Positive things about Antivirus and related software

View previous topic View next topic Go down

Positive things about Antivirus and related software

Post by ssj100 on 24/5/2010, 08:23

Recently I went over to a friend's place to help out with his computer problems. On one of his desktops, he was running Windows XP with multiple admin accounts. Everything had slowed down over the last few months, and worse in the last few weeks. He was noticing random pop-ups every so often, and he was unable to login to his Yahoo web mail account.

I downloaded and ran Hitman Pro and it didn't find a single malware. Next, I downloaded and ran Avira AntiVir Personal 10 (with highest heuristics) on his system and it found 2 infections (adware/spyware) which were successfully removed. It didn't really make any difference to his system. Finally, I downloaded and ran Malwarebytes' Anti-Malware (MBAM) and it found over 200 infections (mostly trojans and some adware/spyware/viruses)! After successfully removing most of these, his system was more functional and responsive again.

So there you have it. In terms of "curing" hosed machines, MBAM is the one to use. I was very surprised that Hitman Pro failed to find anything - perhaps most of the malware was inactive or hiding in areas where Hitman Pro does not scan? Anyway, MBAM once again shows itself as probably the best scanner out there to salvage infected machines.

_________________
Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)
avatar
ssj100
Administrator
Administrator

Posts : 1389
Join date : 2010-04-14

View user profile http://ssj100.fullsubject.com

Back to top Go down

Re: Positive things about Antivirus and related software

Post by Guest on 25/5/2010, 13:32

Yeah,I have never been a Malwarebytes man,but the overwhelming number of people who testify as to its ability to clean an infected system is just too hard to ignore.
(Particularly since you have added your voice).

Hopefully,You and I,and others on this forum will not need its services!!

HitmanPro gave me me a false positive today on the exe for OnLineArmours Cloud scanner,which is nothing more than EMSI's MalAware,re-branded.

(this was only with the full scan,the right click scan was clean.)
Good or bad? It is the right click I use most often!!

The latest version of MalAware was also Kosher per HitManPro.

So I am wondering once more about Hitman.

noor

Guest
Guest


Back to top Go down

Re: Positive things about Antivirus and related software

Post by ssj100 on 25/5/2010, 14:01

MBAM is for sure one of the best scanners to "detect and cure". However, I'm not convinced that it's the best scanner to give the best opinion on newly introduced files. In fact, I'm not realy sure if there is such a thing as "the best" in this scenario. I like Hitman Pro because it basically gives me the opinions of 6 scanners ("in the cloud", hence always udpated) in an instant.

Ideally, Virustotal would be "the best", since it provides the opinion of 41 scanners. Unfortunately, if your upload speed is slow and if you want to scan multiple files at once, it becomes very slow and/or impossible with services like Virustotal.

_________________
Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)
avatar
ssj100
Administrator
Administrator

Posts : 1389
Join date : 2010-04-14

View user profile http://ssj100.fullsubject.com

Back to top Go down

Re: Positive things about Antivirus and related software

Post by Guest on 26/5/2010, 03:16

ssj100,When you use HitmanPro do you use the right click scan to scan downloads,or just run the full scan?

The Online armour cloud scanner false positive above, only comes up with the full scan.
The right click scan is negative.

Is right click somehow more accurate?

I always just use right click to scan the content of my desktop downloads folder.

noor

ps# link to OnLine Armour cloud scanner if you want to see the detection:
http://www.online-armor.com/cloudscan.php

.

Guest
Guest


Back to top Go down

Re: Positive things about Antivirus and related software

Post by ssj100 on 26/5/2010, 09:40

noorismail wrote:ssj100,When you use HitmanPro do you use the right click scan to scan downloads,or just run the full scan?

The Online armour cloud scanner false positive above, only comes up with the full scan.
The right click scan is negative.

Is right click somehow more accurate?

I always just use right click to scan the content of my desktop downloads folder.

noor

ps# link to OnLine Armour cloud scanner if you want to see the detection:
http://www.online-armor.com/cloudscan.php

.

I generally use the right click scanner, but I use the full system scan every now and then also for funsies. This Online Armor cloud scanner file is very strange indeed. This is what I'm noticing when scanning with Hitman Pro 3.5.5 Build 98:
1. Right click scan on file - detected by Prevx as "Medium Risk Malware"
2. Right click scan on folder containing the file - no detection
3. Full system scan with the file located on my desktop: detected by Prevx as "Medium Risk Malware"

This is not the first time that I'm noticing Hitman Pro behave like this, and I doubt we'll ever know why. The developer is usually very vague with these types of queries (possibly because he genuinely has no idea). I remember asking him about why I suddenly couldn't successfully run Hitman Pro sandboxed and he never got back to me. Pity.

Regardless, I really can't think of anything better than Hitman Pro as a pure on-demand scanner (despite its numerous flaws). I really can't be bothered continually updating signature files with AV scanner products, and also most AV scanner products can't be configured to be purely on-demand either. Given that Avira only detected 2 files on my friend's PC (where MBAM picked up over 200 infected files) doesn't shed a positive light on Avira (and therefore AV scanners in general). I think MBAM would be a very good choice as an on-demand scanner, although there's the annoyance of having to update its signature database every time you run an on-demand scan. I'm sticking with Hitman Pro for now. And it appears that the best way to scan newly introduced files would be to do a full system scan! This is a little annoying, as it takes anywhere between 30 seconds to just over a minute to complete one of these full scans - a right click scan (with any product) would only take a few seconds.

To be honest, I could easily do without any local on-demand scanners - the content I download and the way I treat newly introduced files (with my security approach) means that I could easily do without any on-demand scanners.

_________________
Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)
avatar
ssj100
Administrator
Administrator

Posts : 1389
Join date : 2010-04-14

View user profile http://ssj100.fullsubject.com

Back to top Go down

Re: Positive things about Antivirus and related software

Post by Guest on 26/5/2010, 10:43

"To be honest, I could easily do without any local on-demand scanners - the content I download and the way I treat newly introduced files (with my security approach) means that I could easily do without any on-demand scanners."

I am pretty much with you there at this stage.

On another strange note,at first HitManPro detected the OnlineArmour Cloud Scan exe,with its Prevx engine,only on the full scan.

Not on the right click.

(I did not try it in a folder)

Now it detects it,as you said,as medium risk malware,full scan,right click,and (unlike your experience,within a folder!!)

Another thing that may not be germane to the issue at all,but still puzzles me,is why if OnlineArmour Cloud scanner,is simply a re-branded EMSI MalAware,is MalAware not also detected?

Actually I was looking at this scanner as a possible replacement for
HitManPro,but alas,no right click!!

noor

Guest
Guest


Back to top Go down

Re: Positive things about Antivirus and related software

Post by Ruhe on 19/6/2010, 11:57

Some of the products that claim to run on 64bit have components that don't run or are restricted on 64bit.
avatar
Ruhe
Valued Member
Valued Member

Posts : 261
Join date : 2010-04-16
Location : Germany

View user profile

Back to top Go down

Re: Positive things about Antivirus and related software

Post by Buster_BSA on 22/7/2010, 00:10

I recommed DrWebCure It! for disinfections, specially for rootkits.

The disinfection technology of Dr.Web has been always excellent, since MS-DOS times.
avatar
Buster_BSA
Member
Member

Posts : 87
Join date : 2010-07-21

View user profile

Back to top Go down

Re: Positive things about Antivirus and related software

Post by Sponsored content


Sponsored content


Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum