Free Tool

Free Malware Analysis Tool

MetaDefender Client

MetaDefender Client is the most thorough free malware analysis tool available. By running data through MetaDefender Cloud, MetaDefender Client performs a deep endpoint forensic analysis for malware using several unique methods. Use MetaDefender Client to look for threats and assess the security state of your endpoint if you think it may be compromised.

Methods:

Memory Module Multi-Scanning

Running over 40 anti-malware engines that use heuristic detection, MetaDefender Client analyzes all running processes and loaded memory modules. It performs a deep scan, analyzing the DLLs accessed by these processes for malware as well. This results in a deeper analysis than other free tools like Process Explorer or VirusTotal.

And it does all of this quickly – in just a few minutes.

When you run it, MetaDefender Client begins scanning all processes and DLL files for any threat.

MetaDefender Cloud Client Scan In Process

MetaDefender Cloud Client Operating Memory Scan

Once the analysis is complete, a summary will be shown of the potential threats that were identified.

MetaDefender Cloud Client Scan Summary

You can click on each individual result to see the specific processes and DLLs that may be infected. MetaDefender Client is unique in allowing you to review the results on such a granular level.

Highlight a process to see the results of the analysis. Click the arrow next to it in order to see the libraries accessed by the application while it runs.

MetaDefender Cloud Client Process

In the bottom pane, the scan result for each individual anti-malware engine will be listed.

MetaDefender Cloud Client Process Analysis Details

You can also see a list of potentially infected files in the “Suspicious Files” tab. Click on each file to see the threats and which anti-malware engines identified them.

MetaDefender Cloud Client Suspicious Files Tab

Local Anti-malware Analysis

Simultaneously, MetaDefender Client is also checking your local anti-malware engine’s history. Using a unique and effective method, MetaDefender Client analyzes the threats logged by your endpoint’s anti-malware engine, sifting through the data for patterns.

If a threat shows up multiple times in the anti-malware engine's history, MetaDefender Client will bring this to your attention. Repeated threats may indicate a number of issues. For example:

  • Your anti-malware engine has attempted to quarantine an infection but has not been able to do so, and you may need a more robust security solution
  • Malware is being downloaded regularly due to user error

This method of threat detection is another effective way of checking for potential malware infections.

Supported Operating Systems

MetaDefender Client supports Windows 7, 8, 8.1, and 10, as well as Windows Server 2008 R2, 2012, 2012 R2, and 2016. (The commercial version supports additional operating systems, including Debian, Ubuntu, and CentOS Linux.)

Use MetaDefender Client when you suspect a machine is infected and you want to find out what and where the infection is. The tool gives you excellent visibility into your endpoint’s processes and the performance of your current anti-malware engine. MetaDefender Client runs one time and will not impact your endpoint's performance.

Ready to Start Using MetaDefender Client?