00000ceb
�REPLYTO: 1:396/3 UUCP
�REPLYADDR: me@privacy.invalid
From: Diesel
"(PeteCresswell)"
news:d6tscadrqd4mqain92ui2e2486pn894suk@4ax.com Sun, 01 Feb 2015
18:53:40 GMT in alt.comp.anti-virus, wrote:
> Just ran BitDefender against my trusted "Good" Win-7 system image
> for my 24-7 box. (restored for the purpose) and it came up with 7
> instances of malware.
>
> I have been running Avast on this system since Day-1.
>
>
> "OK, let's try it on my ZenBook laptop....".
>
> OOPS!... 67 "Infected Items" and 1 "Suspected Items".
It would have been very helpful if we knew what it was calling
infected and suspected. The number itself isn't very telling. Some
apps count registry key values as 'infected'.
> Should have run MalWareBytes, but did not think of it at the time
> and now the Bad Guys have been removed.
Malwarebytes is still a useful tool, so long as it doesn't happen to
have a major bad definition in it's database again. I wouldn't rely on
it and it alone to determine a system is clean though. I've seen
several instances of PuP class malware that Malwarebytes just doesn't
detect. I have noticed Adwcleaner has been handy so far in that
respect. Excluding one case where I had to manually remove the
offensive addon from chrome by editing it's configuration file.
Along with pup malware, I've spotted a few trojans that Malwarebytes
managed to miss; Yes, I turn them in when that happens and
Malwarebytes can't really be held responsible for having missed them.
They turned out being server side polymorph generated anyway. Nearly
ALL AV/AM products have issues with that technology, by design. The
polymorph engine design, that is. Server side complicates the issue
further because you can't even try to lock onto the poly engine; as
the executables themselves only have a decoder and it's poly generated
by a program we don't have access to for analysis.
> What are the chances of these two results being correct?
It really depends on what they reported having found.
> If good, then it sounds like an anti-virus with realtime web and
> email scanning enabled still is not sufficient..... (??)
If you're looking for something bullet proof, you're wasting your
time. What are you realistically expecting as far as protection goes?
> If that's the case, what do Those Who Know do?
Again, it would be extremely helpful to know what the products
reported detecting. You haven't provided enough information to be of
any real help to you, here.
> MalwareBytes on some sort of schedule?
That's a decision I cannot make for you. The paid version allows
scheduling, the free/limited version does not. You can no longer trick
it via windows scheduler as it currently doesn't support command line?
anymore. <-- I do not have the newest version on hand so cannot
confirm that command line support has been restored. Last I checked,
it wasn't.
> Boot to BitDefender on some sort of schedule?
If there is any way for you to provide more specific information, it
would be very helpful to those trying to advise you.
--
My truck does not leak. It's just marking its territory!
--- NewsGate v1.0 gamma 2
* Origin: News Gate @ Net396 -Huntsville, AL - USA (1:396/4)
|