Page 1 of 2 12 LastLast
Results 1 to 15 of 17
  1. #1
    iNET Interactive
    Join Date
    Jan 2010
    Location
    Seattle, WA, USA
    Posts
    380
    Thanks
    1
    Thanked 29 Times in 24 Posts

    Update: Tools to remove almost any malware


    On Security

    Update: Tools to remove almost any malware


    By Fred Langa

    Special-purpose anti-malware scanners not only clean up some of the worst forms of malware, they can also be used for routine deep scans.

    Here are 12 tools you can use to verify that your full-time anti-malware tool is truly keeping your PC malware-free.

    The full text of this column is posted at windowssecrets.com/top-story/update-tools-to-remove-almost-any-malware/ (opens in a new window/tab).

    Columnists typically cannot reply to comments here, but do incorporate the best tips into future columns.

  2. #2
    3 Star Lounger
    Join Date
    Dec 2009
    Location
    Hartford, WI, USA
    Posts
    370
    Thanks
    153
    Thanked 62 Times in 37 Posts
    Fred,

    Thank you, very good article and reminder. I have some question(s) though.

    Your repeatedly used formulations like "Iíve run it on Win8 and Win10 systems without trouble" or something similar to this effect.

    Just writing this I think I want to know if you ran these utilities against systems that you knew where infected with real viruses and/or rootkits?

    Or did you just want to ascertain that they did not blow up with silly messages like"Wrong or unsupported operating system" or similar?

    TIA for your response
    Eike
    Eike J Heinze
    What I am about
    SE Wisconsin

  3. #3
    3 Star Lounger
    Join Date
    Dec 2009
    Location
    Bozeman, MT
    Posts
    328
    Thanks
    2
    Thanked 3 Times in 3 Posts
    Someting I've never been clear about: Do rescue disks have to be constantly updated for latest malware?

  4. #4
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,199
    Thanks
    48
    Thanked 987 Times in 917 Posts
    Depends on whether the disk has a network client to allow it to update automatically, but generally, yes, you need the latest rescue disk.

    cheers, Paul

  5. #5
    3 Star Lounger
    Join Date
    Dec 2009
    Location
    Bozeman, MT
    Posts
    328
    Thanks
    2
    Thanked 3 Times in 3 Posts
    Thanks. Since a rescue disk is typically put aside for emergencies, it would seem to defeat the purpose to have to check for and burn new versions frequently. That's why I've been reluctant to use them.

  6. #6
    Super Moderator Rick Corbett's Avatar
    Join Date
    Dec 2009
    Location
    South Glos., UK
    Posts
    2,143
    Thanks
    101
    Thanked 580 Times in 464 Posts
    Just bear in mind that it's only a temporary update. When you boot from the rescue media (CD or USB) the software creates a RAM disk. The network client downloads the latest AV definition updates to the RAM disk (and any AV engine update). When you reboot, the updates are gone and your rescue media itself hasn't been updated.

    I've used the Avira Rescue System on CD and USB in the past (and very good it was too, albeit rather slow). This seemed to use a single VDF (Virus Definition File) update which took some time to download and became progressively slower to download as the file grew in size. I haven't used Avira Rescue System for a while so this may have changed.

    I currently use the Kaspersky Rescue Disk using a 2GB USB stick (used in conjunction with my main 'utilities' USB stick with AdwCleaner, etc. on it). It's rare that any of my family/friends' PCs/laptops cannot boot from this USB stick but I can always burn a disk if needed. The Kaspersky Rescue Disk system uses small, cumulative differential updates rather than one huge definition file so it's usually quicker to update the RAM disk, particularly if you use the Update utility.

    Hope this helps...

  7. #7
    3 Star Lounger
    Join Date
    Dec 2009
    Location
    Bozeman, MT
    Posts
    328
    Thanks
    2
    Thanked 3 Times in 3 Posts
    Yes, it does. Thamks

  8. #8
    New Lounger
    Join Date
    Dec 2009
    Location
    Anderson, South Carolina
    Posts
    5
    Thanks
    3
    Thanked 3 Times in 2 Posts

    Warnings about McAfee's Stinger

    After reading the article yesterday I downloaded and ran "Stinger-ePO for 64bit systems" from McAfee to check for rootkits on my Win 7 Pro 64-bit computer. In looking at Stinger's settings I discovered scanning for rootkits was not checked by default. I checked it. Also, running Stinger installed "Real Protect".

    Not wanting to run Real Protect, I ended Real Protect using task manager and I removed all of the downloaded Stinger files. Later, my Zone Alarm firewall blocked something called "McAfee Validation Trust Protection Service" trying to access the Internet. A search revealed the service is difficult to stop and difficult to delete. I got rid of it by reloading a restore point I had created before I ran Stinger.

  9. The Following 2 Users Say Thank You to jmaloney For This Useful Post:

    eikelein (2016-04-20),Rick Corbett (2016-04-15)

  10. #9
    Lounger
    Join Date
    Aug 2013
    Location
    VA, USA
    Posts
    31
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I have been trying to implement your suggestions re malware cleanup. I don't understand the difference between MRST and "Safety Scanner." Do I need to run both of these? Also, when I went to download "Safety Scanner" there was a note that indicated that the software is only good for 10 days and has to be reloaded every 10 days thereafter. Is this correct?

    Thanks!

  11. #10
    Super Moderator Rick Corbett's Avatar
    Join Date
    Dec 2009
    Location
    South Glos., UK
    Posts
    2,143
    Thanks
    101
    Thanked 580 Times in 464 Posts
    Quote Originally Posted by jmaloney
    After reading the article yesterday I downloaded and ran "Stinger-ePO for 64bit systems" from McAfee to check for rootkits on my Win 7 Pro 64-bit computer. In looking at Stinger's settings I discovered scanning for rootkits was not checked by default. I checked it. Also, running Stinger installed "Real Protect".

    Not wanting to run Real Protect, I ended Real Protect using task manager and I removed all of the downloaded Stinger files. Later, my Zone Alarm firewall blocked something called "McAfee Validation Trust Protection Service" trying to access the Internet. A search revealed the service is difficult to stop and difficult to delete. I got rid of it by reloading a restore point I had created before I ran Stinger.
    The ePO (e-Policy Orchestrator) versions are for 'managed' devices, i.e. within a 'corporate/business' environment. If yours is a home computer then, on the face of it, you have the choice of downloading a non-ePO version without Real Protect or with a Beta version of Real Protect.

    stinger.png
    Click to enlarge

    To see what was happening for myself I downloaded and ran the Stinger for x64 systems version, i.e. the non-ePO version supposedly without the Beta version of Real Protect, in a new VM. The EULA informed me that Real Protect was included, which surprised me.

    stinger1.png
    Click to enlarge

    I checked running processes before I clicked on the Scan button in Stinger's GUI and found RealProtect was already running.

    Thank you for flagging this up...

  12. The Following 2 Users Say Thank You to Rick Corbett For This Useful Post:

    eikelein (2016-04-20),jmaloney (2016-04-17)

  13. #11
    Silver Lounger lumpy95's Avatar
    Join Date
    Feb 2013
    Location
    Mojave Desert CA
    Posts
    1,844
    Thanks
    258
    Thanked 175 Times in 148 Posts
    Over the years, I have tried to avoid McAfee as much as possible because every experience I have had with it has been bad and it's extremely difficult to get rid of anything McAfee once it's been installed or "hitched" a ride with other software.
    Just my opinion.

  14. #12
    Super Moderator Rick Corbett's Avatar
    Join Date
    Dec 2009
    Location
    South Glos., UK
    Posts
    2,143
    Thanks
    101
    Thanked 580 Times in 464 Posts
    Quote Originally Posted by lumpy95
    Over the years, I have tried to avoid McAfee as much as possible because every experience I have had with it has been bad and it's extremely difficult to get rid of anything McAfee once it's been installed or "hitched" a ride with other software.
    Just my opinion.
    Which I would tend to agree with regarding McAfee's home products.

    On the other hand, within the corporate environment I used to work in (with ~6,500 devices), McAfee was easily managed and worked very well re: protection 99% of the time... and Stinger also worked very well for the remaining 1%. (I have no experience since it was bought out by Intel.)

  15. #13
    Lounger
    Join Date
    Dec 2009
    Location
    Phoenix, AZ
    Posts
    30
    Thanks
    1
    Thanked 1 Time in 1 Post
    I expected to see MalWareBytes as a highly rated malware detection tool. Has it not kept up with the times or these other tools are just better at the moment or is it not in the same category?

  16. #14
    New Lounger
    Join Date
    Jan 2010
    Location
    Flagstaff, Arizona, USA
    Posts
    9
    Thanks
    0
    Thanked 0 Times in 0 Posts
    After running all the apps which did not require booting from a CD etc., I downloaded the Windows Defender Offline and booted from the resulting disk. Every attempt to actually use it resulted in an error when attempting to update data files. This makes sense, since I had no internet connection after booting from a CD, but I had downloaded it only a few minutes before - how could it possibly be out of date? There was no way around this problem and the program would never allow me to start a scan. Yes, there are other tools, but I'd like to know how to actually run this one.

  17. #15
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    4,753
    Thanks
    171
    Thanked 652 Times in 575 Posts
    Quote Originally Posted by klompen View Post
    After running all the apps which did not require booting from a CD etc., I downloaded the Windows Defender Offline and booted from the resulting disk. Every attempt to actually use it resulted in an error when attempting to update data files. This makes sense, since I had no internet connection after booting from a CD, but I had downloaded it only a few minutes before - how could it possibly be out of date? There was no way around this problem and the program would never allow me to start a scan. Yes, there are other tools, but I'd like to know how to actually run this one.
    My understanding is that it should scan immediately when you boot to it on a CD/DVD, as it's only intended to be updated on a USB flash drive:

    If you created a CD or DVD you shouldn't reuse it; it contains definitions to help it detect malware. Definitions are updated frequently so the definition files on the CD or DVD will be out of date. If you created a USB flash drive, you can reuse it. Windows Defender Offline will update the definitions when you rerun the wizard.
    Windows Defender Offline: frequently asked questions: I've used Windows Defender Offline before, can I re-use the CD or DVD that I created?
    Last edited by BruceR; 2016-04-19 at 01:16.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •