Malware Hunting? Checkout These 20 + Free Tools Designed To Destroy Tough Malware

Choosing and using the right tool, which has been designed specifically for the job at hand, is obviously a levelheaded approach. Still, I’ll wager that you can conjure up more than one occasion when you’ve encountered the “one tool for all purposes” mindset – the so-called “Birmingham Screwdriver” effect – “If it doesn’t work – hit it. If it still doesn’t work, use a bigger hammer.”

The Birmingham Screwdriver approach, taken by many AV solutions, may not always be the most appropriate approach to eradicating a tough malware problem – a specially designed application which targets specific classes of malware may be a better solution.

The following tools have been specifically designed to help skilled users better identify malware infections and then, eradicate (hopefully), those specific infections. These tools require advanced computer knowledge – unless you feel confident in your diagnostic skills, you should avoid them.

Just to be clear – not all of these tools are “one-click simple” to decipher, and users need to be particularly mindful of false positives.

Should you choose to add these applications to your antimalware toolbox, be aware that you will need the latest updated version for maximum impact.

Note: Many of the following tools have been tested and reviewed here previously.

Emsisoft HiJackFree

The program operates as a detailed system analysis tool that can help you in the detection and removal of Hijackers, Spyware, Adware, Trojans, Worms, and other malware. It doesn’t offer live protection but instead, it examines your system, determines if it’s been infected, and then allows you to wipe out the malware.

Runscanner

If you’re a malware hunter, and you’re in the market for a free system utility which will scan your system for running programs, autostart locations, drivers, services and hijack points, then Runscanner should make your shortlist. The developers of Runscanner describe this freeware utility as having been designed to “detect changes and misconfigurations in your system caused by spyware, viruses, or human error.”

HijackThis

HijackThis is a free utility which heuristically scans your computer to find settings that may have been changed by homepage hijackers, spyware, other malware, or even unwanted programs. In addition to this scan and remove capability HijackThis comes with several tools useful in manually removing malware from a computer. The program doesn’t target specific programs, but instead it analyses registry and file settings, and then targets the methods used by cyber-crooks. After you scan your computer, HijackThis creates a report, and a log file (if you choose to do so), with the results of the scan.

RKill

RKill is a program developed at BleepingComputer.com – “It was created so that we could have an easy to use tool that kills known processes that stop the use of our normal anti-malware applications. Simple as that. Nothing fancy. Just kill known malware processes so that anti-malware programs can do their job.”

Emsisoft BlitzBlank

BlitzBlank is a tool for experienced users and all those who must deal with Malware on a daily basis. Malware infections are not always easy to clean up. In more and more cases it is almost impossible to delete a Malware file while Windows is running. BlitzBlank deletes files, Registry entries and drivers at boot time before Windows and all other programs are loaded.

McAfee Labs Stinger

Stinger is a stand-alone utility used to detect and remove specific viruses. It is not a substitute for full anti-virus protection, but rather a tool to assist administrators and users when dealing with an infected system. Stinger utilizes next generation scan engine technology, including process scanning, digitally signed DAT files, and scan performance optimizations.

Specialty Removal Tools From BitDefender

28 special removal tools from Bitdefender.  On the page – click on “Removal Tools”.

Microsoft Malicious Software Removal Tool

This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

NoVirusThanks

NoVirusThanks Malware Remover is an application designed to detect and remove specific malware, Trojans, worms and other malicious threats that can damage your computer. It can also detect and remove rogue security software, spyware and adware. This program is not an Antivirus and does not protect you in real time, but it can help you to detect and remove Trojans, spywares and rogue security software installed in your computer.

Norton Power Eraser

Symantec describes Norton Power Eraser in part, as a tool that “takes on difficult to detect crimeware known as scareware or rogueware. The Norton Power Eraser is specially designed to aggressively target and eliminate this type of crimeware and restore your PC back to health.”

FreeFixer

FreeFixer is a general purpose removal tool which will help you to delete potentially unwanted software, such as adware, spyware, Trojans, viruses and worms. FreeFixer works by scanning a large number of locations where unwanted software has a known record of appearing or leaving traces. FreeFixer does not know what is good or bad so the scan result will contain both files and settings that you want to keep and perhaps some that you want to remove.

Rootkit Tools:

If you think you might have hidden malware on your system, I recommend that you run multiple rootkit detectors. Much like anti-spyware programs, no one program catches everything.

IceSword

IceSword is a very powerful software application that will scan your computer for rootkits. It also displays hidden processes and resources on your system that you would be unlikely to find in any other Windows Explorer like program. Because of the amount of information presented in the application, please note that IceSword was designed for more advanced users.

GMER

This freeware tool is essentially a combination of Sysinternals’ Rootkit Revealer and Process Explorer. The program can list running processes, modules and Windows services, in addition to scanning for the presence of rootkits.

Special mention 1:

MalwareBytes – In addition to its superb free AV application, MalwareBytes offers a basket full of specialty tools. The following application descriptions have been taken from the site.

Chameleon

Malwarebytes Chameleon technology gets Malwarebytes running when blocked by malicious programs.

Malwarebytes Anti-Rootkit BETA

Malwarebytes Anti-Rootkit removes the latest rootkits.

FileASSASSIN

FileASSASSIN can eradicate any type of locked files from your computer.

RegASSASSIN

RegASSASSIN removes malware-placed registry keys in two simple steps – just reset permissions and delete! This powerful and portable application makes hard-to-remove registry keys a thing of the past.

Special mention 2:

A Rescue Disk (Live CD), which I like to think of as the “SWAT Team” of antimalware solutions – is an important addition to your malware toolbox. More often than not, a Live CD can help you kill malware DEAD!

Avira AntiVir Rescue System – The Avira AntiVir Rescue System a Linux-based application that allows accessing computers that cannot be booted anymore. Thus it is possible to repair a damaged system, to rescue data or to scan the system for virus infections.

Kaspersky Rescue Disk – Boot from the Kaspersky Rescue Disk to scan and remove threats from an infected computer without the risk of infecting other files or computers.

14 Free Tools To Help You Hunt Down And Destroy Tough Malware

Choosing and using the right tool, which has been designed specifically for the job at hand, is obviously a levelheaded approach. Still, I’ll wager that you can conjure up more than one occasion when you’ve encountered the “one tool for all purposes” mindset – the so-called “Birmingham Screwdriver” effect (sorry Michael   ) – “If it doesn’t work – hit it. If it still doesn’t work, use a bigger hammer.”

The Birmingham Screwdriver approach, taken by many AV solutions, may not always be the most appropriate approach to eradicating a tough malware problem – a specially designed application which targets specific classes of malware may be a better solution.

The following tools have been specifically designed to help skilled users better identify malware infections and then, eradicate those specific infections. These tools require advanced computer knowledge – unless you feel confident in your diagnostic skills, you should avoid them.

Should you choose to add these applications to your antimalware toolbox, be aware that you will need the latest updated version for maximum efficiency.

Emsisoft HiJackFree

The program operates as a detailed system analysis tool that can help you in the detection and removal of Hijackers, Spyware, Adware, Trojans, Worms, and other malware. It doesn’t offer live protection but instead, it examines your system, determines if it’s been infected, and then allows you to wipe out the malware.

Runscanner

If you’re a malware hunter, and you’re in the market for a free system utility which will scan your system for running programs, autostart locations, drivers, services and hijack points, then Runscanner should make your shortlist. The developers of Runscanner describe this freeware utility as having been designed to “detect changes and misconfigurations in your system caused by spyware, viruses, or human error.”

HijackThis

HijackThis is a free utility which heuristically scans your computer to find settings that may have been changed by homepage hijackers, spyware, other malware, or even unwanted programs. In addition to this scan and remove capability HijackThis comes with several tools useful in manually removing malware from a computer.

The program doesn’t target specific programs, but instead it analyses registry and file settings, and then targets the methods used by cyber-crooks. After you scan your computer, HijackThis creates a report, and a log file (if you choose to do so), with the results of the scan.

RKill

RKill is a program developed at BleepingComputer.com – “It was created so that we could have an easy to use tool that kills known processes that stop the use of our normal anti-malware applications. Simple as that. Nothing fancy. Just kill known malware processes so that anti-malware programs can do their job.”

Emsisoft BlitzBlank

BlitzBlank is a tool for experienced users and all those who must deal with Malware on a daily basis. Malware infections are not always easy to clean up. In more and more cases it is almost impossible to delete a Malware file while Windows is running. BlitzBlank deletes files, Registry entries and drivers at boot time before Windows and all other programs are loaded.

McAfee Labs Stinger

Stinger is a stand-alone utility used to detect and remove specific viruses. It is not a substitute for full anti-virus protection, but rather a tool to assist administrators and users when dealing with an infected system. Stinger utilizes next generation scan engine technology, including process scanning, digitally signed DAT files, and scan performance optimizations.

Specialty Removal Tools From BitDefender

Eight special removal tools including Conficker Removal Tool

Microsoft Malicious Software Removal Tool

This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

NoVirusThanks

NoVirusThanks Malware Remover is an application designed to detect and remove specific malware, Trojans, worms and other malicious threats that can damage your computer. It can also detect and remove rogue security software, spyware and adware. This program is not an Antivirus and does not protect you in real time, but it can help you to detect and remove Trojans, spywares and rogue security software installed in your computer.

Norton Power Eraser

Symantec describes Norton Power Eraser in part, as a tool that “takes on difficult to detect crimeware known as scareware or rogueware. The Norton Power Eraser is specially designed to aggressively target and eliminate this type of crimeware and restore your PC back to health.”

Rootkit Tools:

If you think you might have hidden malware on your system, I recommend that you run multiple rootkit detectors. Much like anti-spyware programs, no one program catches everything.

Microsoft Rootkit Revealer

Microsoft Rootkit Revealer is an advanced root kit detection utility. Its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit. According to Microsoft, Rootkit Revealer successfully detects all persistent rootkits published at http://www.rootkit.com, including AFX, Vanquish and Hacker Defender.

IceSword

IceSword is a very powerful software application that will scan your computer for rootkits. It also displays hidden processes and resources on your system that you would be unlikely to find in any other Windows Explorer like program. Because of the amount of information presented in the application, please note that IceSword was designed for more advanced users.

GMER

This freeware tool is essentially a combination of Sysinternals’ Rootkit Revealer and Process Explorer. The program can list running processes, modules and Windows services, in addition to scanning for the presence of rootkits.

Tizer Rootkit Razor

Tizer Rootkit Razor, will allow you to identify and remove Rootkits from your computer. I should be clear however, this tool is not “one-click simple” to decipher, and users need to be particularly mindful of false positives.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

AVAST Still The Leader In The AV Market Says OPSWAT’s Latest Quarterly Market Share Report

In the lucrative antimalware market, AVAST Software is still running ahead of the pack with a 16.61% share worldwide. Microsoft is no slouch in the run for worldwide market share but still has some catching up to do to catch AVG, and Avira, who control second and third place respectively.

According to OPSWAT’s latest quarterly market share report, released yesterday, overall worldwide market penetration by the top 15 antimalware vendors, has remained virtually static – based on data from OPSWAT’s  June 2011 report. Except that is, for Lavasoft (the Ad-Aware people), who broke past the top 15 vendor barrier.

Graphic courtesy OPSWAT

On the North American front, Microsoft retains its leading position with a 16.33% share of the market (Microsoft’s free Security Essentials, remains at the top of the North American market) – followed closely by Symantec at 15.28%, and AVG at 14.32%. AVAST continued to push ahead in the ranks, jumping up slightly, to capture 13.28% of the North American market – just behind AVG.

Graphic courtesy OPSWAT

Report Wrap-up:

In North America, fifty-two different antivirus vendors, and 141 antivirus products, were detected in this report. The top five vendors in North America combined to control 66.22% of the market, about 2% more than in OPSWAT’s June report.

The top five vendors in the worldwide market increased their share as well, but only slightly, to 59.87%.  Sixty-four vendors and 226 products were detected worldwide.

As in our previous reports, free solutions remain at the top of the market with the highest numbers of installations. The top three products in North America and the top four products worldwide are available free for download.

Looking at the top ten products in North America, only Symantec and AVG have more than one product ranking, which helps them to become the 2nd and 3rd leading vendors in North America. Microsoft is able to dominate the market as a vendor due to the large number of installations of just one product, Microsoft Security Essentials.

In the worldwide market, only AVG has more than one product ranking in the top ten. AVAST and Avira have individual products that top the chart with more than 10% share, resulting in their positions at the top of the worldwide antivirus market along with AVG.

The full report which is chock fill of absorbing statistics is available here.

So, who is OPSWAT?

If you’re a techie then you’re very likely familiar with AppRemover, a free powerful anti-malware, antivirus application remover from OPSWAT. Regular readers here will also be familiar with the latest freebie from OPSWAT – Metascan Online – a new service which is similar in many respects to VirusTotal.

From the site:

OPSWAT is the industry leader in software management SDKs, interoperability certification and multiple-engine scanning solutions. Our solutions are simplified and comprehensive, solving complex development problems to reduce time and costs for your engineering and testing teams.

OPSWAT offers software manageability solutions to streamline technology partnerships between leading technology solutions and software vendors. By enabling seamless compatibility and easy management capabilities, we make connecting your solutions with other software applications effortless.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

14 Free Tools To Use To Identify And Remove Tough Malware

The following tools have been specifically designed to help users better identify malware infections, and then eradicate those specific infections. These tools require advanced computer knowledge, and unless you feel confident in your diagnostic skills, you should avoid them.

Here’s a reasonable test to determine if you have the skills necessary to use these application effectively. If you’re not capable of using, and interpreting, an application such as HiJackThis for example, it is unlikely that using these applications will prove to be beneficial. On the other hand, if you can interpret the results of a  HiJackThis scan, you’re probably “good to go”.

Should you choose to add these applications to your antimalware toolbox, be aware that you will need the latest updated version for maximum efficiency.

Emsisoft HiJackFree

The program operates as a detailed system analysis tool that can help you in the detection and removal of Hijackers, Spyware, Adware, Trojans, Worms, and other malware. It doesn’t offer live protection but instead, it examines your system, determines if it’s been infected, and then allows you to wipe out the malware.

Runscanner

If you’re a malware hunter, and you’re in the market for a free system utility which will scan your system for running programs, autostart locations, drivers, services and hijack points, then Runscanner should make your shortlist. The developers of Runscanner describe this freeware utility as having been designed to “detect changes and misconfigurations in your system caused by spyware, viruses, or human error.”

HijackThis

HijackThis is a free utility which heuristically scans your computer to find settings that may have been changed by homepage hijackers, spyware, other malware, or even unwanted programs. In addition to this scan and remove capability HijackThis comes with several tools useful in manually removing malware from a computer.

The program doesn’t target specific programs, but instead it analyses registry and file settings, and then targets the methods used by cyber-crooks. After you scan your computer, HijackThis creates a report, and a log file (if you choose to do so), with the results of the scan.

RKill

RKill is a program developed at BleepingComputer.com – “It was created so that we could have an easy to use tool that kills known processes that stop the use of our normal anti-malware applications. Simple as that. Nothing fancy. Just kill known malware processes so that anti-malware programs can do their job.”

Emsisoft BlitzBlank

BlitzBlank is a tool for experienced users and all those who must deal with Malware on a daily basis. Malware infections are not always easy to clean up. In more and more cases it is almost impossible to delete a Malware file while Windows is running. BlitzBlank deletes files, Registry entries and drivers at boot time before Windows and all other programs are loaded.

McAfee Labs Stinger

Stinger is a stand-alone utility used to detect and remove specific viruses. It is not a substitute for full anti-virus protection, but rather a tool to assist administrators and users when dealing with an infected system. Stinger utilizes next generation scan engine technology, including process scanning, digitally signed DAT files, and scan performance optimizations.

Specialty Removal Tools From BitDefender

Eight special removal tools including Conficker Removal Tool

Microsoft Malicious Software Removal Tool

This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

NoVirusThanks

NoVirusThanks Malware Remover is an application designed to detect and remove specific malware, Trojans, worms and other malicious threats that can damage your computer. It can also detect and remove rogue security software, spyware and adware. This program is not an Antivirus and does not protect you in real time, but it can help you to detect and remove Trojans, spywares and rogue security software installed in your computer.

Norton Power Eraser

Symantec describes Norton Power Eraser in part, as a tool that “takes on difficult to detect crimeware known as scareware or rogueware. The Norton Power Eraser is specially designed to aggressively target and eliminate this type of crimeware and restore your PC back to health.”

Rootkit Tools:

If you think you might have hidden malware on your system, I recommend that you run multiple rootkit detectors. Much like anti-spyware programs, no one program catches everything.

Microsoft Rootkit Revealer

Microsoft Rootkit Revealer is an advanced root kit detection utility. Its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit. According to Microsoft, Rootkit Revealer successfully detects all persistent rootkits published at http://www.rootkit.com, including AFX, Vanquish and Hacker Defender.

IceSword

IceSword is a very powerful software application that will scan your computer for rootkits. It also displays hidden processes and resources on your system that you would be unlikely to find in any other Windows Explorer like program. Because of the amount of information presented in the application, please note that IceSword was designed for more advanced users.

GMER

This freeware tool is essentially a combination of Sysinternals’ Rootkit Revealer and Process Explorer. The program can list running processes, modules and Windows services, in addition to scanning for the presence of rootkits.

Tizer Rootkit Razor

Tizer Rootkit Razor, will allow you to identify and remove Rootkits from your computer. I should be clear however, this tool is not “one-click simple” to decipher, and users need to be particularly mindful of false positives.

This article was originally posted November 2, 2010.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Running More Than One AV Is A Lurking Conflict

We get a lot of questions here on Tech Thoughts, and the following question (in one form or another), is a regular – “If I have one antimalware can I install and use another one as well?”

If the question is, can you install and run two antimalware applications concurrently (both of which perform the same task), the answer is – not without the potential for conflict.

As a rule of thumb, it’s not a good practice to run two antimalware applications (both of which perform the same task), concurrently. At the very least, system resources take an inappropriate, and wasteful hit. Beyond that, serious issues, including system crashes are possible.

It’s always a good idea of course to scan your machine with a second antimalware application, say once a week or so, since depending on a single security applications to provide broad scale protection, is an absolute “non-starter”. A single security applications does not, and never has had the ability to do this, despite the commonly help belief to the contrary.

Part of the layered security  process (stacking security solutions, one on top of the other, to cover the gaps that exist in the protection capabilities of even the most sophisticated security applications), consists of supplementing the primary AV application with an on-demand malware application. So yes, go ahead and install another AV solution; but use it as a secondary on demand scanner.

Just to be clear – don’t run both programs both programs concurrently. That is, don’t allow both programs to start on Windows startup. Instead, launch the “on demand” scanner from the program menu, or the desktop, when needed.

Two free highly recommended antimalware applications that excel as “on demand” antimalware applications, follow. It’s important to note, that the real time protection module is disabled in the free versions of these applications. But, this is actually perfect for your purpose.

SUPERAntiSpyware Free:

I’ve been using SUPERAntiSpyware as a secondary scanner for years, and I have no hesitation in stating that this application deserves its reputation as a first class security application.

SUPERAntiSpyware is fast, efficient, and effective, and I highly recommend that you add it to your security toolbox, as a secondary line of defense.

Malwarebytes’ Anti-Malware:

Malwarebytes’ Anti-Malware has an excellent reputation (shared by me), as a first class security application, for its ability to identify and remove adware, Trojans, key-loggers, home page hijackers, and other malware threats.

A simple, intuitive, and easy to use interface, makes Malwarebytes’ Anti-Malware straightforward to setup, customize and run, for both less experienced and expert users alike.

Note: Virtually all free security applications are programmed to autostart after installation, so be aware of this, and make the necessary adjustments using MSConfig. New users may find it easier to use Advanced System Care to control autostart behavior with the Startup Manager, which can be found under Admin Tools.

Note: Each day, as I manually update the definition database for these applications, I’ve noticed that typically, the definition databases have been updated 3/5 times in the previous 24 hours.

Since study after study indicate that new malware is created at the rate of 20,000, or more, new versions every day, be sure to manually update the definition databases before running a scan with either of these applications.

We’re not quite finished yet.

If the question you’re really asking is – can you run an online antimalware scanner while your principal onboard AV application is running? The answer is – yes.

Here are some Online scanners that have developed a good reputation for accuracy; be sure to read the Terms of Use or Privacy Statements carefully, and be aware, that not all Online scanners will disinfect.

Panda NanoScan

McAfee FreeScan

Symantec Security Check

Trend Micro’s HouseCall

ESET Online Scanner

Kaspersky Online Scanner

Now that I’ve given you the “rule of thumb” – let me break it!

There is one class of antimalware application that can run currently with your principal AV, and that is – a cloud based security application. Specifically, those that are designed to be “companion” security applications.

A terrific free application in this class of security applications, and the one I use personally is – Immunet Protect.

Immunet provides cloud-based protection that is always up-to-date against viruses, spyware, bots, worms, Trojans, and keyloggers without slowing down your PC. No need to download any virus signature files.

Immunet Protect is compatible with existing antivirus products and adds an extra, lightweight layer of protection, for free

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Immunet 3.0 Released – Exciting Improvements

The latest version of Immunet Protect has just been released (February 9, 2010), and in the development process, this outstanding free companion Antivirus has undergone a name change to – Immunet 3.0 – Powered by ClamAV.

Regular readers here, will remember that in previous reviews of this freebie, I have been very enthusiastic in my recommendations. Now, I have one more reason to be even more enthusiastic.

From the developer’s site:

Toll-Free Customer Support is available for all Immunet Protect FREE users 24 hours a day, 7 days a week through our Immunet Technical Support line at 1-866-891-4480. Immunet Support representatives can help with installation issues, potential virus issues, or even computer performance issues that may or may not be virus-related.

How cool is that?

Immunet Protect 3, is a superior community driven cloud based security application, (now closing in on a million users), which continues to gain increasing popularity – and rightfully so.

In real time, Immunet Protect keeps track of the state of security in the collective community (network), and should a member of the network (the community), encounter malware, you (as a member of the protected community), are instantly protected against the threat.

A rather more impressive security solution than having to wait for a malware definition database update. An update that may take several days. Days in which you are effectively open to infection.

A community driven security application like Immunet Protect, does not suffer from this obvious disadvantage of having to chase runway malware. It’s significant advantage is it’s user base community – operating in real time.

Immunet Protect is designed to add a layer of protection while working in partnership with the most popular antimalware solutions. On my principal home machine for example, Immunet Protect lines up with Microsoft Security Essentials and ThreatFire, to shore up any vulnerabilities my system might have to to zero-day threats.

Version 3 has increased functionality over previous versions, and incorporates a number of new features.

From the developer’s site:

Offline engine – The 3.0 release will now ship with an ‘Offline’ engine. This engine (ClamAV .97) once enabled, will automatically pull down our latest detection sets and allow for complete detection coverage, even when you are not connected to the Internet.

With our Offline protection we now also have several complex engines for detection native to the desktop and have support for file formats such as .DOC, .XLS, HTML etc. as well as strong unpacking support.

Cloud Recall – Unlike traditional Anti-Virus, or even other Cloud Anti-Virus we constantly reconsider all the data we see or have seen in our community. This ‘Cloud Recall’ ensures that your security is advanced with every new piece of information we become aware of. You will always know as much as we do, when we do.

Custom Signature Creation – With 3.0 we now offer the first Windows Anti-Virus product which allows our users to write their own detections with our engines just as we would.

Users can now hunt threats (or Advanced Persistent Threats if you like) by creating signatures which range from simplistic (straight MD5 matches) to complex (logically chained expressive signatures w/ offset support and wild carding).

You’ll find Immunet Protect straightforward to install, and easy to run without complication. The screen captures I’ve setout below, will help you get a good overall feel for the application.

Setting the operating parameters (the protection settings), is straightforward. In the following screen capture you’ll notice tooltip pop outs which explain the function of each setting. A very cool feature for less experienced users.

I have a preference for antimalware solutions that include the ability to launch a specific file scan from the Windows Explorer context menu, and Immunet Protect has included this important feature.

Should you consider installing, and running, a Cloud Antivirus as supplementary antimalware protection?

If you are uncertain, then consider this:

The Internet is an uncertain world at the best of times

Cybercriminals design specific malware to exploit vulnerable systems without user interaction being required.

No single security application is capable (nor should we expect a single application to be capable), of providing adequate computer system protection. Gaps exist, in protection capabilities, in even the most sophisticated security applications.

Layering (or stacking) security applications, offers the best chance of remaining infection free, by closing these gaps.

A cloud based protective solution, in this case Immunet Protect, is a major step in shoring up any weaknesses, or gaps, and significantly increase your overall ability to detect malware.

Keep in mind however, that even the best layered protection strategy will not make up for lack of experience, and intuitiveness, when surfing the Internet. So, I’ll repeat what I have said here, many times – “knowledge, awareness, and experience are critical ingredients in the escalating battle, against cybercriminals.”

Immunet Protect fast facts:

Fast Antivirus Protection leverages the speed of cloud computing to deliver real-time protection to your PC. Stay protected against over 13 million viruses and thousands of new threats daily without ever downloading another virus detection file again.

Immunet Protect FREE is ideal for consumers who want fast protection that doesn’t slow down their PC, including students, families, and netbook users.

Small and Light Footprint is up to 35 times lighter than traditional antivirus solutions. Immunet’s low disk and memory use won’t weigh down your PC unlike other solutions.

Companion Antivirus means that Immunet is compatible with existing antivirus solutions. Immunet adds an extra, lightweight layer of protection for greater peace of mind. Since traditional antivirus solutions detect on average only 50% of online threats, most users are underprotected, which is why every PC can benefit from Immunet’s essential layer of security.

Collective Immunity technology leverages the shared intelligence on threats gathered within the Immunet Cloud. Immunet’s virus detection technology continuously improves with each new user who installs Immunet Protect. When Immunet detects a threat on one user’s PC, that threat is blocked from harming all users in the Immunet Community simultaneously, giving all Immunet users shared immunity against computer viruses.

Real-time Detection from the Immunet Cloud against viruses, spyware, bots, worms, trojans, and keyloggers without downloading any virus signature files. Stay protected with Collective Immunity™ and intelligent virus detection technology that doesn’t slow down your PC.

Intelligent Scans effectively detect and remove viruses, bots, worms, trojans, keyloggers and spyware, thanks to the power of collective intelligence and the Immunet Cloud.

Choose from several scan options:

• Flash Scan (Process and Registry)
• Custom Scan (Specific Files and Directories)
• Full System Scan

System requirements: Windows XP with Service Pack 2 or later, Vista (32-bit and 64 bit), Windows 7 (32-bit and 64-bit).

Download at: Developer’s site

I have no hesitation in recommending this application. I can’t think of another security application that has enjoyed a such a major increase in users in the last six months, like Immunet Protect has. That’s no accident.

Note: Along with Avast Free Antivirus, Immunet Protect is now offered as part of Google Pack.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Risk Rate Running Processes With Free Glary Security Process Explorer

Security Process Explorer, from the developer’s of the powerful, free system tool Glary Utilities, operates as an security tool, and provides advanced risk information on processes, running on your computer.

The program displays specific task manager information, (this application is not a replacement for Windows task manager), including file name, directory path, description, CPU usage, and so on. What sets the application apart, is the unique security risk rating that is applied to running processes.

The major caveat here however is, the user must make the decision whether a particular process, or program, should be terminated, or removed. Thankfully, you can get help in making that decision by clicking on the More Info Tab. Doing so, opens GlarySoft’s web based database where additional information about the specific program/process can be obtained, along with a risk factor for that inquiry, as the following graphic illustrates.

Note: As an added bonus you can even Google the process from within the application.

Using Security Process Explorer you can easily find and remove unnecessary background processes. As well, you can assign more resources to demanding processes like games, real-time multimedia applications and CD writing software, where necessary.

Quick facts:

Provides detailed information about all running processes

Specifies whether a process is safe or not

Single click process termination

Block unneeded processes or malware

Simple user interface

If you are an experienced/advanced computer user, and you’re looking for a program to strengthen your anti-malware resources, then Security Process Explorer is one that’s worth taking a look at.

System requirements: Windows 7, 2000, XP and Vista (32bit and 64bit).

Download at: GlarySoft

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Free License Ad-Aware Pro – Today Only!

Yesterday, I pointed out the difference between companies who are stuck in a Twentieth Century marketing mode, versus those companies who “get it”, and who understand marketing in the Twenty First Century.

I’m referring to mature software developers who focus on the big picture, and create opportunities for significant numbers of users to benefit from giveaways. Not 5 or 10 free licenses, as companies who are stuck in the past continue to do.

The developers of the highly regarded anti-malware application Ad-Aware, for example, have joined forces with CNET and are giving away (for one day only), a one year license for one of their flagship products, Ad-Aware Pro.

The only restriction on this giveaway is – you must signup for any one of CNET’s newsletters since the free offer is restricted to CNET members. This really isn’t overly onerous, since CNET’s newsletter are some of the most interesting and informative available. In point of fact, I subscribe to 10+ CNET newsletters.

The following screen captures will give you an idea of the process involved in getting your free license for this noteworthy anti-malware application. The process is similar to buying a product from a merchant site. But, no money changes hands.

Click on any graphic to expand to its original size.

Downloading from both CNET and Ad-Aware directly, was extremely slooow. My normal download speed is 1.7 MB/sec, so the download speed shown in the following screen capture are absolutely unacceptable.

Yes, it may be true that the servers are inordinately busy due to the free offer, but with a little planning, this could have been avoided. I’m not whining here, but good business practices dictate that contingency plans should be in place to deal with the unexpected. Hell, that’s Business 101.

Ad-Aware Gives You the Power To…

• Shop, bank, and make travel arrangements online
  Ad-Aware actively shields you from the latest cyber threats, including virus, spyware, password stealers, keyloggers, trojans, dialers, and other potential identity thieves.
• Stay safe on social networking sites
  Ad-Aware keeps your passwords and personal information safe to make sure you can socialize freely, without having to worry about dangerous intrusions and prying eyes.
• Download photos, music, and other files with confidence
  Download Guard and Ad-Aware’s behavior-based detection finds suspicious files and threats before they integrate into your PC and attack your personal information.
• Control your privacy
  Erase tracks left behind while surfing the Web, on browsers such as Internet Explorer, Opera, and Firefox, in one easy click.
• Safeguard your secure documents
  Ad-Aware actively shields you and your business from deceptive applications and cyber attacks.
• Enhance computer performance
  Conserve resources and reduce downtime by using automated scans to identify and remove malicious applications that eat up memory.
• Get Peace of Mind
  Ad-Aware cleans and restores your system after an attack to keep your PC running as new.

To take advantage of this limited time offer go to: the offer page.

Note: This offer is good until December 28, 2010, at 6 a.m. PT.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Specialty Malware Removal Tools For Killing Tough Malware

Looking at recent estimates provided by a large number of Internet security providers, the consensus seems to be that there are over 20,000,000 malware programs currently circulating on the Internet. So, if you should become infected by malware, it might not be any consolation – but, rest assured; it can happen to any one of us. We are, after all, facing overwhelming odds.

Much of today’s malware can be extremely difficult to identify and remove –despite a user relying on frontline antimalware applications to do the job. If you’re struggling with the reality of this statement, take a look at “Testing of antiviruses for the treatment of active infections” from Anti-malware Test Lab.

The following tools have been specifically designed to help users better identify malware infections, and then eradicate those specific infections. These tools require advanced computer knowledge, and unless you feel confident in your diagnostic skills, you should avoid them.

Here’s a reasonable test to determine if you have the skills necessary to use these application effectively. If you’re not capable of using, and interpreting, an application such as HiJackThis for example, it is unlikely that using these applications will prove to be beneficial. On the other hand, if you can interpret the results of a  HiJackThis scan, you’re probably “good to go”.

Should you choose to add these applications to your antimalware toolbox, be aware that you will need the latest updated version for maximum efficiency.

A-squared HiJackFree

The program operates as a detailed system analysis tool that can help you in the detection and removal of Hijackers, Spyware, Adware, Trojans, Worms, and other malware. It doesn’t offer live protection but instead, it examines your system, determines if it’s been infected, and then allows you to wipe out the malware.

Runscanner

If you’re a malware hunter, and you’re in the market for a free system utility which will scan your system for running programs, autostart locations, drivers, services and hijack points, then Runscanner should make your shortlist. The developers of Runscanner describe this freeware utility as having been designed to “detect changes and misconfigurations in your system caused by spyware, viruses, or human error.”

HijackThis

HijackThis is a free utility which heuristically scans your computer to find settings that may have been changed by homepage hijackers, spyware, other malware, or even unwanted programs. In addition to this scan and remove capability HijackThis comes with several tools useful in manually removing malware from a computer.

The program doesn’t target specific programs, but instead it analyses registry and file settings, and then targets the methods used by cyber-crooks. After you scan your computer, HijackThis creates a report, and a log file (if you choose to do so), with the results of the scan.

RKill

RKill is a program developed at BleepingComputer.com – “It was created so that we could have an easy to use tool that kills known processes that stop the use of our normal anti-malware applications. Simple as that. Nothing fancy. Just kill known malware processes so that anti-malware programs can do their job.”

Emsisoft BlitzBlank

BlitzBlank is a tool for experienced users and all those who must deal with Malware on a daily basis. Malware infections are not always easy to clean up. In more and more cases it is almost impossible to delete a Malware file while Windows is running. BlitzBlank deletes files, Registry entries and drivers at boot time before Windows and all other programs are loaded.

McAfee Labs Stinger

Stinger is a stand-alone utility used to detect and remove specific viruses. It is not a substitute for full anti-virus protection, but rather a tool to assist administrators and users when dealing with an infected system. Stinger utilizes next generation scan engine technology, including process scanning, digitally signed DAT files, and scan performance optimizations.

Specialty Removal Tools From BitDefender

Eight special removal tools including Conficker Removal Tool

Microsoft Malicious Software Removal Tool

This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

NoVirusThanks

NoVirusThanks Malware Remover is an application designed to detect and remove specific malware, trojans, worms and other malicious threats that can damage your computer. It can also detect and remove rogue security software, spyware and adware. This program is not an Antivirus and does not protect you in real time, but it can help you to detect and remove trojans, spywares and rogue security software installed in your computer.

Norton Power Eraser

Symantec describes Norton Power Eraser in part, as a tool that “takes on difficult to detect crimeware known as scareware or rogueware. The Norton Power Eraser is specially designed to aggressively target and eliminate this type of crimeware and restore your PC back to health.”

Rootkit Tools:

If you think you might have hidden malware on your system, I recommend that you run multiple rootkit detectors. Much like anti-spyware programs, no one program catches everything.

Microsoft Rootkit Revealer

Microsoft Rootkit Revealer is an advanced root kit detection utility. Its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit. According to Microsoft, Rootkit Revealer successfully detects all persistent rootkits published at http://www.rootkit.com, including AFX, Vanquish and Hacker Defender.

IceSword

IceSword is a very powerful software application that will scan your computer for rootkits. It also displays hidden processes and resources on your system that you would be unlikely to find in any other Windows Explorer like program. Because of the amount of information presented in the application, please note that IceSword was designed for more advanced users.

GMER

This freeware tool is essentially a combination of Sysinternals’ Rootkit Revealer and Process Explorer. The program can list running processes, modules and Windows services, in addition to scanning for the presence of rootkits.

Tizer Rootkit Razor

Tizer Rootkit Razor, will allow you to identify and remove Rootkits from your computer. I should be clear however, this tool is not “one-click simple” to decipher, and users need to be particularly mindful of false positives.

Since the false positive issue, is always a major consideration in using tools of this type, you should be aware that tools like this, are designed for advanced users, and above.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Immunet Protect 2 – A Leader In Community Driven Cloud Based Antimalware

The bad guys collude to make “bad” even “badder”. That’s a pretty strange way to construct a sentence, I’ll admit,  but here’s the message – cyber criminals are so organized, that they share information on both their successes and failures.

The result is, we’re now faced with the coming together of criminal gangs so that they can advance their overall strategy – stealing as much money as possible, from as many people as possible, in the shortest time frame possible.

There’s no doubt, that this collusion is a loose arrangement; nevertheless, it’s highly efficacious  – it provides opportunity for criminals to systematically craft tighter and more effective malware.

Wouldn’t it be a good idea then, if we (the potential victims), combined our forces and shared information, at some level, which might act as a counter measure to cyber criminal collusion? Well, we do. Or, at least, some of us do.

If you (like me), use WOT, the enormously popular Internet Browser security add-0n, which is a perfect example of how successful community driven security applications can be, you are doing just that.

Immunet Protect 2, gives you another opportunity to share information (and to have information shared with you), which will be used in the fight against the bad guys.

Immunet Protect 2, recently released following a very successful Beta test, is a superior community driven cloud based security application, now at half a million plus users and counting, and well on it’s way in gaining increasing popularity – and rightfully so.

In real time, Immunet Protect keeps track of the state of security in the collective community (network), and should a member of the network (the community), encounter malware, you (as a member of the protected community), are instantly protected against the threat.

A rather more impressive security solution than having to wait for a malware definition database update. An update that may take several days. Days in which you are effectively open to infection.

A community driven security application like Immunet Protect, does not suffer from this obvious disadvantage of having to chase runway malware. It’s significant advantage is it’s user base community – operating in real time.

Immunet Protect is a lightweight cloud based antivirus application, (available in both a free, and a fee version), designed to add a layer of protection while working in partnership with the most popular antimalware solutions.

On my principal home machine for example, Immunet Protect lines up with Microsoft Security Essentials and ThreatFire, to shore up any vulnerabilities my system might have to to zero-day threats.

You’ll find Immunet Protect straightforward to install, and easy to run without complication.

The screen captures I’ve setout below, will help you get a good overall feel for the application.

Setting the operating parameters (the protection settings), is straightforward. In the following screen capture you’ll notice tooltip pop outs which explain the function of each setting. A very cool feature for less experienced users.

During this full scan, CPU usage ran at roughly 20% on a dual core machine. And, system memory usage was surprisingly low at only 36 MB, as the following screen capture shows.

I have a preference for antimalware solutions that include the ability to launch a specific file scan from the Windows Explorer context menu, and Immunet Protect has included this feature.

Should you consider installing, and running, a Cloud Antivirus as supplementary antimalware protection?

If you are uncertain, then consider this:

The Internet is an uncertain world at the best of times

Cybercriminals design specific malware to exploit vulnerable systems without user interaction being required.

No single security application is capable (nor should we expect a single application to be capable), of providing adequate computer system protection. Gaps exist, in protection capabilities, in even the most sophisticated security applications.

Layering (or stacking) security applications, offers the best chance of remaining infection free, by closing these gaps.

A cloud based protective solution, in this case Immunet Protect, is a major step in shoring up any weaknesses, or gaps, and significantly increase your overall ability to detect malware.

Keep in mind however, that even the best layered protection strategy will not make up for lack of experience, and intuitiveness, when surfing the Internet. So, I’ll repeat what I have said here, many times – “knowledge, awareness, and experience are critical ingredients in the escalating battle, against cybercriminals.”

Immunet Protect Fast facts:

Two active scanning engines

Custom Scan

Scheduled scan

Context menu scan

Fast Antivirus: Immunet leverages the speed of cloud computing to deliver real-time protection to your PC.

Light Antivirus: Immunet is up to 35 times lighter than traditional antivirus solutions.

Real-time Antivirus: Immunet provides cloud-based protection that is always up-to-date against viruses, spyware, bots, worms, Trojans, and keyloggers without slowing down your PC. No need to download any virus signature files!

Companion Antivirus: Immunet is compatible with existing antivirus products to help protect you better. Add an extra, lightweight layer of protection for free.

Community Antivirus: Immunet’s Collective Immunity technology protects all users the instant that a virus is detected on one PC.

System requirements: Windows XP with Service Pack 2 or later, Vista (32-bit and 64 bit), Windows 7 (32-bit and 64-bit).

Download at: Developer’s site

I have no hesitation in recommending this application. I can’t think of another security application that has enjoyed a seven fold increase in users in the last six months, like Immunet Protect has. That’s no accident.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.