Categories /

Security - Malware Detection (14)

ClamWin Portable v0.99 Updated

SYSTEM on 2 Feb 2016

Clam Antivirus is a virus and spyware scanner whose database is constantly maintained by a group of volunteers, and updates are always available for free. Note that the program does not contain an on-access real-time scanner; you must manually scan a file in order to detect malware.

ClamWin Portable is a portable wrapper for ClamWin and can be modified to automatically update virus database periodically or during startup.


System Requirements: Win2K / WinXP / Vista / Win7 / Win8
Writes settings to: Application folder
Stealth: ? Yes
Unicode support: No
License: GPL
How to extract: Download the self-extracting EXE and extract to a folder of your choice. Launch ClamWinPortable.exe.
What's new? ClamWin
This release updates ClamAV scanning engine to the latest version and brings important improvements:
  • Heuristic detection improvements
  • Improvements in detection and processing of archived files
  • Other important bug fixes

ClamAV 0.99 contains major new features and changes. YARA rules,
Perl Compatible Regular Expressions, revamped on-access scanning
for Linux, and other new features join the many great features of ClamAV:
  • Processing of YARA rules(some limitations- see signatures.pdf).
  • Support in ClamAV logical signatures for many of the features added for YARA, such as Perl Compatible Regular Expressions, alternate strings, and YARA string attributes. See signatures.pdf for full details.
  • New and improved on-access scanning for Linux. See the recent blog post and clamdoc.pdf for details on the new on-access capabilities.
  • A new ClamAV API callback function that is invoked when a virus is found. This is intended primarily for applications running in all-match mode. Any applications using all-match mode must use the new callback function to record and report detected viruses.
  • Configurable default password list to attempt zip file decryption.
  • TIFF file support.
  • Upgrade Windows pthread library to 2.9.1.
  • A new signature target type for designating signatures to run against files with unknown file types.
  • Improved fidelity of the "data loss prevention" heuristic algorithm. Code supplied by Bill Parker.
  • Support for LZMA decompression within Adobe Flash files.
  • Support for MSO attachments within Microsoft Office 2003 XML files.
  • A new sigtool option(--ascii-normalize) allowing signature authors to more easily generate normalized versions of ascii files.
  • Windows installation directories changed from \Program Files\Sourcefire\ClamAV to \Program Files\ClamAV or \Program Files\ClamAV-x64.
Latest comments
MKonar on 2014-07-20 18:19

An update on ClamWinPortableDBUpdate: has been repaired. :-)

You can get to the ClamWinPortableDBUpdate website through either of the following links:
* (which now forwards to)

If anyone here wants to take over maintanence of ClamWinPortableDBUpdate, please send me a message. I no longer use Windows and so no longer maintain it.

JohnyZlo on 2015-03-01 11:04

ClamWin v0.98.6 released:

This release updates ClamAV scanning engine to the latest version and brings following improvements:
* Bug fixes in detection of files produced by upx, upack and mew packagers
* Other bug fixes and feature improvements

Download the latest version here:

Midas on 2015-05-16 21:13

Please note that, for updating purposes, you needn't download the full 100MB+ ClamWin package.

Just go to, find the latest version folder and download the clamwin-0.9x.x-setup-nodb.exe, which is only about 8MB -- after (Uni)extracting, you'll find all the files you need for updating in the '{app}\bin' folder...

See all

Emsisoft Emergency Kit v11.0.0.6082 Updated

joby_toss on 23 Jan 2016
  • 452MB (uncompressed)
  • Released on 21 Jan 2016
  • Suggested by joby_toss

Emsisoft Emergency Kit contains a collection of programs to scan for malware including viruses, worms, trojans, adware, keyloggers and more. The program also has cleaning tools and methods to remove stubborn leftovers created by malware.

System Requirements: Win7 / Win8 / Win10
Writes settings to: Application folder
Stealth: ? Yes
License: Free for personal use
How to extract: Download the self-extracting EXE to a folder of your choice and execute. Launch Start Emergency Kit Scanner.exe.
Similar/alternative apps: Spybot - Search & Destroy
What's new? Emsisoft Emergency Kit contains two folders: bin32 and bin64.

You may either directly navigate to the right folder and start the edition
that matches your operating system or simply use the starter applications
in the package root folder.

If you run either of the editions to perform an online update, the other
edition will always be updated too.

The 32 bit edition can not be started on 64 bit Windows and vice versa.

KL-Detector v1.3

webfork on 24 Feb 2015

KL-Detector checks whether any software-based keylogger has infected your system. It does so by checking if any log file is secretly written to your harddisk during the monitoring process, something that most software-based keyloggers do by nature. KL-Detector can help check public computers for potential threats before entering sensitive information.

System Requirements: WinNT / Win2K / WinXP
Writes settings to: None
License: Freeware
How to extract: Download the ZIP package and extract to a folder of your choice. Launch KL-Detector.exe.
Latest comments
RuuD on 2008-09-20 07:55

Do NOT go to the download site!
As soon as I klick on the "download" but i get an intrusion
(Avast) of some kind,I broke the connection immediately and never really read what kind of attack it was.

just_somebody on 2008-11-02 01:18

Norton Safe Web stated the site ( has a trojan
McAfee Site Advisor gives them a green rating.
W.O.T a yellow rating.
As far as the KL-Detector program it can be found on several
trusted download sites (snapfiles, tucows, softpedia, wilderssecurity).
I downloaded it from to see if I got any warning from Avast.Seems ok. But a good rule of thumb, if there is any doubt don't download/run. Wait till there is more info on this program.

Tom on 2010-09-25 17:26

I'd trust it.

Downloaded from Dewasoft and scanned with and it came back completely negative.

Just for kicks I scanned with Online Link Scanner, Dr. Web LinkChecker, VirusTotal, and all came back clean. I uploaded it to Anubis too, but I'm not knowledgeable enough to know what to make of the results. From what I can tell it's "suspicious".

I can see why Norton thinks CrazyTyping is a virus. It's a joke program. Apparently a lot of other AVs thinks it's bad too. Dr.Web and McAfee call it "Joke.Crazytyping". It's probably fine.

See all

SpyDLLRemover v6.0

Checker on 28 Nov 2014
  • 4MB (uncompressed)
  • Suggested by Lupo73

SpyDLLRemover is the standalone tool to effectively detect and delete spywares from the system. It comes with advanced spyware scanner which quickly discovers hidden Rootkit processes as well suspcious/injected DLLs within all running processes.

System Requirements: WinNT / Win2K / WinXP / Vista / Win7 / Win8
Writes settings to: Application folder
License: Freeware
How to extract:
  1. Download the ZIP package and extract to a folder of your choice
  2. Create an empty SpyDLLRemover_ScanSettings.ini file within this folder
  3. Launch SpyDLLRemover.exe
What's new?
    Version 6.0: 7th July 2014
  • Mega version with support for latest operating system Windows 8.1. Support for white-listing known executable files. Also presents improved GUI interface with new banner & glowing icons.

Changelog at
Latest comments
Jimmy Neutron on 2010-10-02 20:04

Isn't the "Right Click Menu" integration added in version 4.0 basically incompatible with the concept of portable applications? Does this upgrade have other effects on the registry that impact/break the portability enjoyed by previous versions?

SecurityXploded on 2010-10-18 08:18


'Right Click Menu' is for the list box within the application unlike the Explorer right click context menu. So no issues with portability.

Like earlier versions, it always store settings to the ini file in the same location as exe file. No read/write to the registry is performed.

Add comment

AdvancedWinServiceManager v3.5

Midas on 28 Nov 2014

AdvancedWinServiceManagermakes it easy to eliminate malicious services by separating out third party services from Windows services. Because programs installed as a Service run at startup and have higher privileges, they are ideal locations for malware.

By default, the program only shows third party services along with more details such as Company Name, Description, Install Date, File Path, etc in one place. This helps in quickly differentiating between legitimate and malicious services. It comes with rich features such as detecting hidden rootkit services, exporting the service list to html-based log file, displaying only third party services etc.

System Requirements: WinXP / Vista / Win7 / Win8
Writes settings to: None
Dependencies: Administrator rights
Stealth: ? Yes
License: Freeware
How to extract: Download the ZIP package and extract to a folder of your choice. Launch AdvancedWinServiceManager.exe.
What's new?
    Version 3.5: 16th Jun 2013
  • Now by default it shows third party services at the start. Also launches in maximized mode.

Changelog at
Latest comments
GMS9810 on 2010-07-18 19:49

Very helpful screenshot

Emka on 2013-12-16 18:51

v3.5 out, still portable?

Add comment