2 3 Next >
Category: Hostile Code » Removal
Helios is an advanced malware detection system. It has been designed to detect, remove and inoculate against modern Windows rootkits. It performs behavioral analysis as opposed to signature based analysis and is one of the only tools that is able to detect rootkits in real-time, unhide hidden processes, restore hijacked system functions and inoculate the system against rootkit installation.
When malicious software invades your system, the most invasive ones will ensure that they are malignant. They will do this by editing the registry, installing browser helper objects, hijacking the Internet connection with layer service providers and, sometimes all of the above. Some backdoor software will spawn or create clones of them selves in order to regenerate and become quite difficult to remove. Most Spyware scanners will not be able to baptize the system until these programs shut down and your scanners are not capable of doing this when the malicious software regenerates. Even deleting their entries found in the registry may not help considering that some malware will detect this change and add them selves back into the registry. Therefore, one must reboot into Safe Mode in order to ignore the startup list; however, it is now possible to detect, suppress, and remove these malignant processes without rebooting at all. With the release of Assassin version 1.0, anyone operating a personal computer can recover a hijacked network based Windows operating system within minutes and all without rebooting or changing the system configurations.
Spybot - Search & Destroy can detect and remove spyware of different kinds from your computer. Spyware is a relatively new kind of threat that common anti-virus applications do not yet cover. If you see new toolbars in your Internet Explorer that you didn't intentionally install, if your browser crashes, or if you browser start page has changed without your knowing, you most probably have spyware. But even if you don't see anything, you may be infected.
Airscanner Mobile AntiVirus Pro
Airscanner Corporation is the most trusted name in helping to defend your mobile device from "airborne" computer viruses. From the company that wrote the best-selling technical book Maximum Wireless Security comes a professional strength virus scanner for the Pocket PC. With the increased wireless connectivity of PDAs and Smartphones comes an increased threat from virus attacks. Save money, time, and data by protecting your valuable Pocket PC now with Airscanner Mobile AntiVirus Pro.
MydoomDeleter tries to identify email messages infected with the Mydoom(.B) worm in POP3 mailboxes. It deletes any infected message that it identifies while they are still on the server. In order to perform the identification, it applies some heuristics to the headers, the size of the messages, and name of the attachment. It thus avoids downloading the actual email, making retrievals less taxing. It has both interactive and nonstop modes.
The OpenAntivirus Project: Summary
Developing Open Source AntiVirus Solutions
Mailscanner for Postfix
This program is invoked from the .forward file of a user and scans the incoming mails for .vbs .exe .com .bat, and similar attachments. If a message is clean, it is inserted into the users qmail-style Maildir. Otherwise, it is bounced.
Vision, Foundstone's newest forensic product, is an essential part of a computer security professional's tool-kit. Vision maps all of a host's executables to corresponding ports, allowing you to identify and investigate suspicious services. Vision enables you to interrogate suspect services to identify backdoors and Trojan applications. If a malicious service is identified, Vision allows you to immediately kill it.
Arbomb facilitates the detection of volatile archive files which can be used to cripple email filtering servers with a Denial-Of-Service type of attack.
WPTerm is a simple console-driven program that allows a user to list processes and terminate a process, no questions asked. It was designed as a replacement for the Windows 2000 Task Manager, as the Windows 2000 Task Manager has a design error in it that disallows a process to end if it has the same name as a critical OS file. This allows for malicious programs to run without easily having them shut down. (See bugtraq ID 3033) WPTerm fixes this problem.
Browse by category