For $19.95 Malwarebytes Anti-Malware PRO Munches Your Malware

Twenty bucks might buy you a beer or three, which would soon be flushed away – water under the bridge – so to speak. But, that same $20 will allow you to install Malwarebytes Anti-Malware on your computer – with a lifetime license no less.

Malwarebytes Anti-Malware has a justified reputation as a first class security application – based on it’s ability to identify and remove adware, Trojans, key-loggers, home page hijackers, and other malware threats.

Both the free version, and the commercial version, deserve the significant kudos regularly offered by seasoned security technologists. This application definitely munches on malware!

The free version of this outstanding application has always made my recommendation list as an integral part of a  layered security approach. But, since real time protection is disabled in the free version, I do not recommend the freeware version of Malwarebytes as a stand alone primary security application. Additionally, scheduled scanning, and scheduled updating are also disabled in the free version.

Malwarebytes Anti-Malware PRO:

A simple, intuitive, and easy to use interface, makes Malwarebytes’ Anti-Malware straightforward to setup, customize and run – for both less experienced and expert users alike, as the following screen captures indicate.

Select preferences.

Choose a scan type.

And – quick as a bunny – you’ve got the results. Malwarebytes Anti-Malware really is a speed demon.

A supplementary log is handy for a quick review.

Malwarebytes Anti-Malware PRO Features include:

Flash – Lightning fast scan speeds

Thorough – Full scans for all drives

Works Well With Others – Cooperative functionality

Puts YOU first! – Priority database updates

Puts Malware in the Slammer – Quarantine function holds threats and lets you restore at your convenience

Talk to the hand – Ignore list for both the scanner and Protection Module

For Your Pleasure – Customizable settings enhance performance

Lock It Down – Password protect key program settings

Chameleon – Gets Malwarebytes running when blocked

Toolbox – Extra utilities to help remove malware manually

Nitty Gritty – Command line support for quick scanning

RPP, Yeah You Know Me – Realtime Proactive Protection Module

Hablamos Everything! – Multi-lingual support (Klingon still in beta)

Support for XP, Vista, 7, and 8 (32-bit and 64-bit)

Systems Requirements: Windows Vista, Windows 7, Windows 8 (32 bit and 64 bit), Windows XP Service Pack 2 or later. Internet Explorer 6 or newer.

Multi-lingual support: English, Arabic, Bosnian, Bulgarian, Catalan, Chinese Simplified, Chinese Traditional, Croatian, Czech, Danish, Dutch, Estonian, Finnish, French, German, Greek, Hebrew, Hungarian, Italian, Latvian, Lithuanian, Macedonian, Norwegian, Polish, Portuguese (Brazil), Portuguese (Portugal), Romanian, Russian, Serbian, Slovak, Slovenian, Spanish, Swedish, Thai, Turkish, Vietnamese.

Download at: MalwareBytes

As a full fledged security application, with all of its features unlocked; real-time protection, scheduled scanning, and scheduled updating, Malwarebytes’ Anti-Malware is a terrific value at $19.95 USD. Malwarebytes products come with a 30 day money-back guarantee.

Reader comments from previous MalwareBytes reviews –

G – I would definitely place Malwarebytes at the top of the list. I have had it find nasties when others have failed. I run it once a week on all of my machines.

Liam O’ Moulain – I’ve been using MBAM since you first recommended it sometime ago. I’m very satisfied.

Ranjan – Same case here as G. It took out a spyware which KIS is unable to detect even till now.. Many malware removal experts, in fact most, also recommend it.. So, it definitely deserves a place in one’s toolbox…

Kingpin – What can say!MBAM Pro is best that has happened to me. Like I said before I have the Pro version on all my 3 systems. MBAM Pro hasn’t let me down yet. The speed of scanning all files is pretty good too. On my regular system it plays along well with SAS Pro.

Mal – Not much to add, I have been using it a while now, great app. And I use SAS as well. Usually run them both just before I shutdown the computer for the night.

SpywareBlaster 4.6 Released – An Important Building Block In Your Wall Against Malware

If there’s a lesson that an average Internet user needs to be reminded of until it becomes second nature it’s this – “prevention is worth a pound of cure”.

Just as in real life, where the public health practice of systematic inoculation has proven to prevent a wide range of serious diseases (prevention is worth a pound of cure at its best) – giving a computer a “shot” (which SpywareBlaster is designed to do), as part of a layered defense strategy, has proven benefits.

Relying on a malware removal tool, following a serious malware infection, is often a fool’s errant since there is simply no way that an average user can be absolutely sure that the infection has been contained – never mind removed. It’s no accident that a huge number of specialty malware removal tools have been developed to address this very issue. Applications which, unfortunately, are often outside the capabilities of an average user.

So, stopping the bad guys from gaining a foothold has to be a primary objective of that layered defense strategy that I mentioned earlier. And, part of that strategy includes raising barriers at the doorway to the system – the Internet browser.

SpywareBlaster, the granddaddy (in a sense), of Internet browser security applications –  which has just been updated to version 4.6 – is a free application which is well suited to helping raise those barriers.

SpywareBlaster, once installed, doesn’t use any services, or drivers, and does not use memory or processing time. You just open SpywareBlaster, set your protection, close it – you’re protected. SpywareBlaster continues to provide protection without the need for user interaction.

SpywareBlaster doesn’t scan for or clean spyware, since it’s designed to prevent installation only – so, it must be used in combination with your existing antimalware applications.

A quick walkthrough:

First – a little house cleaning. Enable all protection.

SpywareBlaster continues to provide protection without the need for user interaction.

A secondary, but equally important function offered by SpywareBlaster is its ability to block spyware/tracking cookies and restrict the actions of spyware/adware/tracking sites in Internet Explorer, Mozilla Firefox, Netscape, Seamonkey, Flock and other browsers.

A bonus feature included with SpywareBlaster is – System Snapshot. You can take a snapshot of your computer in its clean state, and later revert to this state, undoing any changes made by spyware and browser hijackers that have infected your system despite the security in place.

I recommend that you take advantage of this important feature – just in case.

For a more hands on approach – open the Tools menu and fiddle to your hearts content.

Fast facts:

Prevent the installation of ActiveX-based spyware and other potentially unwanted programs.

Block spying / tracking via cookies.

Restrict the actions of potentially unwanted or dangerous web sites.

Unlike other programs, SpywareBlaster does not have to remain running in the background. It works alongside the programs you have to help secure your system.

System requirements: Windows XP, Vista, Win 7 (32 bit and 64 bit).

Browser compatibility:

Internet Explorer

Mozilla Firefox

Netscape

Seamonkey

Pale Moon

K-Meleon

and browsers that use the IE engine, including:

AOL web browser

Avant Browser

Slim Browser

Maxthon (formerly MyIE2)

Crazy Browser

GreenBrowser

Download at: Javacool Software

Need answers? Visit the SpywareBlaster Forum

SpywareBlaster is definitely low maintenance and the only thing you need to remember is – update the database which contains information on known spyware Active-X controls – regularly.

Additional free applications available from Javacool Software:

Doc Scrubber – Microsoft Word files can contain more than just text you see while editing them. Depending on the settings or features you use, they may contain all kinds of additional information that you may not want shared outside your home or company. Doc Scrubber lets you see that information, and scrub it from files before sending them to others.

EULAlyzer – Discover if the software you’re about to install displays pop-up ads, transmits personally identifiable information, uses unique identifiers to track you, or much much more. EULAlyzer can analyze license agreements in seconds, and provide a detailed listing of potentially interesting words and phrases.

Think BEFORE You Click! – How Hard Is That?

HARD, apparently.

I recently repeated a small experiment (for the third year in a row), with a group of “average computer user” friends, (12 this time around), and I was disappointed to see (once again), that the conditioned response issue to “just click” while surfing the web, was still there.

Still, I’m always hopeful that reinforcing the point that clicking haphazardly, without considering the consequences – the installation of malicious code that can cause identity theft and the theft of passwords, bank account numbers, and other personal information – would have had some impact. Apparently not.

But, I haven’t given up. I’m prepared to hammer them repeatedly until such time as I can make some progress. In the meantime, I expect that curiously browsing the web blissfully unaware of the considerable malware dangers, will continue to be the modus operandi for my friends.

They’re not alone in their “clicking haphazardly” bad habits. Many of us have learned to satisfy our curiosity simply by a mouse click here, and a mouse click there. Arguable, we have developed a conditioned response (without involving conscious thought), to – “just click”.

It can be argued, that our “just click” mindset poses the biggest risk to our online safety and security. In fact, security experts argue, that a significant number of malware infections could be avoided if users stopped “just clicking haphazardly”, or opening the types of files that are clearly dangerous. However, this type of dangerous behavior continues despite the warnings.

Most visitors to this site are above average users (I’m assuming that you are too), so, I have a challenge for you.

Take every appropriate opportunity to inform your friends, your relatives, and associates, that “just clicking haphazardly” without considering the consequences, can lead to the installation of malicious code that can cause identity theft and the theft of passwords, bank account numbers, and other personal information.

Help them realize that “just clicking”, can expose them to:

• Trojan horse programs
• Back door and remote administration programs
• Denial of service attacks
• Being an intermediary for another attack
• Mobile code (Java, JavaScript, and ActiveX)
• Cross-site scripting
• Email spoofing
• Email-borne viruses
• Packet sniffing

They’ll be glad that you took an interest in their online safety. And, best of all, by doing this, you will have helped raise the level of security for all of us.

A point to ponder:

Since it’s proven to be difficult to get “buy-in” on this – “think before you click safety strategy” – I generally ask the question – do you buy lottery tickets? Not surprisingly, the answer is often – yes. The obvious next question is – why?

The answers generally run along these lines – I could win; somebody has to win;……. It doesn’t take much effort to point out that the odds of a malware infection caused by poor Internet surfing habits are ENORMOUSLY higher than winning the lottery and, that there’s a virtual certainty that poor habits will lead to a malware infection.

The last question I ask before I walk away shaking my head is – if you believe you have a chance of winning the lottery – despite the odds – why do you have a problem believing that you’re in danger on the Internet because of your behavior, despite the available stats that prove otherwise?

Emsisoft Mamutu – Free (Save $30) Until Sunday, May 1, 11:59 PM PDT

Regular reader, and my good Aussie friend, John W., has just given me a heads up on a pretty cool offering from Emsisoft. Emsisoft is noted for developing some of the better antimalware applications, so you might want to consider giving  Mamutu a try.

This application appears, in many respects, to run along the same lines of ThreatFire – an antimalware application I recommend as a formative part of a layered security approach. See – ThreatFire Version 4.7.0 – Free Protection Against Zero Day Malware, on this site.

From the developer:

Today, we bring you this special offer on Emsisoft Mamutu. From now until Sunday, we are giving away a free copy of Mamutu. Not only does it monitor all active programs for dangerous behavior, but it also blocks malicious activities in real time.

Its Behavior Blocking and Zero-Day-Attacks technology recognizes new and unknown Trojans, backdoors, keyloggers, worms, viruses, spyware, adware, and rootkits without the need of daily signature updates, protecting you long before the signature databases have been updated.

So, where does this funny-sounding name come from? The word Mamutu is composed of two words: “Malware” and “Mutu,” which comes from the Maori language. It means “stop,” so we were told that the developers of Mamutu wanted to describe exactly what the program does: terminate all types of Malware.

In summary, here is a quick rundown of Emsisoft Mamutu’s features:

• It monitors all active programs for dangerous behavior real-time
• Recognizes new and unknown Trojans, worms, and viruses
• Protects your PC without weighing down its resources, so it does not slow you down

This free offer is good until Sunday, May 1, 11:59 p.m. PDT, so grab your free copy while you can and give it a try.

Note: registration required.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

SpywareBlaster – Still Worthwhile After All These Years

SpywareBlaster was one of the first free antimalware applications I installed on Windows 95; it’s been around that long. You might wonder if an application which was released when I was running a system with 6 MB of memory (versus 4 GB today), has value as an effective antimalware application – but it does. Perhaps less so if you’re a high level user, but for casual users, it can be an important addition to a layered security approach.

SpywareBlaster prevents ActiveX-based spyware, adware, dialers, and browser hijackers from installing on a system by disabling the CLSIDs (a method used by software applications to identify a file or other items), of spyware ActiveX controls.

SpywareBlaster, once installed, doesn’t use any services, or drivers, and does not use memory or processing time. You just open SpywareBlaster, set your protection, close it – you’re protected. SpywareBlaster continues to provide protection without the need for user interaction.

A secondary, but equally important function offered by SpywareBlaster is its ability to block spyware/tracking cookies and restrict the actions of spyware/adware/tracking sites in Internet Explorer, Mozilla Firefox, Netscape, Seamonkey, Flock and other browsers.

Since SpywareBlaster doesn’t scan for, or clean spyware, but as stated earlier, prevents installation only, you should use it in combination with your active malware protection applications.

SpywareBlaster is definitely low maintenance and the only thing you need to remember is to update the database, which contains information on known spyware Active-X controls, regularly. Automatic update is also available for an annual fee of $9.95 USD.

A bonus feature included with SpywareBlaster is – System Snapshot. You can take a snapshot of your computer in its clean state, and later revert to this state, undoing any changes made by spyware and browser hijackers that have infected your system despite the security in place. I recommend that you take advantage of this important feature – just in case.

Fast facts:

Prevent the installation of ActiveX-based spyware and other potentially unwanted programs.

Block spying / tracking via cookies.

Restrict the actions of potentially unwanted or dangerous web sites.

Unlike other programs, SpywareBlaster does not have to remain running in the background. It works alongside the programs you have to help secure your system.

System requirements: Windows XP, Vista, Win 7 (32 bit and 64 bit).

Browser compatibility: Internet Explorer, Mozilla Firefox, Netscape, Seamonkey, Flock, K-Meleon, and browsers that use the IE engine.

Download at: Javacool Software

Need answers? Visit the SpywareBlaster Forum

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Emsisoft Free Emergency Malware Removal Kit – USB Ready

This post was originally published July 26, 2010.

I came across the Emsisoft Emergency Kit just in the last few days, which means, I haven’t had a chance to put it through my normal test process.

So, in the interest of keeping regular readers up to date as to what’s new in the free antimalware market, the following information is taken directly from the publisher’s site.

______________________________________________________

The Emsisoft Emergency Kit contains a collection of programs that can be used without a software installation to scan and clean infected computers for malware.

Emsisoft Emergency Kit Scanner:

With the Emsisoft Emergency Kit Scanner you have got the powerful Emsisoft Scanner including graphical user interface. Search the infected PC for Viruses, Trojans, Spyware, Adware, Worms, Dialers, Keyloggers and other malign programs.

Run the Emsisoft Emergency Kit Scanner with a double click on a2emergencykit.exe. Found Malware can be moved to quarantine or finally deleted.

Emsisoft Commandline Scanner:

This scanner contains the same functionality as the Emergency Kit Scanner but without a graphical user interface. The commandline tool is made for professional users and can be used perfectly for batch jobs.

To run the Emsisoft Commandline Scanner, do the following actions:

– Open a command prompt window (Run: cmd.exe)
– Switch to the drive of the USB Stick (e.g.: f:) and then to the folder of the executable files (e.g.: cd run)
– Run the scanner by typing: a2cmd.exe

Next you will see a help page describing all available parameters.

Next is an example to scan drive c:\ with enabled Memory, Traces (Registry) and Cookie scan with active Heuristic module and archive support. Found Malware is moved to quarantine.

a2cmd.exe /f=”c:\” /m /t /c /h /a /q=”c:\quarantine\”

Emsisoft HiJackFree:

HiJackFree helps advanced users to detect and remove Malware manually. With HiJackFree you can manage all active processes, services, drivers, autoruns, open ports, hosts file entries and many more. For your full control over your system.

Emsisoft BlitzBlank:

BlitzBlank is a tool for experienced users and all those who must deal with Malware on a daily basis. Malware infections are not always easy to clean up. These days the software pests use clever techniques to protect themselves from being deleted. In more and more cases it is almost impossible to delete a Malware file while Windows is running. BlitzBlank deletes files, Registry entries and drivers at boot time before Windows and all other programs are loaded.

Self made Emergency USB stick:

Expand the content of the Emsisoft Emergency Kit to an USB stick and make your own universal tool to scan and clean infected PCs.

_______________________________________________________

System requirements: Windows XP, 2003/2008 Server, Vista and 7, full functionality on x64.

Download at: Emsisoft

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Malware Speaks! Please Listen

If malware could speak, what a tale his thoughts could tell.

If you could have a conversation with one, or more, of the scourges that infest the Internet, you might be surprised at what could be learned from such an imaginary conversation. It might go something like this:

I might be malware, but in most cases I’m pretty polite; I won’t infect your computer unless you invite me in. But I can count on lots of you doing just that.

Take my good buddy LOP, for example, he’s been away for awhile, but he recently came back from vacation and he’s now infecting unsuspecting computer users’ machines with renewed vigor. Since LOP is a shift changer, and is often incompletely recognized by many tools – particularly newer forms of the infection, he’s having a hell of a good time.

The people he works for (some might call them cybercrooks – well, actually everyone calls them cybercrooks), are experts at convincing you to install malicious code like LOP.

LOP is a pretty neat piece of malware (his employers are pretty smart fellows), since he’s been designed, amongst other things, to display ads from a range of advertisers through pop-up windows, banner ads and so on.

Oh, and he’ll automatically switch your Internet Explorer home page to his own search engine. One he particularly likes is http://www.mp3search.com. When searches are made with this engine, the results that you see will be advertising pages that LOP chooses to display.

(Sample misdirected search)

Here’s what WOT has to say about mp3search.com. Click on the graphic to expand the image.

Just in case you decide that LOP is no longer welcome on your computer (that happens all the time), he will connect, every so often, to a web page from which new malware files will be downloaded – making it much more difficult to delete all of the active malicious files on your system.

I should tell you that LOP is extremely hard to get rid of, and just in case you try, you’ll have to deal with over 200+ changes to your Registry Keys. And in case that’s not enough bad news, you should know that LOP will invite lots of his malware friends over, so that they can party on your system.

But LOP has even more tricks up his sleeve. He can  monitor your system’s processes, and can even play with your security applications making them ineffective.

Since he’s a sporty fellow, once he’s done that, he’ll launch a Keylogger to capture your key strokes and just for fun, he’ll go on to scan your email contact list so that he can bug your friends. Hmm, maybe they’ll soon to be your ex friends.

LOP is definitely a hard worker (which is why his employers like him so much), so in his spare time he’s going to look around your operating system for vulnerabilities. You see, he knows that most people, haven’t installed the latest operating system updates, nor have they updated their security applications, like their supposed to.

Even if they have taken care of updating their operating system, it’s almost certain that they haven’t updated installed productivity applications, and LOP knows just how vulnerable these applications can be.

So, think carefully before you offer LOP, or any of his malware friends, that invitation. Once invited in, LOP will settle in for a long, long visit.

Thanks for the chat, but I have to get going. There are lots of unaware Internet users’ waiting to invite me into their computers. I know that many Internet users’ are kind of “click crazy”; so why should LOP be the only one to have some fun!

Oh, by the way, unless you paid attention to what I said, I’ll probably drop by your machine soon. You have a good day now.

This is an edited and revised copy of an article originally posted here July 14, 2009.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Malware Avoidance Lesson Number One – Think BEFORE You Click!

I recently repeated a small experiment with a group of “average computer user” friends, (about 16, or so), and I was disappointed to see that the conditioned response issue to “just click” while surfing the web, was still there. This, despite my long battle to get them to modify their online behavior.

I assumed that endlessly reinforcing “clicking haphazardly, without considering the consequences, can lead to the installation of malicious code that can cause identity theft and the theft of passwords, bank account numbers, and other personal information”, would have had some impact. Apparently not.

But, I haven’t given up. It appears it will take even more repetition before progress can be made. In the meantime, I expect that curiously browsing the web blissfully unaware of the considerable malware dangers, will continue to be the modus operandi for my friends.

My friends are not alone in their “clicking haphazardly” bad habit. Many of us have learned to satisfy our curiosity simply by a mouse click here, and a mouse click there. Arguable, we have developed a conditioned response (without involving conscious thought), to – “just click”.

It’s now well established, that our conditioned human responses pose the biggest risk to our online safety and security. Our curiosity, coupled with our conditioned responses can often override our common sense, so it’s not unusual for people to open an email attachment, for example, despite knowing that the attachment could be a virus, or another form of malware.

Security experts argue that a significant number of malware infections could be avoided if users stopped “just clicking haphazardly” or opening the types of files that are clearly dangerous. To this point however, this type of dangerous behavior continues despite the warnings.

Most visitors to this site are above average users (I’m assuming that you are too), so, I have a challenge for you.

Take every appropriate opportunity to inform your friends, your relatives, and associates, that “just clicking haphazardly” without considering the consequences, can lead to the installation of malicious code that can cause identity theft and the theft of passwords, bank account numbers, and other personal information.

Help them realize that “just clicking”, can expose them to:

• Trojan horse programs
• Back door and remote administration programs
• Denial of service attacks
• Being an intermediary for another attack
• Mobile code (Java, JavaScript, and ActiveX)
• Cross-site scripting
• Email spoofing
• Email-borne viruses
• Packet sniffing

You can do them an additional favor, by pointing them to  Comodo’s YouTube channel, Really Simple Security, where they can learn the basics of Internet security in a  constructive, yet lighthearted way.

They’ll be glad that you took an interest in their online safety. And, best of all, by doing this, you will have helped raise the level of security for all of us.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Free Emsisoft Emergency Kit – 4 Malware Removal Tools In A Box

I came across the Emsisoft Emergency Kit just in the last few days, which means, I haven’t had a chance to put it through my normal test process.

Unfortunately, it’s not very likely that I’ll have the time to do so, for several more weeks.

So, in the interest of keeping regular readers up to date as to what’s new in the free antimalware market, the following information is taken directly from the publisher’s site.

______________________________________________________

The Emsisoft Emergency Kit contains a collection of programs that can be used without a software installation to scan and clean infected computers for malware.

Emsisoft Emergency Kit Scanner:

With the Emsisoft Emergency Kit Scanner you have got the powerful Emsisoft Scanner including graphical user interface. Search the infected PC for Viruses, Trojans, Spyware, Adware, Worms, Dialers, Keyloggers and other malign programs.

Run the Emsisoft Emergency Kit Scanner with a double click on a2emergencykit.exe. Found Malware can be moved to quarantine or finally deleted.

Emsisoft Commandline Scanner:

This scanner contains the same functionality as the Emergency Kit Scanner but without a graphical user interface. The commandline tool is made for professional users and can be used perfectly for batch jobs.

To run the Emsisoft Commandline Scanner, do the following actions:

– Open a command prompt window (Run: cmd.exe)
– Switch to the drive of the USB Stick (e.g.: f:) and then to the folder of the executable files (e.g.: cd run)
– Run the scanner by typing: a2cmd.exe

Next you will see a help page describing all available parameters.

Next is an example to scan drive c:\ with enabled Memory, Traces (Registry) and Cookie scan with active Heuristic module and archive support. Found Malware is moved to quarantine.

a2cmd.exe /f=”c:\” /m /t /c /h /a /q=”c:\quarantine\”

Emsisoft HiJackFree:

HiJackFree helps advanced users to detect and remove Malware manually. With HiJackFree you can manage all active processes, services, drivers, autoruns, open ports, hosts file entries and many more. For your full control over your system.

Emsisoft BlitzBlank:

BlitzBlank is a tool for experienced users and all those who must deal with Malware on a daily basis. Malware infections are not always easy to clean up. These days the software pests use clever techniques to protect themselves from being deleted. In more and more cases it is almost impossible to delete a Malware file while Windows is running. BlitzBlank deletes files, Registry entries and drivers at boot time before Windows and all other programs are loaded.

Self made Emergency USB stick:

Expand the content of the Emsisoft Emergency Kit to an USB stick and make your own universal tool to scan and clean infected PCs.

_______________________________________________________

System requirements: Windows XP, 2003/2008 Server, Vista and 7, full functionality on x64.

Download at: Emsisoft

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Computer Settings Hijacked? Hijack Them Back With Free HijackThis

HijackThis is a free utility from Trend Micro, which heuristically scans your computer to find settings that may have been changed by homepage hijackers, spyware, other malware, or even unwanted programs.

This application has a well deserved reputation for being aggressive in tracking down unauthorized changes that have been made to your system/applications.

The program doesn’t target specific programs, but instead it analyses registry and file settings, and then targets the methods used by cyber-crooks. After you scan your computer, HijackThis creates a report, and a log file (if you choose to do so), with the results of the scan.

Because of the heuristic methods used by HijackThis, the results of the scan can be confusing/intimidating, to those who are not advanced users.

On the other hand, the strength of this program lies in the large community of users who participate in online forums, where experts (voluntarily and for free), will interpret HijackThis scan results for you, and then provide you with the information you need to clean any infection.

This screen capture shows a partial scan result on my test machine.

The latest version (2.0.4), adds potent tools to the Configuration window, including a process manager and hosts file editor, to help you remove dangerous infections, and an ADS Spy tool which scans alternate data streams which  browser hijackers can, and will use, to evade antispyware applications.

The following screen capture shows a Configuration – Hosts File Manager request being implemented but, you’ll also notice one of my antimalware tools, ThreatFire, has prohibited hosts files from being opened as a safety precaution against a malware penetration.

This is one reason I so strongly recommend ThreatFire as supplementary malware protection. In this case, I allowed the process to continue.

Despite the fact that you may only need this small application infrequently, it deserves a place in your anti-malware toolbox.

System requirements: Windows 7, Vista, XP, 2000, Me, 98.

Note: The continued use of Windows 2000, Me, or 98, is not recommended.

Software requirements: Internet Explorer, Firefox.

Download at: Trend Micro

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.