(Page 1 of 3)   1 2 3  Next >

Category: Hostile Code » Removal

Added 2006-07-14
by MIEL e-Security Pvt. Ltd.
Helios is an advanced malware detection system. It has been designed to detect, remove and inoculate against modern Windows rootkits. It performs behavioral analysis as opposed to signature based analysis and is one of the only tools that is able to detect rootkits in real-time, unhide hidden processes, restore hijacked system functions and inoculate the system against rootkit installation.

Added 2005-10-07
by Black List Software
When malicious software invades your system, the most invasive ones will ensure that they are malignant. They will do this by editing the registry, installing browser helper objects, hijacking the Internet connection with layer service providers and, sometimes all of the above. Some backdoor software will spawn or create clones of them selves in order to regenerate and become quite difficult to remove. Most Spyware scanners will not be able to baptize the system until these programs shut down and your scanners are not capable of doing this when the malicious software regenerates. Even deleting their entries found in the registry may not help considering that some malware will detect this change and add them selves back into the registry. Therefore, one must reboot into Safe Mode in order to ignore the startup list; however, it is now possible to detect, suppress, and remove these malignant processes without rebooting at all. With the release of Assassin version 1.0, anyone operating a personal computer can recover a hijacked network based Windows operating system within minutes and all without rebooting or changing the system configurations.

Added 2004-11-19
by Patrick M. Kolla
Spybot - Search & Destroy can detect and remove spyware of different kinds from your computer. Spyware is a relatively new kind of threat that common anti-virus applications do not yet cover. If you see new toolbars in your Internet Explorer that you didn't intentionally install, if your browser crashes, or if you browser start page has changed without your knowing, you most probably have spyware. But even if you don't see anything, you may be infected.

Airscanner Mobile AntiVirus Pro
Added 2004-02-12
by Airscanner Corp
Airscanner Corporation is the most trusted name in helping to defend your mobile device from "airborne" computer viruses. From the company that wrote the best-selling technical book Maximum Wireless Security comes a professional strength virus scanner for the Pocket PC. With the increased wireless connectivity of PDAs and Smartphones comes an increased threat from virus attacks. Save money, time, and data by protecting your valuable Pocket PC now with Airscanner Mobile AntiVirus Pro.

Added 2004-02-02
by labrum
MydoomDeleter tries to identify email messages infected with the Mydoom(.B) worm in POP3 mailboxes. It deletes any infected message that it identifies while they are still on the server. In order to perform the identification, it applies some heuristics to the headers, the size of the messages, and name of the attachment. It thus avoids downloading the actual email, making retrievals less taxing. It has both interactive and nonstop modes.

The OpenAntivirus Project: Summary
Added 2003-09-04
by cbricart, fz-net, hfuhs, kurti and reniar
Developing Open Source AntiVirus Solutions

Mailscanner for Postfix
Added 2002-04-30
by Peter Turczak
This program is invoked from the .forward file of a user and scans the incoming mails for .vbs .exe .com .bat, and similar attachments. If a message is clean, it is inserted into the users qmail-style Maildir. Otherwise, it is bounced.

Added 2002-02-26
by Foundstone
Vision, Foundstone's newest forensic product, is an essential part of a computer security professional's tool-kit. Vision maps all of a host's executables to corresponding ports, allowing you to identify and investigate suspicious services. Vision enables you to interrogate suspect services to identify backdoors and Trojan applications. If a malicious service is identified, Vision allows you to immediately kill it.

Added 2002-01-03
by Paul L Daniels
Arbomb facilitates the detection of volatile archive files which can be used to cripple email filtering servers with a Denial-Of-Service type of attack.

Added 2001-10-22
by ULTiMaTuM
WPTerm is a simple console-driven program that allows a user to list processes and terminate a process, no questions asked. It was designed as a replacement for the Windows 2000 Task Manager, as the Windows 2000 Task Manager has a design error in it that disallows a process to end if it has the same name as a critical OS file. This allows for malicious programs to run without easily having them shut down. (See bugtraq ID 3033) WPTerm fixes this problem.

Search Tools
Browse by category
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Libraries, Applications
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Secure Deletion
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


Privacy Statement
Copyright 2010, SecurityFocus