Probably the Best Free Security List in the World

Introduction

Motto: Si vis pacem, para bellum.

The products for each category are listed with the best free products first. The products are almost exclusively free with some exceptions: products where there is no free alternative,  good products that offer a lifelong license, and exceptional products.

Please inform me for dead/false links, and give suggestions for new applications with the form located at the end of this list! Index Realtime protection Scanners Tools for virus removal Online-scanners Firewalls HIPS System hardening-HIPS System hardening Sandboxing/virtualization Vulnerability scanning and updates Browser security IP-blocking/hardening Privacy System monitoring Network traffic monitoring System cleaning Data rescue Encrypting Backup System rescue Miscellaneous Tests and malware analysis tools Vista/Windows 7 spesific security Prisoners on remand Doing time in jail

Keys: #  My current choice(s) for real-time protection ⇒ Good malware detection/removal tool(s) ♦  Noteworthy product(s) $ Not free   Supports 64-bit   Free version only provides malware detection. Removal included in the paid version. Portable version exists.

Realtime protection

Anti-virus: #Microsoft Security Essentials Avast! Avira AntiVir  Panda cloudantivirus AVG Anti-Virus Returnil with Fprot Ad-Aware Spyware Doctor with antivirus PC Tools Free AV Preventon   Rising Zillya Nano Kingsoft Clam Sentinel Twister $ Anti-malware (Can be run alongside with an AV): ⇒#Prevx Immunet Clam Antivirus Rising PC doctor Hazard Shield Windows Defender Security suite (anti-virus, anti-malware and firewall): Comodo Forticlient AV/AM trials: Emsisoft   (works as scanner after trial period) Kaspersky Avira Nod32

Scanners

AV-Scanners: ⇒Hitman Pro  Trendmicro Kaspersky Norton Security Scan Bitdefender free MWAV   Wuzzup  VBA32check MalAware Online Armor Cloudscanner   Sophos Threat Detection Test ClamWin Comodo cloud scanner Anti-malware scanners: ⇒Malwarebytes Anti-Malware Superantispyware NoVirusThanks Spy Sweeper Spyware Doctor Spy-Emergency CA antispyware Spybot S&D Portable antivirus/antimalware: ⇒DrWeb cureit Emsisoft Emergency USB Stick files Superantispyware VIPRE Rescue  AVZ  AVZ database Norman malware cleaner Trendmicro Sysclean  ClamWin portable  Multi-AV scanners: Multi-AV scan Antivirusmulti AV Rescue CD: ⇒Avira Kaspersky F-Secure  Panda BitDefender DrWeb GData AVG  more Integrate several rescue disks: Sardu Anti-rootkit: Gmer Kernel Detective RootRepeal Rootkit Unhooker SpyDllRemover XueTr VBA anti-rootkit Sophos Sanity check Gmer: mbr-rootkit Gmer: catchme (user-mode) Rootkitty (boot cd) Other Memory scanner: Threatexpert memoryscanner SuperRKill Rkill AV/AM definition files: Avira Malwarebytes Antimalware Superantispyware Avast

Tools for virus removal

Tools for most common viruses: F-secure easyclean McAfee Stinger MS Malicious Software Removal Tool Avira AntiVir Removal Tool Tools for stubborn malware: My procedure Norton Power Eraser Combofix Smitfraudfix Bytehero SafeReturner Removal tools for specific viruses: BitDefender Kaspersky F-Secure Symantec Panda Software Collection of anti-malware tools: Anti-malware toolkit Additional AV-spesific tools Avira Guides for malware removal: MajorGeeks Clean 64-bit machine Michael Horowitz Pcophinas Malware removal help sites: Bleepingcomputer Malwareremoval Dslreports Atribune Malware Removal Remove fake antivirus

Online-scanners

File scanning with several scanners: Virustotal (♦Uploader) Novirusthanks (Uploader) Jotti Virscan Filterbit Viruschief Scanning of several zipped files: Avira Online-scanners: Kaspersky F-Secure BitDefender BitDefender qscan Eset Panda Software a-squared OneCare Superantispyware Mcafee CA Comodo

Firewalls

Limited versions of commercial firewalls: Outpost  Online Armor Zonealarm Sunbelt Kerio free Firewalls: Comodo PCTools Privatefirewall Jetico Iolo Sygate Webroot NetVeda Safety.Net Ashampoo Filseclab Simple firewall: Ghostwall Windows firewall: XP firewall guide Configuring XP firewall Vista firewall guide Vista firewall control Windows 7 firewall control Diagnose and fix Windows Firewall service problems Gateways: Endian Untangle Smoothwall Replacement for router firmware: Tomato DD-WRT About NAT routers and hardware firewalls: article 1

HIPS

Behaviour blocker: ThreatFire Classical strong HIPS: Malware Defender (note) Comodo defence+ Spyware Terminator Real time defender EqSecure 3.41, (Alcyon ruleset) System Safety Monitor Classical lightweight HIPS: #⇒Winpatrol System shields Arovax Shield (XP,V) Anti-keylogger: SpyShelter Quaresso CoDefender Snoopfree DataGuard AntiKeylogger KL-detector PSMA Zemana $ Registry protection: MJ Registry Watcher Anti-executable: Process Guard (XP) Trust-no-exe Winsonar Faronics $ White/blacklisting anti-executable: Bluepoint security $ Drive firewall: DriveSentry SensiveGuard CoreForce PE Guard $ File/Folder Monitoring Software: Tiny Watcher SilentNight Inspector FileChecker FileMap by BB Osiris TheFolderSpy Anti Dialer: A-Squared Anti Dialer Dialer shields

System hardening-HIPS

System & Program Files Protection: System Protect Prevent other users deleting files/folders: Prevent MBR protection: MBRguard Memory firewall: Comodo memory firewall Address space randomization: WehnTrust USB-firewall: No Autorun USB protect Net Studio USB FireWall Ninja Pendisk!  Autorun Eater MxOne USB WriteProtector USB Drive Antivirus more Shutdown prevention: Shutdownguard

System hardening

Guides for securing your PC: BlueZanetti Cyber Security Tips Real security installing and using DropMyRights disabling autorun (XP) disabling autorun (V) Limited user account (LUA): # Vista, 7 XP More secure browser: Iron CromePlus Comodo Dragon Google Chrome Firefox Epic Opera Google Chrome Frame More secure pdf-reader: Foxit Sumatra More secure media player: KMPlayer More secure image viewer: Irfanview Picasa Hardening tools: Vispa Enhanced Mitigation Experience Toolkit Invincible Windows Harden-It Secure-It SafeXP XPantispy Security & Privacy Complete Seconfig XP Samurai Windows Worms Doors Cleaner USB-autorun disabling: Panda USB and AutoRun Vaccine Flash disinfector Thumbscrew Script-file protection: Script Defender ScripTrap Protection against scripts embedded on web pages: No Script Protection against flash embedded on web pages: Flash block Blitzableiter SRP (Software Restriction Policy): instructions 1 instructions 2 PGS - Pretty Good Security Adding user rights: Sudo for windows suDown Limiting user rights: SuRun Hardening processes: Microsoft EMET Improved Group Policy Editor: Doug's Windows XP Security Console Running program with dropped rights: DropMyRights.net PsExec StripMyRights 1-defender Hardware-based security: Determine Processor Security Features Protection against .LNK vulnerability: Shortcut Antivirus .LNK checker Sophos Protection against  DLL preloading remote attack: Microsoft

Sandboxing-virtualization

Sandboxing (for browsers/IM/etc): #Sandboxie GeSWall Bufferzone EdgeGuard Solo Safespace RTD Smart #Defensewall $ AppGuard $ AppRanger $ System virtualization: Returnil Powershadow 2.6 (Key) Virtual Protect Wondershare time freeze Shadow Defender $ Rollback software: Comodo time machine Rollback Rx  $ Firstdefence-ISR $ Eaz-fix $ Locked system : Windows Steadystate  (XP,V) Faronics Deep Freeze $ Desktop virtualization: Mojopac Icore Ceedo $ Virtual players: VmWare player, VmWare converter, EasyVMX converter moka5 live PC + Fearless Browser Virtualization software: VMWare VirtualBox VirtualPC VMLite VMToolkit Virtualized browser: Inmunos Portable OS: Ubuntu linux Linux live CD: LinuxMint Puppy Simply Mepis Slax Ubuntu

Vulnerability scanning and updates

Windows-system security analyzing: NeXpose Community Edition MS Baseline Security Analyzer Nessus Belarc Advisor Protector Plus WinUpdatesList Windows-system security analyzing (OS+installed programs): ♦Secunia F-secure health check Updates for installed programs: several here Updates from Microsoft: Shavlik Patch Google® Gadget Ryan VM's pack Keep set-up packages up-to-date Searching for drivers: Device Doctor Several here and here CD With All Current Drivers for Windows: DriverPack Solution 9 Many here Package for most important media addons: All in One Runtimes Check website vulnerabilities: Zerodayscan Penetration testing: Metasploit Framework

Browser security

Anti-phishing/malware browser plugins: ♦WOT Webutation LinkExtend McAfee Siteadvisor PcTools Browserdefender Norton Safeweb Surfcanyon Netcraft toolbar Bitdefender anti-phishing Sitehound Web Security Guard TrendProtect Comodo Verification Engine Real-time link scanning: SmartScreen Filter (IE) AVG Linkscanner Finjan SecureBrowsing Qualys Manual link scanning: ♦VTzilla UrlVoid IPVoid Webutation LinkScanner Dr.Web plug-in Unmask Parasites Online link scan vURL Norton Finjan AVG DrWeb TrendMicro Prevent Blackhat Search Engine Optimization: Zscaler Check the web trader: Shopping assistant Anti-phishing Firefox plugins: IDND ShowIP Check real URL: bit.ly preview Untiny url TrueURL expandmyurl longurlplease Ad blocking: ♦Adblock Plus  (blocklists) Adsweep Simple-adblock TACO AdblockIE Adblocking for Chrome Ad Muncher $ Pop-up blockers: PanicWare Pop-Up Stopper EMS Free Surfer

IP-blocking/hardening

Blocking connections to malware domains: Trend Micro Web Protection Add-On Blacklists for Explorer: Spyware Blaster Internet proxy+blacklist: SquidGuard Host File management: Hostsman HostsXpert B.I.S.S. Host Manager Host files (blocking malware and advertisements): Hostfile Hosts Mvps Other IP-block lists: CoU IP blocklist updater (Outpost firewall, Online Armor) Caching/filtering and blocking pseudo-DNS server: DNSKong Internal proxies: Proxomitron + JD list Sidki's Proxomitron config IdnWebShield BFilter Polipo External proxies: Freecap Socscap Better DNS: Sunbelt ClearCloud OpenDNS NortonDNS Comodo DNS Google DNS ScrubIT DynDNS local DNS proxy: Acrylic IP-blocking: Peerblock PeerGuardian 2 Parental control: Kidzui K9 Web Protection Parentalcontrolbar Glubble GoGoStat (Facebook) Spam filters SpamAssassin SpamBayes SpamCop Spamihilator SPAMfighter Comodo Antispam Mailwasher Spam Manager

Privacy

Facebook privacy: ReclaimPrivacy Privacy Check Openbook Zesty Chat privacy: Bitdefender chat encryption Search engines with high privacy: ixquick Eliminate ad-data tracking: Privacychoice Fake identity generator: Fakenamegenerator Anonymity tests: deanonymizer XeroBank Decloak Checking your own ip: Show My IP IP Adress Danasoft Checking your DNS: Check DNS-settings How malware hijacks DNS Collection of tools: Anoniem-surfen EPIC Free VPN connection: Comodo Trust Connect login page info info2 Hotspot shield UltraVPN Loki It's Hidden Free online proxy: Xerosurf Proxify Vtunnel Anonymouse Ninjacloak PimpMyIP Zend2 Proxybrowsing more here SSH and SFTP client: Tunnelier WinSCP FileZilla Anonymous browsers: Jondofox XeroBank Anonymous browsing tools: Ultrasurf Foxyproxy Tor JAP Spoofing mac address: Macmakeup Macshift Cookie-control: ♦CS lite Cookie monster CookieSafe Cookie culler Maxa LSO killing: BetterPrivacy Objection Key scrambling: #KeyScrambler Personal NextGen Antikeylogger Virtual keyboard: Trendmicro Transaction Guard Neo's safekeys Safeguarding banking session: My banking advice #Prevx SafeOnline (free here) Trusteer Rapport ID Vault Password management: Lastpass Passwordmaker Password Safe RoboForm Keepass Any password Secure login RoboForm2Go Generating secure passwords: Password Cards GRC E-mail encryption: PGPFreeware Comodo SecureEmail Gpg4win VPN sofware: Logmein Hamachi Comodo EasyVPN Browsing without a trace: Portable Firefox  Browzar Removal of jpeg metadata: JPEG and PNG stripper jScript BatchPurifier LITE Removal of doc metadata: Doc Scrubber Automatic analyzing of EULA: Eulalyzer Spywareguide Other: Google Analytics Opt-out Browser Add-on SSL-protected Google Secure HTTPS server: Perspectives Referrer control Detection of web bugs:Ghostery Service for one-time passwords: KYPS Protection against search data profiling: Trackmenot HTTPS-everywhere VPNLive - collection of proxy and VPN Secure search engine connection

System monitoring

System monitoring and diagnostic: System Explorer System info for Windows (SIW) What's Running Change Analysis Diagnostic tool EVEREST Home Edition Anvir task manager Fresh Diagnose Multimon Hijack Hunter Hardware monitoring and diagnostics: PC Wizard Sisoft Sandra lite Crystalmark MKN PerformanceMonitor Hardware, network and software inventory: Lansweeper Process/startup/etc scanners: ProcessExplorer  DTaskManager Glint Process Hacker Autorun Angel Autoruns Silent runners Run Scanner Startup control panel Startup Guard Autostart Explorer Tizer Ez-PC-fix Atool Process/startup/etc scanners with analyzing help: Eset SysInspector RSIT  (note) Sreng HijackThis (help) FreeFixer Hijack Hunter a2 HiJackFree Kaspersky GSI Security Task Manager Runalyzer Dart Bit OSAM Autorun manager Autorun Angel ProcessQuickLink Realtime process monitoring: Process monitor ProcessActivityView SpyMeTools Monitor file system activity: Malware Activity Watcher Monitor hard disk activity: What's my computer doing? Monitor hard disk health: Acronis Drive Monitor Monitor memory: MKN MemoryMonitor Monitor USB-activity: USBDeview USB activity monitor Monitor registry and file changes: RegShot SpyMeTools RegFromApp Installwatch InstallSpy SystemSherlock NT Filemonitor Detect packed drivers: Mischel Packed Driver Detector Searching files and processes: fileresearchcenter processlibrary Bit9 fileadvisor Sans institute File Type Inspector: TrID Executable Inspection: PEiD Mandiant red curtain Checksum calculation: ♦Hashtab Md5summer Hashcalc FileVerifier++ Other: How to verify the Integrity of Windows system files, (sfc /scannow) How To Check System Files For Digital Signatures Memory usage analysis: MEMMAP Check injected DLLs Monitor debug output: DebugView Debugger for Windows: WinDbg Monitor kernel object activity: ObjMon Monitor files in your website automatically: Websites Cop Svchost Process Analyzer

Network traffic monitoring

Port checking: ActivePorts TcpView CurrPorts+IPNetInfo Roadkil's Scan Port Plax network suite Botnet diagnosis: Trendmicro RUBotted Network traffic monitoring: Networx Netmeter F-secure web trail Network lights Urlsnooper ProcNetMonitor Network traffic analyzing: Wireshark NetworkMiner Nmap Cain & Abel IpSniffer Microsoft Network Monitor Analyzer Smartsniff NIDS: Snort Bothunter Control internet traffic priority: NetBalancer DNS-performance test: GRC Internet speed test: Speedtest Ping: Emco Ping Monitor Other: Protection against ARP poisoning Securing wireless network

System cleaning

Versatile cleanup tool: RegRun Reanimator Virus effect remover Process killing: APT KillProcess ProcX File shredders: Eraser UltraShredder File Shredder Wipe deleted files: Prevent restore Versatile tool for removing infection traces at bootup: BlitzBlank Threat Killer Unlocking files: Unlocker LockHunter Emco UnLock IT File killing: KillBox Brute force uninstaller (guide) FileASSASSIN Avenger Emco MoveOnBoot Guide for killing files Killing registry entries: RegASSASSIN Free locked files: WhoLockMe Tizer Device&driver analyzing: ServiWin Pserv.cpl Registry editing: Registrar lite Regalyzer RegSearch System cleaning: ⇒ CCleaner  CCEnhancer DiskMax Comodo system cleaner Easy Cleaner RegSeeker Tweaknow RegCleaner ATF-Cleaner CleanUP! PureRa FCleaner KCleaner lite (note) Wipe System Ninja Maintenance & Optimization: WinUtilities Ashampoo WinOptimizer Glary utilities Collection of tools: Mztweak Alternate data streams: StreamArmor ADSSpy Assasin G13 Shell extensions: ShellExView Tool for balancing process CPU: Process lasso ♦Process tamer Disk defragging Auslogics disk defrag Defraggler Registry defragging: PageDefrag Uninstallers: Revo uninstaller Zsoft uninstaller Add/Remove Pro Install Rite EMB uninstaller Uninstall Programs Packaged with Windows Installer in Safe Mode SafeMSI Raymond cc Tracking registry and files changes when installing software: Many here MRU-list deleting: MRU-Blaster Removing unwanted (preinstalled) Windows/software: PC Decrapifier Office 2007 remover AV removal (many tools) AppRemover AV removal 2 (many tools) Old versions of Java Old versions of Flash List of uninstallers

Data rescue

File rescuing from Usb-drive/hard disk: PC Inspector File Recovery Photorec DiskDigger Avira UnErase Recuva Easeus File rescuing from memory cards: PC Inspector smart recovery Rescuing files from corrupted hard disk: Unstoppable Copier DataRescue's DD Unstoppable copying: ♦TeraCopy Versatile tool for coping files: RichCopy Rescuing files from broken CD/DVD: IsoBuster IsoPuzzle CDcheck Recovery Toolbox Write error resistant DVD:s: dvdisaster

Encrypting

Versatile tool for encrypting: FREE CompuSec Hiding files/folders: My Lockbox Easy file locker Hidefolders Encrypting files: AxCrypt DsCrypt KGB archiver Crypt4free EncryptOnClick Cryptainer LE Androsa FileProtector ICE encrypt Password protect executables: Empathy Encrypted USB-stick: Encrypt Stick Disk/drive encryption: Comodo Encrypting with virtual drives: TrueCrypt Secret disk FreeOTFE Safehouse Explorer Encrypting for usb-drive: Cryptainer LE USB flash security Rohos Mini SecureStick Steganography: Hide in picture Bon Kuy Bon Steghide DIIT Invisible secrects Guide1 Guide2

Backup

Data Backup: Free File Sync Fbackup Syncback Karen’s Replicator Comodo Backup Cobian backup XXCopy Robocopy Areca Backup GFI Backup Hobo Copy Toucan FileHamster Timemachine for data: Genie Timeline Windows-based backup: Create system Image (7) Network backup: Bacula Syncronization tools: PureSync Fullsync FreeFileSync Online-disk: ♦Mozy Adrive Idrive Dropbox Memopal Gmail Drive shell extension Skydrive explorer (Windows Live) more Host and share files: Gigasize Rapidshare 4shared Sendspace Registry backup: Erunt Programs for mbr backupping and restoring: MBR Backup Many  here Creating images from hard disks on-line: Paragon Express Macrium Reflect Free Easeus DriveImageXML Drive Snapshot Comodo backup Roadkil's Disk Image Terabyte Image For Windows $ Backupping hard disk with Live-Cd: GParted+Clonezilla G4U PC INSPECTOR™ clone maxx Partition Logic Hard disk cloning: HDClone free (CD) Raw copy of hard disks: Roadkil's Raw Copy Hard disk wiping: Darik's Boot & Nuke Active Kill Disk PC INSPECTOR™ e-maxx Disk wipe Roadkil's Disk Wipe Backup drivers: Drivermax Double Driver Other: Backing Up EISA Hidden PQSERVICE Partition and MBR on a New Laptop Backup and Restore Vista OEM Activation License

System rescue

Repairing XP: Recovering Windows XP using the Recovery Console How to install and use the Windows XP Recovery Console Repair XP How to Perform a Windows XP Repair Install Windows Vista resque disks: Neosmart Windows 7 resque disks/USBs: Neosmart Raymondcc Versatile tool for trobleshooting: Microsoft fix it center Techtoolkit Resque disks: ⇒UBCD4win Trinity BartPE BootDisk UBCD Omega Norton Bootable Recovery Tool Partition recovery: Minitool Boot-CD registry editor: PC regedit Rescuing and troubleshooting: Paragon Resque Kit Memtest86+ Sisoft SystemResqueCD Shockfamily Knoppix BSOD survival guide Boot, resque, partitioning etc. Parted Magic Easeus Fixing MBR: Fixing MBR with Boot-CD another Fixing MBR Disk recovery(data, partition, boot sector): TesktDisk Partition Find & Mount Make bootable linux USB: UBootNetin LiLi Make bootable Windows USB: A bootable USB WintoFlash Recover a hanging system: Antifreeze Solve problem drivers: Bluescreenview Whocrashed Repairing of broken internet connection: Winsockxpfix Winsockfix Lspfix Autodebug for Winsock Repairing of broken internet connection (V) Network test tool Restore Corrupted Folder Options and Advanced Settings: Tool 1 Tool 2 Fix corrupted .exe association  another Fixpolicies XP Quick Fix Plus Dial-aFix Computer Repair utility kit Tools for speeding up (re)install: Ninite Multiple App Installer Allmyapps Windows reinstall guides: How to Rebuild your Computer Windows reinstall Install, reinstall, or uninstall Windows installing windows xp from a usb key Recover installations keys: The Magical Jelly Bean Keyfinder Recover Windows key for unbootable system Retrieve the Software Installation Keys Recover/reset Windows passwords: boot cd for reseting windows passwords How to reset windows account password How to recover Windows password Cain&Able Ophcrack Other: How to check if  system Is 32-bit or 64-bit (x86 or x64) Reveal Passwords Hidden Under Asterisks Recover Firefox master password Reset BIOS Password Recover router password

Miscellaneous

Security program lists: Spywarewarrior Alken firewallguide Best security forums: Wilders Security Blogs: Sunbelt F-secure lab Safe and Savvy Portable application launchers: PortableApps App.etizer Asuite Remote control: Teamviewer LogMein RealVNC Crossloop TwinVNC Other: Symantec threat meter WiFi Shield: KittyLitter System Lock:  Predator Laptop Security:  LAlarm

Tests and malware analysis tools

AV/AM testing methodology: My proposal AV-laboratories: support@emsisoft.com newvirus@kaspersky.com virus@avira.com report@prevxresearch.com https://analysis.f-secure.com/ Eicar test virus: Eicar AntiVirus test file Test spyware: Spycar Scoundrel Simulator System shutdown test: ZeroDay test Keylogger/screencapture/webcam  etc. tests: Zemana AKLT SpyShelter SKL HIPS/Firewall-tests: Comodo Matousec Buffer overfolw test: Comodo Firewall/port tester: GRC AuditmyPC Hackerwatch Hackerwhacker Router crash test: GRC DNS security test: GRC Email security test: GFI Other security tests: Test my PC PC Flank Anti-rootkit tests: Hideproc Process termination: SPT Browser tests: Web Check Popup Check Test sites: Av Comparatives Matousec Virus Info Anti Malware Test Shadow Server Kareldjag PCSL - PC Security Labs Remove-malware MRG Antivirus software challence Virus.gr Info and tools on malware analysis: Malwareinfo MTC Real-time analysis for sandboxed malware: Buster Sandbox Analyzer Online sandbox for malware analysis: Threatexpert Sunbelt Sandbox CIMA Anubis Norman Sandbox Joebox Autovin Wepawet BitBlaze Eureka Comodo Malware samples and hostile sites: MDL       Offensive Computing Malwaredatabase Malware-Research Malwaredomains Malwarebytes GSI parser: Getsysteminfo View HTTP Request and Response Header: Web sniffer

Vista/Windows 7 specific security

Better UAC: #TweakUAC Norton UAC Tool Better XP mode: VMLite VMware DEP: turning DEP on SEHOP: Turning SEHOP on

Notes

# My current choices for real-time protection Vista laptop: LUA Windows Firewall Sandboxie Pro Prevx free with SafeOnline TweakUAC XP desktop: Defencewall personal firewall Prevx with SafeOnline Winpatrol Plus This is setup for my friends and relatives: Microsoft Security Essentials Windows Firewall Prevx free with SafeOnline LUA (Vista, 7) TweakUAC (Vista, 7) ♦ Other noteworthy products WoT Adblock Plus Virustotal uploader Secunia software inspector CS lite Process tamer Mozy Teracopy VTzilla ⇒ Malware detection/removal tools Below a combat proven cleaning process for removing stubborn malware. (Start with boot cd:s to kill most resistance before going to Windows.) AV boot cd -  Avira/Kaspersky UBCD4Win  + DrWeb Cureit/Emsisoft Emergency* If system becomes unbootable try repairing Windows with the XP recovery console or Vista/7 system recovery options menu. (These may be found  in the boot menu, but if they have not been installed,  you can use them with original install cd or with a specially made recovery cd. (Look also here.) Hitman Pro** Malwarebytes antimalware Prevx free + manual cleaning with UBCD4Win if needed Switch Windows firewall on. Winpatrol (For manual analysis: HOSTS-file, startups etc.) Clean Alternate Data Streams (ADS) Uninstall old AV. Install new AV and scan with it. Remove with CCleaner  temp-files and clean registry. (Take registry snapshot before cleaning.) Verify the Integrity of Windows system files (sfc /scannow) Check for Windows/Microsoft  updates. Check updates of other programs with Secunia sofware inspector Check DNS-settings. Here  more info.   Empty the system restore and create a new restore point. (XP, Vista/7) run chkdsk /r *) Notice, that all these portable antimalware can be used with UBCD4Win boot cd. You can copy them to hard disk, USB stick or CD. Run always "full scan". **)  If you meet a malware that still blocks executables, try a "Force Breach" start of Hitman Pro (hold the left Ctrl-key until the man with the ladder appears while opening Hitman Pro). If you get UAC prompt you need to keep holding ctrl while you acknowledge the message. In case the internet connection is broken or unavailable, start a Early Warning Scoring (EWS) scan by selecting it from the Next button. This will also reveal: 1) The use of a local proxy server  (an indication of malware redirecting or sniffing your web activity). 2) Check and fix an invalid Winsock stack. 3) Detect problems with NDIS (Network Driver Interface). 4) Track down rootkits or other malware that are cloaked, perform suspicious activity or have many bad characteristcs (unethical construction and/or behavior). My banking advice Use one LUA for ALL everyday use and make another LUA which is used ONLY for banking. The point is, that if the everyday LUA is infected, the infection is limited to that account. (99.99% safety guaranteed. This of course requires, that  you are not yet infected, and don't install malware with adminstrative rights in the future.) And get the free version of Prevx SafeOnline. Direct link forbidden Due to site politics direct links to executable files and non-green WOT-sites are forbidden. In such cases replace [dot] with . and the link will work. Other anti-rootkits There are numerous anti-rootkits. I give here some more.  They may be very good, but I cannot recommeded them, as I don't know anything about their quality: Tizer My proposal for a simple AV/AM testing methodology Cleaning test 1.install AM 2.boot 3.run Tiny watcher 4.real-time protection off 5.take 10 samples, check at Virustotal 6.install samples (monitor with Process explorer to see if really runs) 7.boot 8.realtime protection on 9.Clean, boot, Clean, boot, Clean, boot,..... 10.run TW again (what is left) 11.Check rootkits (+others) with Prevx free + Hitman pro Protection test (samples) 1.take 10 samples (checked at Virustotal) 2.install AM 3.boot 4.run Tiny watcher 5.install samples (monitor with Process explorer to see if really runs) 6.Boot 7.Clean, boot, Clean, boot, Clean, boot,..... 8.run TW again (what is left) 9.Check rootkits (+others) with Prevx free + Hitman pro Protection test (exploits) 1.take 5 exploits 2.install AM, old adobe, old java, old flash 3.boot 4.run Tiny watcher 5.run exploits (monitor with Process explorer to see if really runs) 6.Boot 7.Clean, boot, Clean, boot, Clean, boot,..... 8.run TW again (what is left) 9.Check rootkits (+others) with Prevx free + Hitman pro Prisoners on remand (might be somewhat useful, but not recommended) RemoveIT Pro  (too many dangerous false positives) Multi-AV Scanning Tool (some reports of crippling the system) Replace UAC (This company makes also a rogue called True Sword) Winpooch (not compatible with XP SP3) WIPS (PoC-software, very demanding) Digital defender, Blue Atom, Innobate , Moon Secure (low detection rate AV) Corbitek, Emco Malware destroyer , Mysystemexpert (low detection rate AM) Doing time in jail (not recommended) NoAdware (rogue) IObit Security 360, IObit  Advanced SystemCare Free, IObit Uninstaller, IObit Smart Defrag (probable MBAM database theft) Probably the Best Free Security List in the World (c) 2009-2010 Antti Koponen Disclaimer: Some of these programs may harm your PC (especially when misused). Use at your own risk.