But what about on-demand virus scanners? Avert, which stands for Automatic Virus Eradication & Removal Tool, is a free program intended to be used on already infected systems, or systems that a user wants to scan with multiple antivirus engines to be sure that no virus, trojan, worm or other malicious program is found on it.

Avert can scan the computer system with eight different antivirus engines. By default, it will only download and run VIPRE. A click on the Tools and Settings button in the lower left corner displays the options where scanners from A-Squared, ClamWin, Trend Micro, Sophos, Panda, Avira and VBA32 can be selected. A click on Download loads the programs to the directory of Avert, and makes them automatically available for future scans.

Everything is kept portable, so that it is possible to move Avert and all downloaded antivirus scanners to another drive or computer.

The program directory with all antivirus tools included has a size of 313 Megabytes, less if only some of the virus scanners are downloaded.

In addition, Avert offers to run CCleaner and a set of three tools on the system. With CCleaner it is possible to remove temporary files to free up disk space. The three tools are available to backup the Windows Registry and reset the Windows Hosts file and proxy settings.

The depth of the scans and utilization of the included tools can be configured in the program’s main interface.

The virus scans can be configured before the start. Avert offers to run a full system scan, balanced, quick or custom scan. CCleaner can only be run in thorough mode if enabled, and the three tools can be enabled individually.

The individual programs may download the latest antivirus signatures if updates are available. These signatures do not seem to be saved locally, which means they need to be download every time the program is run. Vipre needs to be downloaded every time as well, because the developer does not offer an option to download the signature file separately. Avert runs all selected programs consecutively afterwards.

Avert is a free portable software for Windows. The program requires the Microsoft .net Framework 2.0. (via)

The portable software program is a rootkit scanner that scans for hidden files, registry entries, processes, drivers, and Master Boot Record (MBR) rootkits. The minimalistic interface makes program usage simple and straightforward. Users can either click directly on the scan button to perform a system scan for all forms of rootkits that can be detected by Trend Micro RootkitBuster or deselect some of the forms first before starting the scan.

Hidden objects will be displayed in the scan results in the program interface during the scan. It is possible to view the log file as well which contains additional information that are not displayed in the program itself. The difficulty part begins here. Users need to distinguish between harmless and dangerous files. Not every file that is listed in the program or log file is dangerous in nature. The best way to find out is to look at the suspicious file first and perform a search on the Internet afterwards.

The amount of information offered pales to that of other rootkit detection programs just as Rootkit Unhooker. That’s probably the biggest disappointment that Trend Micro has not changed the level of information that is presented to the user.

Trend Micro operates a service where users can submit suspicious files which are then analyzed by the Trend Micro team. Files that are not needed anymore can be deleted right from within the program’s interface. Trend Micro RootkitBuster is a portable software program for the Windows operating system which can be downloaded from the Trend Micro website. Users who want to test it extensively can download rootkits from the rootkit.com website.

The following links point to antivirus software programs that can be downloaded as trial versions. These trial versions can be used for either 30 days or 90 days without payment.

Which antivirus software developers are offering 90 day trials?

• McAfee VirusScan Plus [link]
• McAfee Internet Security [link]
• McAfee Total Protection [link]
• Norton Antivirus [link]
• Norton 360 [link]

Which antivirus software developers are offering 30 day trials?

• Kaspersky Antivirus [link]
• Kaspersky Internet Security [link]
• Bitdefender Antivirus [link]
• Bitdefender Total Security [link]
• Bitdefender Internet Security [link]
• ESET Smart Security [link]
• ESET Nod32 Antivirus [link]
• Trend Micro Internet Security Pro [link]
• Trend Micro Internet Security [link]
• Panda Security Antivirus [link]
• Panda Antivirus Pro [link]
• F-Secure Internet Security [link]
• F-Secure Antivirus [link]

Please let us know in the comments if we have missed a product.

Some notes: This article does not rate the antivirus software programs. There might be free programs out there that are comparable to the listed antivirus products. The only problem with this method is that users need to install different antivirus software regularly. This not only means more work for the user but also the requirement to get used to new software products.

Many antivirus companies are running promotions every now and then that offer longer trial versions for download. This will obviously help tremendously.

Any thoughts or ideas?

A new phishing email (via Trend Micro)that recently emerged claimed that the user’s Bank of America account was accessed by an international IP from an unregistered computer and that their “Foreign IP Spy” detected that breach.

It is asking the user to verify and register his current computer by logging in to the Bank of America website. That link leads to a new window which opens a phishing website that is using a fake address bar. Most users who clicked on that link will surely enter their login information.

This approach is basically appealing to the user to secure his account. That’s tricky and many users will probably fall for this because they believe that thiefs would not ask them to secure their accounts. What they obviously miss is the fact that the added security feature is fake and not existing.

Websites with that fake address bar can be easily identified by right-clicking on that website and selecting properties from the context menu if Internet Explorer is the browser of choice. Firefox users click on Page Info in that right-click menu while Opera users press Alt + Enter or right-click and selected Edit Site Preferences.

The best protection against phishing is to not open any links in emails. Always open the website directly in the browser. If you are insecure call the company and ask if they have send that email to you.

The main protection is gained from monitoring possible remote commands and control commands that are send from another computer . Other likely bot-related activities like mass mailings are monitored as well. RUBotted can be installed on Windows XP, Windows 2000, Windows Vista and Windows Server

The security application should work in conjunction with antivirus applications, even if those have not been designed by Trend Micro. In addition RUBotted offers to scan the computer using Trend Micro’s HouseCall, an online virus scanner. Some settings are offered to exclude specific requests from being monitored, those are: http incoming, smtp outgoing, irc requests and dns queries.

The first is that popular web 2.0 communities, in this case Digg, are being used to spread the malware. A screenshot of a Digg page shows how this is done. The screenshots shows two comments for a not so popular entry and both have a link that seems to point to Youtube at first glance but does not at second.

The url is slightly off, instead of youtube it is youtuhe and ynotube. Many users won’t recognize it and click on the link which leads to a number of redirects to a fake video site that asks you to download an ActiveX control which infects your computer. The number of redirects before the user reaches the destination is the second aspect worth noting.