Categories /

Security - Malware Detection (15)

Stinger v12.1.0.1550 Updated

Checker on 26 May 2015
  • 15MB (uncompressed)
  • Released on 26 May 2015
  • Suggested by Roman Mahr

Stinger is an utility used to detect and remove specific viruses. It is not a substitute for full anti-virus protection, but rather a tool to assist administrators and users when dealing with an infected system. Stinger utilizes next generation scan engine technology, including process scanning, digitally signed DAT files, and scan performance optimizations.

WARNING: The latest version of Stinger install a Windows service on launch. The service is extremely difficult to delete.

NOTE: The removal of this program from the database in under review.

Category:
System Requirements: WinXP / Vista / Win7 / Win8
Writes settings to: Application folder
Dependencies: Administrator rights
Stealth: ? No. HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\Stinger (Which it removes all but an empty HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\)

Installs the 'McAfee Validation Trust Protection Service' (mfevtps.exe) to the local machine, see warning above.
License: Freeware
How to extract: Download stinger32.exe ( for 32-bit OS) or stinger64.exe (for 64-bit OS) to a folder of your choice and launch.
What's new? Enhanced Detections:
  • FakeAlert-WinWebSec!env.h
Latest comments
Wolfghost on 2014-12-08 16:21

For those who didn't know: Stinger has gained a new member called Raptor and shows up in systray hidden.
And is included with the Stinger when you download while you are ignorant about it!

http://www.mcafee.com/us/downloads/free-tools/how-to-use-raptor.aspx

AdrianK_IT on 2015-05-12 09:00

This covert install of a hard-to-remove Windows service is the final nail in Stinger's coffin. More info on ghacks: http://www.ghacks.net/2015/05/11/mcafee-stinger-installs-mcafee-validation-trust-protection-service/

AdrianK_IT on 2015-05-12 09:09

"McAfee Stinger has been removed from the Portable App Directory due to malware-like behavior".

IMHO Portable Freeware should do the same. This site has an enviable reputation in the IT community I inhabit as a trusted source for software downloads ie for NOT bundling foistware in its offerings, in stark contrast to the increasingly dubious practices of previously worthy sites. Let's not go there!

See all

ClamWin Portable v0.98.7 Updated

Checker on 18 May 2015

Clam Antivirus is a virus and spyware scanner whose database is constantly maintained by a group of volunteers, and updates are always available for free. Note that the program does not contain an on-access real-time scanner; you must manually scan a file in order to detect malware.

ClamWin Portable is a portable wrapper for ClamWin and can be modified to automatically update virus database periodically or during startup.

Alternatives:

Category:
System Requirements: Win2K / WinXP / Vista / Win7 / Win8
Writes settings to: Application folder
Stealth: ? Yes
Unicode support: No
License: GPL
How to extract: Download the self-extracting EXE and extract to a folder of your choice. Launch ClamWinPortable.exe.
What's new?
  • PDF processing improvements.
  • Improvements in detection and processing of packed executables.
  • Improved handling of iso9660 files.
  • Other important bug fixes.
Latest comments
Midas on 2014-12-09 15:16

Upstream ClamWin v0.98.5 released: http://www.clamwin.com/content/view/244/1/

JohnyZlo on 2015-03-01 11:04

ClamWin v0.98.6 released: http://www.clamwin.com/content/view/245/1/

This release updates ClamAV scanning engine to the latest version and brings following improvements:
* Bug fixes in detection of files produced by upx, upack and mew packagers
* Other bug fixes and feature improvements

Download the latest version here: http://sourceforge.net/projects/clamwin/files/clamwin/0.98.6/

Midas on 2015-05-16 21:13

Please note that, for updating purposes, you needn't download the full 100MB+ ClamWin package.

Just go to http://sourceforge.net/projects/clamwin/files/clamwin/, find the latest version folder and download the clamwin-0.9x.x-setup-nodb.exe, which is only about 8MB -- after (Uni)extracting, you'll find all the files you need for updating in the '{app}\bin' folder...

See all

KL-Detector v1.3

webfork on 24 Feb 2015

KL-Detector checks whether any software-based keylogger has infected your system. It does so by checking if any log file is secretly written to your harddisk during the monitoring process, something that most software-based keyloggers do by nature. KL-Detector can help check public computers for potential threats before entering sensitive information.

Category:
System Requirements: WinNT / Win2K / WinXP
Writes settings to: None
License: Freeware
How to extract: Download the ZIP package and extract to a folder of your choice. Launch KL-Detector.exe.
Latest comments
RuuD on 2008-09-20 07:55

Do NOT go to the download site!
As soon as I klick on the "download" but i get an intrusion
(Avast) of some kind,I broke the connection immediately and never really read what kind of attack it was.

just_somebody on 2008-11-02 01:18

Norton Safe Web stated the site (dewasoft.com) has a trojan
in crazytyping20.zip.
McAfee Site Advisor gives them a green rating.
W.O.T a yellow rating.
As far as the KL-Detector program it can be found on several
trusted download sites (snapfiles, tucows, softpedia, wilderssecurity).
I downloaded it from dewasoft.com to see if I got any warning from Avast.Seems ok. But a good rule of thumb, if there is any doubt don't download/run. Wait till there is more info on this program.

Tom on 2010-09-25 17:26

I'd trust it.

Downloaded from Dewasoft and scanned with VirusTotal.com and it came back completely negative.

Just for kicks I scanned http://dewasoft.com/privacy/kldetector.htm with Online Link Scanner, Dr. Web LinkChecker, VirusTotal, and all came back clean. I uploaded it to Anubis too, but I'm not knowledgeable enough to know what to make of the results. From what I can tell it's "suspicious".

I can see why Norton thinks CrazyTyping is a virus. It's a joke program. Apparently a lot of other AVs thinks it's bad too. Dr.Web and McAfee call it "Joke.Crazytyping". It's probably fine.

See all

SpyDLLRemover v6.0

Checker on 28 Nov 2014
  • 4MB (uncompressed)
  • Suggested by Lupo73

SpyDLLRemover is the standalone tool to effectively detect and delete spywares from the system. It comes with advanced spyware scanner which quickly discovers hidden Rootkit processes as well suspcious/injected DLLs within all running processes.

Category:
System Requirements: WinNT / Win2K / WinXP / Vista / Win7 / Win8
Writes settings to: Application folder
License: Freeware
How to extract:
  1. Download the ZIP package and extract to a folder of your choice
  2. Create an empty SpyDLLRemover_ScanSettings.ini file within this folder
  3. Launch SpyDLLRemover.exe
What's new?
    Version 6.0: 7th July 2014
  • Mega version with support for latest operating system Windows 8.1. Support for white-listing known executable files. Also presents improved GUI interface with new banner & glowing icons.

Changelog at http://securityxploded.com/spydllremover.php#Release_History.
Latest comments
Jimmy Neutron on 2010-10-02 20:04

Isn't the "Right Click Menu" integration added in version 4.0 basically incompatible with the concept of portable applications? Does this upgrade have other effects on the registry that impact/break the portability enjoyed by previous versions?

SecurityXploded on 2010-10-18 08:18

@Jimmy

'Right Click Menu' is for the list box within the application unlike the Explorer right click context menu. So no issues with portability.

Like earlier versions, it always store settings to the ini file in the same location as exe file. No read/write to the registry is performed.

Add comment

AdvancedWinServiceManager v3.5

Midas on 28 Nov 2014

AdvancedWinServiceManagermakes it easy to eliminate malicious services by separating out third party services from Windows services. Because programs installed as a Service run at startup and have higher privileges, they are ideal locations for malware.

By default, the program only shows third party services along with more details such as Company Name, Description, Install Date, File Path, etc in one place. This helps in quickly differentiating between legitimate and malicious services. It comes with rich features such as detecting hidden rootkit services, exporting the service list to html-based log file, displaying only third party services etc.

Category:
System Requirements: WinXP / Vista / Win7 / Win8
Writes settings to: None
Dependencies: Administrator rights
Stealth: ? Yes
License: Freeware
How to extract: Download the ZIP package and extract to a folder of your choice. Launch AdvancedWinServiceManager.exe.
What's new?
    Version 3.5: 16th Jun 2013
  • Now by default it shows third party services at the start. Also launches in maximized mode.


Changelog at http://securityxploded.com/winservicemanager.php#History_AdvancedWinServiceManager.
Latest comments
GMS9810 on 2010-07-18 19:49

Very helpful screenshot
NOT

Emka on 2013-12-16 18:51

v3.5 out, still portable?

Add comment