Malwarebytes

Started by Glenn, Dec 05, 2008, 21:10:19

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

Rik

Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Rik

Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

JohnH

Did you uninstall your regular antivirus before running this, Rik?


Rik

No, it runs straight from the downloaded file, John, and seems happy to co-exist.
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

JohnH

Thanks Rik. I'll give it a go.  :thumb:

Gary

You have to redownload it though as it does not actually update?
Damned, if you do damned if you don't

Rik

You do, Gary, an update is literally downloading the new version. As it needs no installation, it's not too onerous though.

Have you seen my request for you to repost your iPhone barcode app in the new sticky in the new board?
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Gary

Quote from: Rik on Oct 02, 2009, 18:38:19
You do, Gary, an update is literally downloading the new version. As it needs no installation, it's not too onerous though.

Have you seen my request for you to repost your iPhone barcode app in the new sticky in the new board?
seems a bit onerous to me, tried it and all clean, I'll stick to prevx which is only a 769kb download, and no so I shall go see  ;D
Damned, if you do damned if you don't

Rik

Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

JohnH

Quote from: Gary on Oct 02, 2009, 18:36:10
You have to redownload it though as it does not actually update?

Did all that and nothing found. Don't think I will stick with it, though. It seemed to slug my machine. During install, a couple of times it took forever to log off and come back up and I had horrible blue screen premonitions.  :eek4:

karvala

The update should be very straightforward; there's an update button on the splash screen which links to the new version which you then download.  It's a bit crude, but nice and simple!  I would concede, though, that the one real weakness of DrWeb is a potential lack of stability; a sizable number of people who use it find it crashes partway through a full scan.  It didn't happen to me, and admittedly most people that are using for the first time are doing so when their machine is in a pretty bad way, so it might not be entirely down to DrWeb, but I think because it does such a deep clean sometimes it can push a system over the edge.  I've not known it actually mess anything up, though, or even give a BSOD; just an application crash.

While we're talking of stability and in, um, Autumn clean mode, I should mention one other tool I've used in the last few days.  Following the infection I wanted to ensure that all malware was gone from the system, and as I'm sure you all know, even the most sensitive of anti-virus and anti-spyware products won't detect rootkits unless they're specifically designed to do so.  There are a few rootkit detectors out there, but stability is a real problem in this area because they're actively interfering with Alternative Data Streams and engaging in direct disk access.  The popular Rootkit Revealer from Symantec, for example, while being quite respectable in terms of detection, has a quite horrendous stability record.  One product I've come across, also quite popular, is called Rootkit Repeal, and I was frankly amazed at how rock solid it seemed to be, even on my rather congested and complicated system.  It has a variety of different types of scans (processes, memory modules, files, stealth objects, hidden processes etc.), each of which can be run separately, or a single report compiled from all or any combination of them.  In that sense, it's also easy to use.  What it won't do, in common with all other rootkit detectors, is actually remove anything (which could be very hazardous in terms of system stability), but it will give you a clear idea of what is going on behind the scenes on your system.  Mouse, keyboard, disk driver hooks, for example, will be apparent, as will malware that won't show up in any file browser (completely hidden from the API).  Not for everyday use, but useful if you suspect you might have a rootkit, or you're just curious about what low-level drivers (such as application protection systems) are intercepting system function calls.

Simon

I use F-Secure Internet Security, which has built in rootkit detection, but it's never found one, thankfully.
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

J!ll


Rik

What are you comparing it against, Jill?
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

J!ll

SuperAntiSpyware. This is stopping everything! I've also ditched my virus scanner so trailing NOD  ;D Something is working! fan is quieter  ???

Rik

I would always use two scanners, eg SAS and Malwarebytes, none of them catch everything. What AV have you moved from?
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

J!ll

I think it was AVG  :)

J!ll

I get a little suspicious when one shows 96+ problems (virus/Trojan) and the other 5!

Rik

But which one do you get suspicious of? ;)
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Rik

Quote from: J!ll on Jun 15, 2010, 18:36:29
I think it was AVG  :)

NOD's a big improvement, imo.
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

J!ll

Quote from: Rik on Jun 15, 2010, 18:48:42
But which one do you get suspicious of? ;)


That's the problem I have!  :dunno: