Utility Software

Posted on 2015-01-31
Last Modified: 2015-03-18
How does one know if a utility/maintenance program is authentic; that it does not add malware or worse to one's system?
In particular, what about MalwareBytes, Driver Support, Driver Update, Reg Cure Pro, Reg Zooka and Spy Zooka.
What is a good anti-keylogger program - one that will not compromise my system?
Question by:vdaigle
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 27

Accepted Solution

Thomas Zucker-Scharff earned 125 total points
ID: 40582138
MBAM from is excellent sw. I'll link to others on Monday. In general though,  anything from is good. Most apps mentioned here on ee. Abs most stuff from
LVL 63

Assisted Solution

btan earned 250 total points
ID: 40582149
Minimally have
a) Use installed AV scan on those files and use another AV (not the same provider) too. Do tried it out in test machine, rather than your work or personal one. Note for most work environment, it (rightfully) be managed by IT and push down from your trusted source internally. You need admin rights for installation most of time.

b) Monitor any impact to the test machine such as anomalies of system slow down (heavy cpu/memory use/slower network access), other additional like s/w bundle of tool bar like or plug in like in browser, program added in startup folder, additional account created, ... nonetheless, known malicious attempts (within bounds of latest AV signature) should be detected and alerted. I have my past posting on anomalies to be wary off too...

However, we should err on the safe side as always and consider other more means too:

a) Check against blacklist and known threat - using its hash search or binary file or even its url link hosting that. Below are some good ones to check out (there are quite a couple of others too), open for alternate analysis opinion rather than one
(Virustotal -
(Malwr -
(ThreatExpert -

b) Check source of software - Do always have it downloaded or gotten from known authorised, reputable sites and sources which you know of. They would have proven it and file or binary will ideally be signed by the source certificate verifying that. Likewise it should not be from some unknown email with attachment, URL etc. Cloud service file drop and social site sharing of file is also quite suspicious too. And definitely not a P2P or torrent site file share please.

It is not a silver bullet to sieve out possible means but far better than compared to leaving to chances. if need to verify again the source for assurance. Even now, for open source (including portable executable type), I tend to be stay conservation with strewn of open source site incident where codes may been tampered and abused.

We can hear out from more in the forum posting..
LVL 92

Expert Comment

ID: 40582197
>>  , Driver Support, Driver Update, Reg Cure Pro, Reg Zooka and Spy Zooka  <<  in general, during install, they offer "additional " software to be installed
decline or skip these, that helps also a bit
also - i always suggest NOT to use the above - unless needed, and you know what to do; they tend to harm much more than help you!
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

LVL 63

Assisted Solution

btan earned 250 total points
ID: 40582352
Also beware of Potentially unwanted programs (PUP, exp those from, or not reputable site, they are not worthy of their claim (there are some which will prompt you to opt out) as they bundle those PUPs with their downloadable content. Surprising those listed can be tagged as PUP (e.g. Optional.PUP, PUP.Spyware, Adware.PUP ...) by AV or anti-malware s/w in machine. I know of MalwareBytes though being reputable can be tagged as PUP. So better to check them if you are on the conservative side (as mentioned in my prev post).

I do see MalwareBytes, Zookaware (Spy Zooka and Reg Zooka aka Speed Zooka),  and ParetoLogic (Reg Cure Pro) from reputable companies but not for Driver Support & Driver Update though.

I will not relay on one defensive s/w like anti-keylogger (e.g. Spyshelter - to replace other existing, and they are all layer of defense to alert if the stealthy malware bypass most esp when it is of rootkit or bootkit type. Typically if prior infection vector is deter, those would not come in easily esp if you done diligence patch and real time scanning as well exercise safe surfing and stay vigilance online always.

Just do not overdo it by overloading your machine and causing s/w or signature conflicts, etc. All s/w need to be patch/upgrade timely too and not be expired unknowingly, likewise they can be vulnerable (no 100% bug free) too ... and become the point of penetration...
LVL 54

Assisted Solution

McKnife earned 125 total points
ID: 40582410
Three approaches:
A rely on AV scanning: upload your setup to and have over 50 AV engines scan it.

B Use applocker or software restriction policies and whitelist only software that you approve, that way, you are at least sure that no additional malware will be downloaded and executed after executing some untrusted potential Trojan.

C the forensic approach: Create a VM, shutdown the clean VM, mount the drive of that VM in your own system before and after the installation of the untrusted software and compare file system and registry before and after. This can be automated using MSI packager programs like the free wininstall LE by scalable software. It requires a little know how but is the only secure forensic approach. This will let you see what exactly the setup of that unknown software did to your system.

But still, you have a software running that you don't trust, not A, not B or C can ensure that this software does no harm. You would need to monitor the network activity of that software by using an application layer gateway software - windows firewall has such a thing, but it is turned off by default when it comes to outgoing connections for technical reasons (malware may instruct another trusted process  like a browser process to do the downloads for it.)

It all comes down to "don't execute software from untrusted sources". if you have to, use A, B or C or a combination of those to minimize the risk.
LVL 18

Expert Comment

ID: 40582420
Often if you don't read the license agreement and just click on accept, then you could be potentially installing pups without even knowing it. This is how they make the software free, by installing Potentially unwanted programs (pups). PUPs are not always classified as malware, or bad, most are just unwanted or unneeded. Even programs like Java, or flashplayer are bundled with PUPs, such as the ask tool bar. You need to uncheck the box when you are installing Java so the ask tool bar is not installed. I have seen even free antivirus applications bundled up with PUPs, so be careful to what you are agreeing to, and watch the install process so you can uncheck boxes that want to install these pups.

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware is a malware that is again in the list of security  concerns. Not only for companies, but also for Government security and  even at personal use. IT departments should be aware and have the right  knowledge to how to fight it.
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
Video by: Tony
This video teaches viewers how to export a project from Adobe Premiere Pro and the various file types involved.
Viewers will learn how to use the Hootsuite Dashboard.

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question