to delete programs from Program Files (not all programs, just some), and files from system32 and system32\drivers folder. You may also see select services and drivers along with their respective legacy keys being deleted as well.

Best course of action - Dequarantine the files and folders, then invoke System Restore to handle the services/legacy keys.

Due to the extremely dangerous nature of Combofix and the bugs that continue to appear over and over, we will most likely never include it in the Anti-Malware Toolkit.

Share this post


Link to post
Share on other sites

With the maturing of Malware online I feel it important to keep all Anti-Malware cleanup tools updated.

Personally, Malwarebytes' Anti-Malware is my essential first step in scanning an affrected System, thus should be included, and updated.

It is a very tricky to give someone a "pack", as an expert Malware cleaner should be used to guide the infected user, often there are twists and turns that take an expert to adjust the method of cleaning, which a generic approach will inevitably fail.

I agree Combofix should be discontinued, as it's time as a viable cleaner has passed.

Unfortunately again I'd like to advise a trained expert be used to guide the victim through the "cleanup" process.

The most up to date tool for malware removal is OTS

I would suggest this standard procedure if unassisted:

FIRST

Malwarebytes' Anti-Malware

Please download Malwarebytes' Anti-Malware from Here or Here Here

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

If an update is found, it will download and install the latest version.

Once the program has loaded, select "Perform Quick Scan", then click Scan.

The scan may take some time to finish,so please be patient.

When the scan is complete, click OK, then Show Results to view the results.

Make sure that everything is checked, and click Remove Selected.

When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)

The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

THEN

Download OTS to your Desktop and double-click on it to run it

Make sure you close all other programs and don't use the PC while the scan runs.

Select All Users

Under additional scans select the following

Reg - Disabled MS Config Items

Reg - Drivers32

Reg - NetSvcs

Reg - SafeBoot Minimal

Reg - Shell Spawning

Evnt - EventViewer Logs (Last 10 Errors)

File - Lop Check

File - Purity Scan

Reg - NetSvcs

Reg - Shell Spawning

Evnt - EventViewer Logs (Last 10 Errors)

File - Lop Check

File - Purity Scan

Now click the Run Scan button on the toolbar. Make sure not to use the PC while the program is running or it will freeze.

When the scan is complete Notepad will open with the report file loaded in it.

Generally it is advised a Trained Malware expert be consulted to interpret the results.

In no way am I discouraging Anti-Malware Toolkit, the above measures will however give important info for use in a cleanup. :D

Share this post


Link to post
Share on other sites

Command-line options to download and install software, preferably able to specify multiple software to fetch and install.

amt update

amt install firefox chrome ccleaner hijackthis mse

Make AWT open source and put it on Microsoft CodePlex.

Place a icon or a text description on all free open source software to indicate/inform that they are open source software.

Add a list of all software supported by AWT to the Lunarsoft wiki.

Share this post


Link to post
Share on other sites

Checksum

Add a MD5 (or preferably SHA-1) checksum to the package.

Verify integrity of downloaded files.

Authenticity

Sign the executable with gpg and post your public key on the site.

Sign the tool with Microsoft Sign Tool.

Changelog

Rename the change.log file to ChangeLog or ChangeLog.txt. Because technically it is not a log file.

Disclaimer

The disclaimer refers to the software by its old name; LunarDownloader.

Readme

Add a readme.txt file.

Open source

I am professional software developer in C# / .NET and could contribute and improve it.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...