Ultimate Virus Sniffer is a very powerful tool which can help experts to manually detect and remove malware.
Unzipping the program download reveals a mass of oddly-named files. Should you launch start.exe, startd.cmd, startf.exe...?
We went with start.exe, and were offered the option to scan a remote computer, launch the program under various users, automatically unload/ freeze unknown DLLs/ threads (risky, but may help if active malware is blocking your investigations). We just ran the program as the current user, and a moment later it appeared.
The program opens with a quick system scan (< 1 minute), before highlighting objects it thinks are suspicious. In our case this produced 38 false alarms and nothing else at all, so we wouldn't rely on it too much.
Ultimate Virus Sniffer gets much more interesting when you begin to explore the other views on offer. It's able to list running processes, loaded modules, Windows services, startup programs, codecs/ filters, network adapters, active programs with network connections, scheduled tasks, processes without visible windows, the contents of your host file, and much more.
The presentation of this information is generally poor (it's just dumped in a basic table), but Ultimate Virus Sniffer makes up for this with some very lengthy context menus. Right-click a process, for instance, and you'll find options to open its folder, check it at VirusTotal/ SystemExplorer.net/ Runscanner.net/ Virusscan.Jotti.org, verify its digital signature, restore the original file with Windows SFC, unload or delete it, disable it using direct disk access (so bypassing any permissions issues or rootkit hooks), or maybe just prevent it from being run.
Browsing the rest of the menus reveals even more features. The program can detect hidden modules or a tweaked MBR (maybe), find file data streams, back up and restore the Registry, launch common Windows tools, verify files with hashes or digital signatures, run custom scripts, and more.
While this is technically impressive, the interface is horribly basic. We expected the folder selector to be vaguely Explorer-like, for instance, but no: it's just two listboxes and a few text buttons. You don't get any choice of views, no context menus. You can't even resize the listboxes or the selector window, which meant that only the first 36 characters of any file name were visible on our test PC.
Ultimate Virus Sniffer is still worth the download as a system information tool, and it does have plenty of malware-detecting (and general PC troubleshooting) power. Just be prepared for various usability hassles as you try to find your way around.
And, please note, some of the tools here - like the ability to rewrite your MBR - can seriously damage your PC if they're used incorrectly. Treat the program with extreme care.
Ultimate Virus Sniffer can tell you a great deal about the processes running on your PC, and has some capable virus detection and removal tools. A horribly basic interface makes it uncomfortable to use, but we'd still keep a copy around for malware-related emergencies.