Maher's Digital World

Computing => Programs => Topic started by: Vasudev on June 02, 2014, 12:06 PM

Poll
Question: Are you finding this helpful?
Option 1: Yes votes: 10
Option 2: No votes: 1
Option 3: Don't Know votes: 2
Title: (New) Testing Anti Virus Suites
Post by: Vasudev on June 02, 2014, 12:06 PM
These links given below will test your Anti Virus Or your Security tools and these links contains real viruses that are very dangerous(having tested myself ).
Please Be Careful about the files,don't double click the file for example: one of the files would be Whatsapp.exe which is backdoor.
And Hereby declare that I'm not responsible for damaging your PC's and they themselves be responsible for actions taken.
This test is for educational awareness.
Recommended Tools if infected use MalwareBytes AntiMalware & if windows installation is corrupted use tweaking.com's windows repair.


Now here's the link for Malware pack:

Link to malicious sample/URL: hxxp://www59.zippyshare.com/v/1966202/file.html
Password for the malicious sample:infected

Note:Replace xx with tt.

For More Info visit this site:
http://malwaretips.com/forums/virus-exchange.104/

Title: Re: Testing Anti Viruses Suites
Post by: Vasudev on June 02, 2014, 04:20 PM
Quote from: usmangujjar on June 02, 2014, 01:53 PM
Vasudev-- what is the benefit to test this download??
if anyone using outdated AV, he will be infected, you should must tell here that before testing this we must have back up of our data.
You come across wide variety of files that seem legit but are not and urge people not to click unknown or unsafe links & be safe on the internet.
Title: Re: Testing Anti Viruses Suites
Post by: iih on June 02, 2014, 06:30 PM
Quote from: usmangujjar on June 02, 2014, 01:53 PM
Vasudev-- what is the benefit to test this download??
if anyone using outdated AV, he will be infected, you should must tell here that before testing this we must have back up of our data.

it's no problem with me ...see image below: (Test by ESET ESS 7.0.317.4 OEM License)

(https://i.ibb.co/QKX550J/atest.png)
(https://i.ibb.co/gJvqpMj/testmal.png)
Title: Re: Testing Anti Viruses Suites
Post by: Vasudev on June 02, 2014, 06:36 PM
Quote from: iih on June 02, 2014, 06:30 PM
Quote from: usmangujjar on June 02, 2014, 01:53 PM
Vasudev-- what is the benefit to test this download??
if anyone using outdated AV, he will be infected, you should must tell here that before testing this we must have back up of our data.
it's no problem with me ...see image below: (Test by ESET ESS 7.0.317.4 OEM License)

(https://i.ibb.co/gJvqpMj/testmal.png)
Did you notice some files which masks as legit files
Title: Re: Testing Anti Virus Suites
Post by: iih on June 02, 2014, 06:40 PM
i don't know, might be from MalwareTips.com Malware/virus test files.
Title: Re: Testing Anti Viruses Suites
Post by: iih on June 02, 2014, 06:45 PM
Quote from: usmangujjar on June 02, 2014, 06:34 PM
IIH- dear brother i know its not problem for average users.
but someone may damage their data with this test,
i told, just for care..
Give it a try With your AVAST! what AVAST! did?
Title: Re: Testing Anti Viruses Suites
Post by: iih on June 02, 2014, 06:54 PM
Quote from: usmangujjar on June 02, 2014, 06:49 PM
Quote from: iih on June 02, 2014, 06:45 PM
Give it a try With your AVAST! what your AVAST! did?

Avast detect all viruses, i tried without any hesitation, because i have complete backup of all my data into another detached hard drive,,,,!
good AVAST...all in that RAR file are infected files just for testing puposes. try visit Malwaretips.com to see more
info about virus ghost besides Norton Ghost.
Title: Re: Testing Anti Viruses Suites
Post by: Vasudev on June 02, 2014, 09:06 PM
Quote from: iih on June 02, 2014, 06:54 PM
Quote from: usmangujjar on June 02, 2014, 06:49 PM
Quote from: iih on June 02, 2014, 06:45 PM
Give it a try With your AVAST! what your AVAST! did?

Avast detect all viruses, i tried without any hesitation, because i have complete backup of all my data into another detached hard drive,,,,!
good AVAST...all in that RAR file are infected files just for testing puposes. try visit Malwaretips.com to see more
info about virus ghost besides Norton Ghost.
I double clicked on a file purposefully to see what damage it might do,after a minute or two system hangs because c:\windows was shifted to another directory and i was successful in removing that infection using combination of mbam & ubuntu.Very dangerous viruses indeed
Title: Re: Testing Anti Viruses Suites
Post by: humbert on June 05, 2014, 01:18 AM
Quote from: usmangujjar on June 02, 2014, 06:34 PM
IIH- dear brother i know its not problem for average users.
but someone may damage their data with this test,
i told, just for care..

Keep in mind these files are clearly marked as malware for testing. All testing has risks. Those who decide to test must assume those risks. I like this topic because I feel it's an opportunity to learn more about malware and the best programs to stop it.

As an added measure of safety why not test these inside a sandbox?
Title: Re: Testing Anti Viruses Suites
Post by: Vasudev on June 05, 2014, 10:55 AM
Quote from: humbert on June 05, 2014, 01:18 AM
Quote from: usmangujjar on June 02, 2014, 06:34 PM
IIH- dear brother i know its not problem for average users.
but someone may damage their data with this test,
i told, just for care..

Keep in mind these files are clearly marked as malware for testing. All testing has risks. Those who decide to test must assume those risks. I like this topic because I feel it's an opportunity to learn more about malware and the best programs to stop it.

As an added measure of safety why not test these inside a sandbox?
Thank You Humbert.
Title: Re: Testing Anti Virus Suites
Post by: humbert on June 18, 2014, 06:14 AM
Vasudev -> You've already posted your warning. We all know the risks involved with testing, plus the fact that his topic deals with malware links for test purposes. Aren't you being a little redundant posting the warnings over and over again?
Title: Re: Testing Anti Virus Suites
Post by: iih on June 28, 2014, 12:31 PM
Quote from: Vasudev on June 28, 2014, 10:25 AM


Link to malicious sample/URL:
    hxxps://mega.co.nz/#!E5VzVLhZ!WUqOwSHYatpQkpTndYeaKxf2bqNF-9EdFJDUB97arDk / hxxp://www55.zippyshare.com/v/16693353/file.html

Password for the malicious sample:
    infected
I'm just rely to FireFox 31.0 Beta 5...with WOT...lets see. (ESET ESS 7, KIS2015 TR Make off, Protection disable).
Title: Re: Testing Anti Virus Suites
Post by: Vasudev on July 04, 2014, 04:41 PM
The samples are created into a rar or zip files and stored on cloud.
Title: Re: (Updated) Testing Anti Virus Suites
Post by: scarface on July 20, 2014, 08:01 PM
3 not detected for me...
pcktools, pi3,141592 and zeus pc booster.

(https://i.ibb.co/gWLhbcC/878540vir.png)
Title: Re: (Updated) Testing Anti Virus Suites
Post by: Vasudev on July 20, 2014, 09:39 PM
are you using eset or vba32 scanner or open source ones.
Title: Re: (Updated) Testing Anti Virus Suites
Post by: scarface on July 20, 2014, 09:58 PM
It's mcafee virusscan enterprise.
Title: Re: (Updated) Testing Anti Virus Suites
Post by: humbert on July 21, 2014, 02:44 AM
Scarface -> How do you test all this malware such that it won't result in a problem for your system? Do you simply unzip them to a directory and check that directory or is there more to it than that?
Title: Re: (Updated) Testing Anti Virus Suites
Post by: Vasudev on July 21, 2014, 09:47 AM
Scarface ->Good Eset,Kaspersky,BD also reported the same result.
Extract the files to another drive & testing  is safe & permanently delete them after use.
Title: Re: (Updated) Testing Anti Virus Suites
Post by: Vasudev on August 02, 2014, 07:01 PM
Link to malicious sample/URL:
    hxxps://mega.co.nz/#!tl4hjBzI!u03Z6iBxvBY0YrqQZwc_hMLb6RnzVuPrxJ7uzM-lO-Q

Password for the malicious sample:
    infected

This sample has so many undetected malware even undetected by BD,mbam etc.
Important Note for all users:
1)Apply Latest Update before scanning.
2)Send undetected samples to your respective AV Co.
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on December 24, 2014, 06:40 PM
New links updated!! ;)
Link to malicious sample/URL:
    hxxp://www25.zippyshare.com/v/66512038/file.html

Password for the malicious sample:
    infected

Title: Re: (New) Testing Anti Virus Suites
Post by: cha on December 26, 2014, 06:01 AM
of course yes, helpful for me.
I never play around with test suspicious files / Infected test files, bit worried.
Title: Re: (New) Testing Anti Virus Suites
Post by: iih on December 26, 2014, 06:06 AM
No need to worried, so far your Virus guards have RTP (Real Time / Web Protection)
and updated, you good to go then. Give it a try.
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on December 26, 2014, 08:32 AM
Quote from: iih on December 26, 2014, 06:06 AM
No need to worried, so far your Virus guards have RTP (Real Time / Web Protection)
and updated, you good to go then. Give it a try.
Don't double click those files just scan with your AV because all files are very dangerous trojans,backdoors and fake programs.
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on January 02, 2015, 09:56 AM
Link to malicious sample/URL:
    hxxp://www72.zippyshare.com/v/33746161/file.html

Password for the malicious sample:
    infected

Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on May 11, 2015, 11:13 AM
New!!
Link to malicious sample/URL:
    hxxps://mega.co.nz/#!2ZAF1JCC!gEHrMahgD_VfT_cfzuZWEOvQBWp10cXG7eKY9fcSPWA

Password for the malicious sample:
    infected

Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on June 12, 2015, 04:02 PM
New links:
Link to malicious sample/URL:
    hyyp://www58.zippyshare.com/v/9PliddzL/file.html

Password for the malicious sample:
    infected

Verified Malware Samples:
    Yes, this only contains malware

Online-scanners results:
    https://www.virustotal.com/file/66381c7f89693b23a276cbf2382d121f9e998286e151375d596f75014998f865/analysis/
    https://www.virustotal.com/file/68a1f28e56845d4598c91409e05275c77606cd512b9a9aece0efe428b8704616/analysis/
    https://www.virustotal.com/file/81fe862b74c116cbb11599d3596a3d2847a5e17e6961b631f61001fa88a66d04/analysis/
    https://www.virustotal.com/file/999f2ca2c4ccfad26ccef9a9317143ee07ca65080fb932146791224dce68e716/analysis/
    https://www.virustotal.com/file/2542777c6a56edaba5987b0be478a9a92501674a9bb32aedaf5e1852fd76aa22/analysis
Title: Re: (New) Testing Anti Virus Suites
Post by: Yoda on July 19, 2015, 09:17 AM
This is very helpful.

I am using Comodo. It found 35 infections into those 78 files.
I also tried AdAware. It found 70 infections into those 78 files.

Thanks Vasudev...
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on July 19, 2015, 09:35 AM
Quote from: Yoda on July 19, 2015, 09:17 AM
This is very helpful.

I am using Comodo. It found 35 infections into those 78 files.
I also tried AdAware. It found 70 infections into those 78 files.

Thanks Vasudev...
You're Welcome. Its been a while since I updated the links.  Do you use 2 AV's at the same time? I prefer running Ad-Aware, BTW i'm using MSE & MBAM free version.
Title: Re: (New) Testing Anti Virus Suites
Post by: Yoda on July 19, 2015, 01:02 PM
Actually I am only using Comodo.

But... For testing purposes (like this one) I have a couple of Virtual Machines  ;)
So even if I get infected, I don't care... I just have to rollback the VM..

Thanks again for this nice testing file...
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on July 19, 2015, 04:19 PM
Quote from: Yoda on July 19, 2015, 01:02 PM
Actually I am only using Comodo.

But... For testing purposes (like this one) I have a couple of Virtual Machines  ;)
So even if I get infected, I don't care... I just have to rollback the VM..

Thanks again for this nice testing file...
The force is strong within you, Yoda and may you become Jedi Master one day.
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on July 24, 2015, 03:53 AM
This topic deals with malware and programs to get rid of it, so let me post this here.

You guys were correct in that Windows Defender is not too good, so I disabled it and installed Malwarebytes Antimalware. This thing as something called "Malicious Website Protection". One thing I'm seeing is that when I'm downloading a torrent and seeding it, every few seconds Antimalware pops up saying it blocked uploads to what it thinks is a malicious site. No name on the sites being blocked, simply an IP address.

Do any of you guys know what this is about? Are these false alarms? Would it be a good idea to simply disable "Malicious Website Protection" when seeding a torrent I just got?
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on July 24, 2015, 09:08 AM
Quote from: humbert on July 24, 2015, 03:53 AM
This topic deals with malware and programs to get rid of it, so let me post this here.

You guys were correct in that Windows Defender is not too good, so I disabled it and installed Malwarebytes Antimalware. This thing as something called "Malicious Website Protection". One thing I'm seeing is that when I'm downloading a torrent and seeding it, every few seconds Antimalware pops up saying it blocked uploads to what it thinks is a malicious site. No name on the sites being blocked, simply an IP address.

Do any of you guys know what this is about? Are these false alarms? Would it be a good idea to simply disable "Malicious Website Protection" when seeding a torrent I just got?
Might be a false alarm, btw did you pay for mbam? if so, contact their support team and they might point you in right direction. There is strict rule to flag torrent as malware.
There isn't a single AV suite which provides complete protection, but you know this. I install free version of MBAM & MSE. If you're infected without your knowledge, ie. adwares or bundleware, download Kaspersky Virus Removal Tool and scan it, or otherwise you can try downloading KR(Kaspersky Rescue) 10 iso and burn it to usb and boot through it and remove malwares.
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on July 26, 2015, 04:44 AM
Quote from: Vasudev on July 24, 2015, 09:08 AM
Might be a false alarm, btw did you pay for mbam? if so, contact their support team and they might point you in right direction. There is strict rule to flag torrent as malware.
There isn't a single AV suite which provides complete protection, but you know this. I install free version of MBAM & MSE. If you're infected without your knowledge, ie. adwares or bundleware, download Kaspersky Virus Removal Tool and scan it, or otherwise you can try downloading KR(Kaspersky Rescue) 10 iso and burn it to usb and boot through it and remove malwares.

Pay for MBAM (or anything else)?? Are you crazy or something? :) Nobody pays for software, we're pirates, remember?  ;D

There is no question that these are false alarms. It even flagged totalcmd.net (http://totalcmd.net). This is a very reliable site I've been using forever to get all kinds of Total Commander plugins. The problem with the torrents isn't the site itself. It keeps stopping some outbound IP addresses trying to get their hands on a file I'm seeding (not all of them). In the years I've been torrenting I've never had a problem, with the exception of very few files that did contain malware. This is, of course, not the fault of the site nor the torrent client.
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on July 26, 2015, 08:18 AM
Quote from: humbert on July 26, 2015, 04:44 AM
Quote from: Vasudev on July 24, 2015, 09:08 AM
Might be a false alarm, btw did you pay for mbam? if so, contact their support team and they might point you in right direction. There is strict rule to flag torrent as malware.
There isn't a single AV suite which provides complete protection, but you know this. I install free version of MBAM & MSE. If you're infected without your knowledge, ie. adwares or bundleware, download Kaspersky Virus Removal Tool and scan it, or otherwise you can try downloading KR(Kaspersky Rescue) 10 iso and burn it to usb and boot through it and remove malwares.

Pay for MBAM (or anything else)?? Are you crazy or something? :) Nobody pays for software, we're pirates, remember?  ;D

There is no question that these are false alarms. It even flagged totalcmd.net (http://totalcmd.net). This is a very reliable site I've been using forever to get all kinds of Total Commander plugins. The problem with the torrents isn't the site itself. It keeps stopping some outbound IP addresses trying to get their hands on a file I'm seeding (not all of them). In the years I've been torrenting I've never had a problem, with the exception of very few files that did contain malware. This is, of course, not the fault of the site nor the torrent client.
Its better you opt for free version of MBAM. You must download NIS updates for windows defender too for increasing overall effectiveness. Cleanup old defs of defender by typing these commands
1. Open CMD in elevated mode.
2. cd C:\Windows\Program Files\Microsoft Security Client
3. MpCmdRun -removedefinitions -all
4. Load new updates.
Title: Re: (New) Testing Anti Virus Suites
Post by: Yoda on July 26, 2015, 01:33 PM
Quote from: humbert on July 26, 2015, 04:44 AMPay for MBAM (or anything else)?? Are you crazy or something? :) Nobody pays for software, we're pirates, remember?  ;D

LOL!!! +1
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on July 27, 2015, 09:23 PM
@Vasu - What version of Windows are you running? I'm asking because mine doesn't have the folders you mentioned.

Honestly I don't see the need for running more than one anti-malware program. Sure, the threat is there, but it's not that severe.
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on July 28, 2015, 08:36 AM
Quote from: humbert on July 27, 2015, 09:23 PM
@Vasu - What version of Windows are you running? I'm asking because mine doesn't have the folders you mentioned.

Honestly I don't see the need for running more than one anti-malware program. Sure, the threat is there, but it's not that severe.
Just check folder named Windows Defender.
Title: Re: (New) Testing Anti Virus Suites
Post by: Yoda on October 31, 2015, 09:19 PM
Today I tested Avira 2015 Free antivirus
Found 73/78 !!!

I m seriously thinking to remove Comodo antivirus and install Avira
(I will only leave Comodo Firewall)
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on November 01, 2015, 04:23 PM
Quote from: Yoda on October 31, 2015, 09:19 PM
Today I tested Avira 2015 Free antivirus
Found 73/78 !!!

I m seriously thinking to remove Comodo antivirus and install Avira
(I will only leave Comodo Firewall)
Links are pretty much outdated and MSE was able to detect 73/78 on the day the links were posted.
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on November 02, 2015, 01:20 AM
Quote from: Yoda on October 31, 2015, 09:19 PM
I m seriously thinking to remove Comodo antivirus and install Avira
(I will only leave Comodo Firewall)

Malwarebytes Antimalware is pretty reliable. That's what I use. You might want to check it out.
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on November 14, 2016, 05:13 PM
Test malwares in a VM or in sandbox using sandboxie.
Title: Re: (New) Testing Anti Virus Suites
Post by: Shadow.97 on November 17, 2016, 01:45 AM
My experience is that virus scanners go by signature and not behavior (not all ofcourse) and this itself is a security flaw, because alot of viruses go undetected. I made one just for teh lulz in python, a keylogger that sends all input to a remote server. It was not detected by mbam, mse, avast, or avira. I didnt feel like testing more av's. But, it would require a working python installment on the computer.
I really do wonder how many viruses are out there that are undetected.
Today there was headlines about Huawei, ZTE, Xiaomi having malware code sending data to China.
-hugs my T21-A- I love you huawei tablet, even if you send data to China.
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on November 18, 2016, 04:37 PM
Quote from: Shadow.97 on November 17, 2016, 01:45 AM
My experience is that virus scanners go by signature and not behavior (not all ofcourse) and this itself is a security flaw, because alot of viruses go undetected. I made one just for teh lulz in python, a keylogger that sends all input to a remote server. It was not detected by mbam, mse, avast, or avira. I didnt feel like testing more av's. But, it would require a working python installment on the computer.
I really do wonder how many viruses are out there that are undetected.
Today there was headlines about Huawei, ZTE, Xiaomi having malware code sending data to China.
-hugs my T21-A- I love you huawei tablet, even if you send data to China.
You've AppGuard, VoodooShield, MBAM AE and HMPA doesn't rely on signatures but on heuristics. You can check at MalwareTips. Even I'm there to bolster and enhance my PC or mobile security.
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on April 24, 2017, 06:53 AM
I've tested several anti-virus suites and I'd say they're all more or less the same. Some pick up malware that others miss, but I'd say that's pretty normal. Frankly I get far more popups from false positives than from real threats. I was using MBAM, then when it started giving me trouble I installed Avast. If you're worried about a file, simply upload it to Virustotal and check it out there.

I guess if you want to play around with malware, you have to sandbox it. Sandboxie is pretty good, but I recommend running an older copy of Windows as a VM. VirtualBox is elite, I use it and it's awesome plus it's easy to use. Take a snapshot of your VM and restore it once you're done. No harm, no foul.
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on April 24, 2017, 07:42 AM
Quote from: humbert on April 24, 2017, 06:53 AM
I've tested several anti-virus suites and I'd say they're all more or less the same. Some pick up malware that others miss, but I'd say that's pretty normal. Frankly I get far more popups from false positives than from real threats. I was using MBAM, then when it started giving me trouble I installed Avast. If you're worried about a file, simply upload it to Virustotal and check it out there.

I guess if you want to play around with malware, you have to sandbox it. Sandboxie is pretty good, but I recommend running an older copy of Windows as a VM. VirtualBox is elite, I use it and it's awesome plus it's easy to use. Take a snapshot of your VM and restore it once you're done. No harm, no foul.
If you want a change, try Zemana Anti-malware.
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on April 28, 2017, 04:49 AM
Quote from: Vasudev on April 24, 2017, 07:42 AM
If you want a change, try Zemana Anti-malware.

Their site keeps talking about a free trial. Is this all trialware or do they offer a free, crippled version? I swear I hate crippleware.
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on April 28, 2017, 12:58 PM
Quote from: humbert on April 28, 2017, 04:49 AM
Quote from: Vasudev on April 24, 2017, 07:42 AM
If you want a change, try Zemana Anti-malware.

Their site keeps talking about a free trial. Is this all trialware or do they offer a free, crippled version? I swear I hate crippleware.
It comes with 15 days trial after that it reverts to a crippled freeware w/o real time protection.
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on May 02, 2017, 05:25 AM
Quote from: Vasudev on April 28, 2017, 12:58 PM
It comes with 15 days trial after that it reverts to a crippled freeware w/o real time protection.

I've never seen a cracked version of Zemana on any torrent site. In fact I never heard of it until you posted this. As I see it this says a lot - something nobody bothers to upload and/or develop a crack for it must not be very good.
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on May 02, 2017, 07:04 AM
Quote from: humbert on May 02, 2017, 05:25 AM
Quote from: Vasudev on April 28, 2017, 12:58 PM
It comes with 15 days trial after that it reverts to a crippled freeware w/o real time protection.

I've never seen a cracked version of Zemana on any torrent site. In fact I never heard of it until you posted this. As I see it this says a lot - something nobody bothers to upload and/or develop a crack for it must not be very good.
That makes it hard for malwares to bypass it. If you browse malwaretips.com you need hell lot of info about viruses such as access to their source code etc..
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on May 05, 2017, 05:50 AM
Quote from: Vasudev on May 02, 2017, 07:04 AM
That makes it hard for malwares to bypass it. If you browse malwaretips.com you need hell lot of info about viruses such as access to their source code etc..

Assuming this is true, then with so many antivirus programs out there, are you willing to shell out money to pay for this? Not me!
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on May 13, 2017, 03:22 AM
Last night I got fed up, removed Avast and re-enabled Windows Defender. Why? Too many false positives. Also, Avast is supposedly freeware. Actually it's nagware. It nags and constantly reminds you your computer is unsafe unless you pay them money. As I see it, freeware is freeware - no nags nor is anything crippled. Everything else is either crippleware or nagware, and I hate them both with a passion.

I guess the only other real good antivirus-antimalware program I've been running is Malwarebytes 2.21.1043. They "upgraded" it, added all kinds of "features" and in the process turned a good program into a bad one.

I'd say with these 2 programs (especially Avast) I average probably 25 false positives for 1 real detection. From now on if I download a suspicious program, I'll simply upload it to virustotal.com (http://virustotal.com) and check it out that way.
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on May 13, 2017, 05:18 PM
Quote from: humbert on May 13, 2017, 03:22 AM
Last night I got fed up, removed Avast and re-enabled Windows Defender. Why? Too many false positives. Also, Avast is supposedly freeware. Actually it's nagware. It nags and constantly reminds you your computer is unsafe unless you pay them money. As I see it, freeware is freeware - no nags nor is anything crippled. Everything else is either crippleware or nagware, and I hate them both with a passion.

I guess the only other real good antivirus-antimalware program I've been running is Malwarebytes 2.21.1043. They "upgraded" it, added all kinds of "features" and in the process turned a good program into a bad one.

I'd say with these 2 programs (especially Avast) I average probably 25 false positives for 1 real detection. From now on if I download a suspicious program, I'll simply upload it to virustotal.com (http://virustotal.com) and check it out that way.
If you are on W10, use defender, I'm using the same and so far its good. No nags and stuffs. Head over to Majorgeeks to download MBAM 2.x, I didn't like MBAM 3.x, still using 2.x.
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on May 21, 2017, 02:54 AM
Quote from: Vasudev on May 13, 2017, 05:18 PM
If you are on W10, use defender, I'm using the same and so far its good. No nags and stuffs. Head over to Majorgeeks to download MBAM 2.x, I didn't like MBAM 3.x, still using 2.x.

MBAM 2.xx is awesome. I'm not sure if you can tell it to continue downloading virus definitions WITHOUT forcibly upgrading the program. One thing I hate is when these developers add "features" to a great program and end up breaking it.
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on May 21, 2017, 06:26 PM
Quote from: humbert on May 21, 2017, 02:54 AM
Quote from: Vasudev on May 13, 2017, 05:18 PM
If you are on W10, use defender, I'm using the same and so far its good. No nags and stuffs. Head over to Majorgeeks to download MBAM 2.x, I didn't like MBAM 3.x, still using 2.x.

MBAM 2.xx is awesome. I'm not sure if you can tell it to continue downloading virus definitions WITHOUT forcibly upgrading the program. One thing I hate is when these developers add "features" to a great program and end up breaking it.
Yes 99% rather than enhancing the app, they break the app like MSFT.
Title: Re: (New) Testing Anti Virus Suites
Post by: scarface on April 30, 2018, 10:13 PM
If some of you are using windows 10 2004, maybe you noticed that the edition of virusscan enterprise can't be installed. Well, msft is just preventing "setupvse.exe" from installing the piece of software. Apparently it's not the only application they are blocking (maybe mcafee gave no bakchich?). To bypass it, renaming the application is enough.

Here is a new silent installer of vse 8.8]with patch 16 (released on 8 December 2020), compatible with windows 10 20H2 and with windows 7 -  Not available anymore since it's now obsolete and replaced with Mcafee endpoint security.

Note: you just have to execute the program to get it installed. It can take up to 20 minutes, don't reboot before seeing the antivirus in the programs and features list, otherwise the installation could be botched.

(https://i.ibb.co/f40JdSq/vse.jpg)
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on May 01, 2018, 08:35 AM
Quote from: scarface on April 30, 2018, 10:13 PM
If some of you are using windows 10 RS4, maybe you noticed that the edition of virusscan enterprise can't be installed. Well, msft is just preventing "setupvse.exe" from installing the piece of software. Apparently it's not the only application they are blocking (maybe mcafee gave no bakchich?). To bypass it, renaming the application is enough.

Here is a new silent installer of vse 8.8 with patch 10, compatible with windows 10 RS4 and with windows 7 ("setupvse" has become "msetupvse"): https://ufile.io/4vf0x
Here is a silent installer of the patch 11 that was released recently (vse8.8 must be installed): https://ufile.io/2hre2

Note: you just have to execute the program to get it installed. It can take up to 20 minutes, don't reboot before seeing the antivirus in the programs and features list, otherwise the install could be botched.

(https://i.ibb.co/f40JdSq/vse.jpg)
Nice.
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on April 03, 2019, 06:03 AM
Does anybody have a working copy of Malwarebytes AntiMalware? I got hit by some malware the other day. It got past Windows Defender with no problem. Malwarebytes Free doesn't monitor the OS in real time, so it's not very useful unless you intend to scan manually all the time. I haven't found a cracked copy on the torrents that works like it's supposed to.
Title: Re: (New) Testing Anti Virus Suites
Post by: scarface on April 03, 2019, 08:17 PM
Quote from: humbert on April 03, 2019, 06:03 AM
Does anybody have a working copy of Malwarebytes AntiMalware? I got hit by some malware the other day. It got past Windows Defender with no problem. Malwarebytes Free doesn't monitor the OS in real time, so it's not very useful unless you intend to scan manually all the time. I haven't found a cracked copy on the torrents that works like it's supposed to.
You are lucky, I put it there: https://mega.nz/#!BQlWAaTI!q7XojdiHFcXWwn2n-WTTBO9FeDjVw31Yrq1-7UHQrOU
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on April 03, 2019, 08:54 PM
Quote from: humbert on April 03, 2019, 06:03 AM
Does anybody have a working copy of Malwarebytes AntiMalware? I got hit by some malware the other day. It got past Windows Defender with no problem. Malwarebytes Free doesn't monitor the OS in real time, so it's not very useful unless you intend to scan manually all the time. I haven't found a cracked copy on the torrents that works like it's supposed to.
MBAM 3.x is pretty much useless on free version. While, MBAM 2.x detected threats in free mode but doesn't disinfect it. It better to burn Anti-virus LiveCD from Kaspersky/ESET and put it on USB. I found AiOBoot to be great alternative for dual mode UEFI and BIOS/Legacy booting.
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on April 05, 2019, 06:58 AM
Vasu -> The only issue with using an anti-virus live CD or USB is that it doesn't catch the malware before it gets a chance to infect your system. Malwarebytes is great at this. Be that as it may, it's not a bad idea to have some sort of antivirus USB drive in case malware gets through. What do you recommend? Does Strelec's ISO have something useful?

Scarface -> Thanks for your copy of Malwarebytes. You forgot the instructions so it took me a while to learn to do things in proper order. Let me ask:

1) Is there any way to get rid of that nag about no license server? Can you still use it despite the nag? My previous copies had the same nag got to a point where Malwarebytes went to the free version and did not allow me to continue using the premium version.

2) Did you disable Windows Defender? I see no reason to continue using it. Compared to Malwarebytes it's all but worthless. What did you do?
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on April 05, 2019, 12:23 PM
Quote from: humbert on April 05, 2019, 06:58 AM
Vasu -> The only issue with using an anti-virus live CD or USB is that it doesn't catch the malware before it gets a chance to infect your system. Malwarebytes is great at this. Be that as it may, it's not a bad idea to have some sort of antivirus USB drive in case malware gets through. What do you recommend? Does Strelec's ISO have something useful?

Scarface -> Thanks for your copy of Malwarebytes. You forgot the instructions so it took me a while to learn to do things in proper order. Let me ask:

1) Is there any way to get rid of that nag about no license server? Can you still use it despite the nag? My previous copies had the same nag got to a point where Malwarebytes went to the free version and did not allow me to continue using the premium version.

2) Did you disable Windows Defender? I see no reason to continue using it. Compared to Malwarebytes it's all but worthless. What did you do?
No, it doesn't. Running a AV in sergei will remove hacked versions of many SWs and custom built Win 8/10 PEs.
Have you tried Configure Defender for Windows Defender https://malwaretips.com/threads/configuredefender-utility-for-windows-10.79039/
You can click on Child Protection for max lockdown settings on W10 for max security and paranoid setup.
Title: Re: (New) Testing Anti Virus Suites
Post by: scarface on April 05, 2019, 08:22 PM
Quote from: humbert on April 05, 2019, 06:58 AM
Scarface -> Thanks for your copy of Malwarebytes. You forgot the instructions so it took me a while to learn to do things in proper order. Let me ask:
1) Is there any way to get rid of that nag about no license server? Can you still use it despite the nag? My previous copies had the same nag got to a point where Malwarebytes went to the free version and did not allow me to continue using the premium version.

2) Did you disable Windows Defender? I see no reason to continue using it. Compared to Malwarebytes it's all but worthless. What did you do?
1) I don't use it. I didn't even test it. I just found this on a reliable site and uploaded it on mega.
2) Since I disabled windows defender on the versions of windows 10 available on the forum, it's also disabled on my pc. Note that I've used windows 10 1803 for months, since May last year probably, and I installed windows 10 1909 lately.
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on April 06, 2019, 08:58 AM
Quote from: scarface on April 05, 2019, 08:22 PM
Quote from: humbert on April 05, 2019, 06:58 AM
Scarface -> Thanks for your copy of Malwarebytes. You forgot the instructions so it took me a while to learn to do things in proper order. Let me ask:
1) Is there any way to get rid of that nag about no license server? Can you still use it despite the nag? My previous copies had the same nag got to a point where Malwarebytes went to the free version and did not allow me to continue using the premium version.

2) Did you disable Windows Defender? I see no reason to continue using it. Compared to Malwarebytes it's all but worthless. What did you do?
1) I don't use it. I didn't even test it. I just found this on a reliable site and uploaded it on mega.
2) Since I disabled windows defender on the versions of windows 10 available on the forum, it's also disabled on my pc. Note that I've used windows 10 1803 for months, since May last year probably, and I installed windows 10 1909 lately.
Cumulative update for v1903.30 Windows10.0-KB4497464-x64.cab   http://tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/e466e43c-7efd-4e90-93be-a8579fa9cb35?P1=1554532572&P2=402&P3=2&P4=C6fehhD45Gxa9T%2bFerSYrGiUnmuXHYGmaseE%2b%2f21C2IjwjydHaV%2f47duyWjH2BC3tMi9D4LO0SeF%2fizREQbYVA%3d%3d
Windows10.0-KB4497727-x64.cab aka Servicing stack update http://tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/aa2be949-55b3-467c-b79b-d669ff4fc6e2?P1=1554531091&P2=402&P3=2&P4=jlPT5jDMARhFd%2buYZwkSgEv17aWxu992mVnxGuizMKes5N44SRqOXpReuKkxQhhuoJnjxZMTkvMdywaGectVRw%3d%3d

Source adguard https://uup.rg-adguard.net/
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on April 09, 2019, 06:36 AM
Vasu -> What version of Windows are you using? Did you upgrade from 1803 (the same one you sent me)? I'm asking because I'm wondering if its time for an upgrade. I'd do it the same way we did it before, i.e., with your guidance. Sadly I have to go this route. Windows Update is broken, every upgrade attempt ends up with this "We couldn't install the updates, undoing changes" garbage.
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on April 09, 2019, 03:21 PM
Quote from: humbert on April 09, 2019, 06:36 AM
Vasu -> What version of Windows are you using? Did you upgrade from 1803 (the same one you sent me)? I'm asking because I'm wondering if its time for an upgrade. I'd do it the same way we did it before, i.e., with your guidance. Sadly I have to go this route. Windows Update is broken, every upgrade attempt ends up with this "We couldn't install the updates, undoing changes" garbage.
Me and scarface are on 19H1 build aka v1903.30. Its buggy and maybe just as bad for general users who use specific hardware and SW such as creative Xfi,VMware etc...  Only good thing is extra battery life and Retpoline patches to mitigate performance issues on Spectre, other than that nothing is changed from v1809. I clean installed 19h1 on my machine. Reserved storage is another garbage that is tied to page file,hibernation and Swap file. You need to use disable reserve storage regtweak and use fixed size for page file and disable hibernation to get rid off Reserved storage completely.
I've blocked all updates and even Paused updates on Home editions.
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on April 10, 2019, 06:49 AM
Vasu -> Then the best thing to do is to hold on to 1803 until Micro$haft gets around to fixing the new versions, or at the very least makes them usable. Suits me fine, 1803 is working OK. In fact I even tried Windows Update to see what would happen. Believe it or not it worked. It's still 1803, just with some updates installed.
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on April 10, 2019, 09:45 AM
Quote from: humbert on April 10, 2019, 06:49 AM
Vasu -> Then the best thing to do is to hold on to 1803 until Micro$haft gets around to fixing the new versions, or at the very least makes them usable. Suits me fine, 1803 is working OK. In fact I even tried Windows Update to see what would happen. Believe it or not it worked. It's still 1803, just with some updates installed.
There's barely any changes to Windows 10 v1903 aside from Windows defender Sandbox, retpoline and Light themed start menu. 1803 is good enough for daily usage.
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on April 15, 2019, 06:19 AM
The copy of Malwarebytes 3.71 I downloaded only works as premium for a few days, then it reverts to the free version. I could remove and reinstall from scratch including pre-activator, but once again it only lasts a few days. Any way to prevent this from happening? The freeware version of Malwarebytes is essentially useless.
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on April 15, 2019, 07:12 AM
Quote from: humbert on April 15, 2019, 06:19 AM
The copy of Malwarebytes 3.71 I downloaded only works as premium for a few days, then it reverts to the free version. I could remove and reinstall from scratch including pre-activator, but once again it only lasts a few days. Any way to prevent this from happening? The freeware version of Malwarebytes is essentially useless.
Use Windows Defender or scarface's repacked version of Trend Micro officescan. MBAM 3.x is utterly useless you can download Emsisoft Emergency kit for free w/o payment on any number of PCs. Its a very good on-demand scanner.
https://www.emsisoft.com/en/home/emergencykit/
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on April 16, 2019, 05:10 AM
Quote from: Vasudev on April 15, 2019, 07:12 AM
Use Windows Defender or scarface's repacked version of Trend Micro officescan. MBAM 3.x is utterly useless you can download Emsisoft Emergency kit for free w/o payment on any number of PCs. Its a very good on-demand scanner.

Does Emsisoft Emergency protect in real time or do you need to manually perform a scan? Can you put it on a flashdrive and boot from it in case the the system won't boot due to malware damage?

Incidentally, free Malwarebytes is useless in the sense that it doesn't perform real time scans. It will perform manual scans. If Emsisoft Emergency works only manually then how is it any different from Malwarebytes?
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on April 16, 2019, 04:50 PM
Quote from: humbert on April 16, 2019, 05:10 AM
Quote from: Vasudev on April 15, 2019, 07:12 AM
Use Windows Defender or scarface's repacked version of Trend Micro officescan. MBAM 3.x is utterly useless you can download Emsisoft Emergency kit for free w/o payment on any number of PCs. Its a very good on-demand scanner.

Does Emsisoft Emergency protect in real time or do you need to manually perform a scan? Can you put it on a flashdrive and boot from it in case the the system won't boot due to malware damage?

Incidentally, free Malwarebytes is useless in the sense that it doesn't perform real time scans. It will perform manual scans. If Emsisoft Emergency works only manually then how is it any different from Malwarebytes?
EEK is free to use in Home/Commercial. EEK is just a on demand manual scanner. For LiveCD feature, WD already has offline scan feature and so does most AV provide one for free.
I've WD as RTP along with EEK as On demand scanner and few LiveCDs on USB on standby from ESET,Kaspersky and Dr. Web.
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on April 17, 2019, 06:11 AM
Quote from: Vasudev on April 16, 2019, 04:50 PM
EEK is free to use in Home/Commercial. EEK is just a on demand manual scanner. For LiveCD feature, WD already has offline scan feature and so does most AV provide one for free.
I've WD as RTP along with EEK as On demand scanner and few LiveCDs on USB on standby from ESET,Kaspersky and Dr. Web.

Sometimes you confuse me with your alphabet soup :).

If we're talking a anti-virus program that does only manual scans, then do you believe EEK is better than free Malwarebytes or are they pretty much the same? If you believe EEK is better than free Malwarebytes (or vice-versa), why?

You confused me with a recommendation for a bootable anti-malware program for use if the computer won't boot due to malware damage. Which do you think is good just to keep around in case of an emergency? Strelec's bootable DVD contains several. Do you think any of them can do a fine job?
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on April 17, 2019, 07:00 AM
Quote from: humbert on April 17, 2019, 06:11 AM
Quote from: Vasudev on April 16, 2019, 04:50 PM
EEK is free to use in Home/Commercial. EEK is just a on demand manual scanner. For LiveCD feature, WD already has offline scan feature and so does most AV provide one for free.
I've WD as RTP along with EEK as On demand scanner and few LiveCDs on USB on standby from ESET,Kaspersky and Dr. Web.

Sometimes you confuse me with your alphabet soup :).

If we're talking a anti-virus program that does only manual scans, then do you believe EEK is better than free Malwarebytes or are they pretty much the same? If you believe EEK is better than free Malwarebytes (or vice-versa), why?

You confused me with a recommendation for a bootable anti-malware program for use if the computer won't boot due to malware damage. Which do you think is good just to keep around in case of an emergency? Strelec's bootable DVD contains several. Do you think any of them can do a fine job?
Yeah I know.
EEK : Emsisoft Emergency kit
WD: Windows defender 4.18.x.x with AI, Block at first sight, Paranoid mode using Configure Defender by Andyful (Almost similar protection to Kaspersky free)
Emsisoft uses Bitdefender engine and their own engine for behavior based classification/detection of any malware.
MBAM 3.x is buggy and often has become a nagware to pay for the SW for removal of advanced pesky malwares
I use AiOBoot and have 10-12 ISOs in legacy/EFI mode w/o any fuss. I use Windows 10,Sergei Strelec, HBCD PE(Replaced F4BCD and HBCD 15.2), LiveCDs from dr.web,kaspersky and ESET. I've added Ubuntu,Xubuntu,Pop OS as well.
Title: Re: (New) Testing Anti Virus Suites
Post by: scarface on December 23, 2020, 03:07 AM
For those who need an antivirus, note that virusscan was updated in this message: https://www.nomaher.com/forum/index.php?topic=1718.msg29118#msg29118
This is the virusscan with patch 16.
Title: Re: (New) Testing Anti Virus Suites
Post by: scarface on August 15, 2021, 09:40 PM
Note that the new  Trellix Endpoint Security 10.7.0 September 2023 Update is available on the forum.
Security platform version: 10.7.0.6149
Threat prevention version: 10.7.0.6177

Link: Trellix endpoint security (https://mega.nz/file/UVdmEYYJ#z69O8mVzKzGqRBSDz2AK0IpwNvNsl03aZYzRH5LMkm0)
It is a switch-less installer. The original installer was modified: only the 64bit version is available (for windows 7/10/11 x64)

(https://i.ibb.co/6N8szyx/mcafee.jpg)
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on December 26, 2021, 04:39 AM
Vasudev, et al .. When I boot into Strelec's flashdrive and execute Kaspersky anti-virus, it says "Can't Load Partition". The strange thing is that it's happening on 2 different computers using 2 different flashdrives. Do you have any idea of what's going on? Strelec's Kaspersky almost saved my life a few weeks ago. Best of all, it removed the malware from the infected files without deleting the files. Windows Defender and others delete the file and make no attempt to "cure" it. That's why I went into Group Policy Editor and disabled it.

While you're at it, do you know of a good antivirus that can be booted from a flashdrive, updated, and remove the malware without deleting the file? The other 2 antivirus programs on Strelec don't seem to be very good. One even made unwanted changes in my settings.

Scarface .. regarding the McAfee program you have for download. I've never used McAfee myself, but one thing I've seen on computers that come preloaded is that McAfee is constantly eating resources even when it's not needed. What's been your experience with this copy?
Title: Re: (New) Testing Anti Virus Suites
Post by: scarface on December 27, 2021, 08:28 AM
Quote from: humbert on December 26, 2021, 04:39 AM
I've never used McAfee myself, but one thing I've seen on computers that come preloaded is that McAfee is constantly eating resources even when it's not needed. What's been your experience with this copy?
I didn't test the very latest one, but I didn't not experience any inconvenience with the others.
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on December 27, 2021, 09:07 PM
Quote from: humbert on December 26, 2021, 04:39 AM
Vasudev, et al .. When I boot into Strelec's flashdrive and execute Kaspersky anti-virus, it says "Can't Load Partition". The strange thing is that it's happening on 2 different computers using 2 different flashdrives. Do you have any idea of what's going on? Strelec's Kaspersky almost saved my life a few weeks ago. Best of all, it removed the malware from the infected files without deleting the files. Windows Defender and others delete the file and make no attempt to "cure" it. That's why I went into Group Policy Editor and disabled it.

While you're at it, do you know of a good antivirus that can be booted from a flashdrive, updated, and remove the malware without deleting the file? The other 2 antivirus programs on Strelec don't seem to be very good. One even made unwanted changes in my settings.

Scarface .. regarding the McAfee program you have for download. I've never used McAfee myself, but one thing I've seen on computers that come preloaded is that McAfee is constantly eating resources even when it's not needed. What's been your experience with this copy?
I always used Kaspersky rescue disk ISO as opposed to Sergei's Kaspersky Tool. I couldn't get it to work properly on all machines
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on December 28, 2021, 05:11 AM
Vasu -> Thanks for the Kaspersky link. I downloaded the ISO from their web site. When it comes to antivirus matters you're the go-to guy. MODIFIED POST: I burned this ISO to a USB flashdrive but couldn't get it to boot. I got a green screen prompting me to use English or Russian. When it picked English it didn't boot, it tried and tried and I kept getting a black screen. Rufus gave me an error message that there was no bootloader on the ISO and prompted me to download and install Grub. It did all that but it didn't work. How'd you get it to boot up?

Scarface -> I got your file. Let me test it in VirtualBox and let's see what happens.
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on December 29, 2021, 04:01 PM
Quote from: humbert on December 28, 2021, 05:11 AM
Vasu -> Thanks for the Kaspersky link. I downloaded the ISO from their web site. When it comes to antivirus matters you're the go-to guy. MODIFIED POST: I burned this ISO to a USB flashdrive but couldn't get it to boot. I got a green screen prompting me to use English or Russian. When it picked English it didn't boot, it tried and tried and I kept getting a black screen. Rufus gave me an error message that there was no bootloader on the ISO and prompted me to download and install Grub. It did all that but it didn't work. How'd you get it to boot up?

Scarface -> I got your file. Let me test it in VirtualBox and let's see what happens.
Was Secure boot disabled? I have seen that bug on some machines including mine when I used multiboot USB and eventually switched to Ventoy the ISO was buggy but had it working.
In that case I'd suggest Dr. Web LiveCD (http://"https://free.drweb.com/aid_admin/")(Updated frequently in a week) or Eset SysRescue (http://"https://www.eset.com/in/support/sysrescue/")(Updated during bugfixes) both of them are very good and ran fine on wide variety of machines.
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on December 30, 2021, 05:06 AM
Vasu -> See if you can help me out here, I'm not having much luck. Secure boot is DISABLED. I checked the BIOS. Besides, I hate secure boot.

All Ventoy does is supposedly install something on a flashdrive, after using it I checked and the flashdrive was empty.

Kaspersky rescue disk and Eset rescue live CD won't boot. I get the opening screen and nothing else. I used Rufus. Should I try something other than that?

Despite DrWeb live CD coming with its own exe that supposedly configures the flashdrive correctly, it still won't boot. It gives me 2 partitions. Booting from Partition1 I get an opening screen only, Partition2 give me nothing.

Any ideas?

Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on December 31, 2021, 02:34 PM
Quote from: humbert on December 30, 2021, 05:06 AM
Vasu -> See if you can help me out here, I'm not having much luck. Secure boot is DISABLED. I checked the BIOS. Besides, I hate secure boot.

All Ventoy does is supposedly install something on a flashdrive, after using it I checked and the flashdrive was empty.

Kaspersky rescue disk and Eset rescue live CD won't boot. I get the opening screen and nothing else. I used Rufus. Should I try something other than that?

Despite DrWeb live CD coming with its own exe that supposedly configures the flashdrive correctly, it still won't boot. It gives me 2 partitions. Booting from Partition1 I get an opening screen only, Partition2 give me nothing.

Any ideas?
Well that is certainly odd. With ventoy you need to copy ISO to Ventoy partition and you're done.Have you tried using F12 before Branding Splash screen shows up and select flash drive you're using. May I know which scheme the disk is partitioned say MBR or GPT? I usually use MBR.
In Rufus there is a cheat mode which allows legacy or uefi boot by using Alt-E keyboard shortcut which allows single drive to work correctly in efi and non-efi mode.
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on January 01, 2022, 05:47 AM
Quote from: Vasudev on December 31, 2021, 02:34 PM
Well that is certainly odd. With ventoy you need to copy ISO to Ventoy partition and you're done.Have you tried using F12 before Branding Splash screen shows up and select flash drive you're using. May I know which scheme the disk is partitioned say MBR or GPT? I usually use MBR.
In Rufus there is a cheat mode which allows legacy or uefi boot by using Alt-E keyboard shortcut which allows single drive to work correctly in efi and non-efi mode.

Thanks for the tip regarding Ventoy. To run a test a I prepared a flashdrive with Ventoy and copied Strelec's ISO to its root directory. It booted perfectly, no issues. Sadly this was not the case with Kaspersky nor Eset sysrescue. On Kaspersky after the green screen it gave me an error message (wrong signature). On ESET the full screen comes on with a tiny menu in the upper left hand corner. When you select the default nothing happens. The ESET screen stays and no more changes.

I then googled Kaspersky's site for instructions on booting krd.iso from flashdrive. Despite following explicit instructions on using Rufus, the ISO still refused to boot. After selecting English the screen goes black and stays that way. I've been booting ISO's from flashdrives for quite a while and I've never encounter anything more boot-resistant than these two.

With respect to F12, do you mean the motherboard's boot menu where you see the devices? If so my MSI board uses F11, all the Asus boards I've had use F8. Same menu, different keys.

Maybe I'm doing something wrong. What did you do to get these 2 ISO's to boot?
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on January 03, 2022, 05:42 PM
Quote from: humbert on January 01, 2022, 05:47 AM
Quote from: Vasudev on December 31, 2021, 02:34 PM
Well that is certainly odd. With ventoy you need to copy ISO to Ventoy partition and you're done.Have you tried using F12 before Branding Splash screen shows up and select flash drive you're using. May I know which scheme the disk is partitioned say MBR or GPT? I usually use MBR.
In Rufus there is a cheat mode which allows legacy or uefi boot by using Alt-E keyboard shortcut which allows single drive to work correctly in efi and non-efi mode.

Thanks for the tip regarding Ventoy. To run a test a I prepared a flashdrive with Ventoy and copied Strelec's ISO to its root directory. It booted perfectly, no issues. Sadly this was not the case with Kaspersky nor Eset sysrescue. On Kaspersky after the green screen it gave me an error message (wrong signature). On ESET the full screen comes on with a tiny menu in the upper left hand corner. When you select the default nothing happens. The ESET screen stays and no more changes.

I then googled Kaspersky's site for instructions on booting krd.iso from flashdrive. Despite following explicit instructions on using Rufus, the ISO still refused to boot. After selecting English the screen goes black and stays that way. I've been booting ISO's from flashdrives for quite a while and I've never encounter anything more boot-resistant than these two.

With respect to F12, do you mean the motherboard's boot menu where you see the devices? If so my MSI board uses F11, all the Asus boards I've had use F8. Same menu, different keys.

Maybe I'm doing something wrong. What did you do to get these 2 ISO's to boot?
For Kaspersky there is some special notes for ventoy. You can see it at the end of the page. https://www.ventoy.net/en/isolist.html
KRD work in legacy flawlessly and not in EFI w/o some tweak. I use Dr. WebLiveCD in case ESET and Kaspersky fails.
Then again what is the size of USB flash drive? I'm using 32GB. But greater than 64GB USB flash drive has some trouble detecting or working with USB boot. You may want to split the partition and don't format the new partition and keep it RAW/Unformatted.
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on January 04, 2022, 04:50 AM
Quote from: Vasudev on January 03, 2022, 05:42 PM
For Kaspersky there is some special notes for ventoy. You can see it at the end of the page. https://www.ventoy.net/en/isolist.html

To summarize, the note reads "So in UEFI mode, after the kaspersky boot menu was shown, you need to run set check_signatures=no in the grub shell before boot." The only problem is that it doesn't tell you how to do that. The only boot menu I get with Kaspersky is English or Pуccкий -- I pick English and the screen goes black. You can see it's trying to boot but not getting anywhere. I even used UltraIso to burn a CD and not even that worked, i.e., the symptoms are identical.

Quote from: Vasudev on January 03, 2022, 05:42 PM
KRD work in legacy flawlessly and not in EFI w/o some tweak. I use Dr. WebLiveCD in case ESET and Kaspersky fails.
Then again what is the size of USB flash drive? I'm using 32GB. But greater than 64GB USB flash drive has some trouble detecting or working with USB boot. You may want to split the partition and don't format the new partition and keep it RAW/Unformatted.

There is no question there is severe incompatibility somewhere, probably (as you say) all it knows about is the old BIOS and not today's UEFI. If so they better fix this, the sooner the better. I used 32GB flashdrive and even an old 8GB drive. Nothing worked. Sadly, WebLiveCD didn't work either. Same symptoms.

I should also mention that, as we all know, flashdrives 32GB and smaller are becoming harder and harder to get and are destined to go the way of the dinosaur. All the more reason for these guys to modernize their programs.
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on January 05, 2022, 04:48 PM
Quote from: humbert on January 04, 2022, 04:50 AM
Quote from: Vasudev on January 03, 2022, 05:42 PM
For Kaspersky there is some special notes for ventoy. You can see it at the end of the page. https://www.ventoy.net/en/isolist.html

To summarize, the note reads "So in UEFI mode, after the kaspersky boot menu was shown, you need to run set check_signatures=no in the grub shell before boot." The only problem is that it doesn't tell you how to do that. The only boot menu I get with Kaspersky is English or Poccуя -- I pick English and the screen goes black. You can see it's trying to boot but not getting anywhere. I even used UltraIso to burn a CD and not even that worked, i.e., the symptoms are identical.

Quote from: Vasudev on January 03, 2022, 05:42 PM
KRD work in legacy flawlessly and not in EFI w/o some tweak. I use Dr. WebLiveCD in case ESET and Kaspersky fails.
Then again what is the size of USB flash drive? I'm using 32GB. But greater than 64GB USB flash drive has some trouble detecting or working with USB boot. You may want to split the partition and don't format the new partition and keep it RAW/Unformatted.

There is no question there is severe incompatibility somewhere, probably (as you say) all it knows about is the old BIOS and not today's UEFI. If so they better fix this, the sooner the better. I used 32GB flashdrive and even an old 8GB drive. Nothing worked. Sadly, WebLiveCD didn't work either. Same symptoms.

I should also mention that, as we all know, flashdrives 32GB and smaller are becoming harder and harder to get and are destined to go the way of the dinosaur. All the more reason for these guys to modernize their programs.
KRD EFI didn't work for me as well. KRD was working through legacy USB boot.
BIOS/EFI backward compatibility is the cause of the issue and not every BIOS/EFI can boot more than 128GB FAT32 in single partition. I think 32GB/64GB should work with exFAT/NTFS.
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on January 06, 2022, 05:05 AM
Quote from: Vasudev on January 05, 2022, 04:48 PM
KRD EFI didn't work for me as well. KRD was working through legacy USB boot.
BIOS/EFI backward compatibility is the cause of the issue and not every BIOS/EFI can boot more than 128GB FAT32 in single partition. I think 32GB/64GB should work with exFAT/NTFS.

It it were just Kaspersky! None of the antivirus live CD's you suggested actually booted. Are these people living in the past or is there something about UEFI that interferes with antivirus suites? All I can think of is secure boot. My secure boot is disabled and other ISO's such as Strelec or Parted Magic have no problem booting.
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on January 06, 2022, 03:42 PM
Quote from: humbert on January 06, 2022, 05:05 AM
Quote from: Vasudev on January 05, 2022, 04:48 PM
KRD EFI didn't work for me as well. KRD was working through legacy USB boot.
BIOS/EFI backward compatibility is the cause of the issue and not every BIOS/EFI can boot more than 128GB FAT32 in single partition. I think 32GB/64GB should work with exFAT/NTFS.

It it were just Kaspersky! None of the antivirus live CD's you suggested actually booted. Are these people living in the past or is there something about UEFI that interferes with antivirus suites? All I can think of is secure boot. My secure boot is disabled and other ISO's such as Strelec or Parted Magic have no problem booting.
Yikes! Do you have nvidia GPU  as primary display? Nvidia drivers aren't included in those.
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on January 08, 2022, 05:39 AM
Quote from: Vasudev on January 06, 2022, 03:42 PM
Yikes! Do you have nvidia GPU  as primary display? Nvidia drivers aren't included in those.

I have a relatively old Nvidia GTX-970 which I bought several years ago. Unless you have money to burn don't even think of upgrading it, at least not at this time.  In any case, I'm not clear what any of this has to do with antivirus live CD's. I have yet to find one that boots on my system.

The only antivirus that might work is the one on the Parted Magic live CD. It started fine but it's confusing. I couldn't get it to do a scan.
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on January 09, 2022, 04:42 PM
Quote from: humbert on January 08, 2022, 05:39 AM
Quote from: Vasudev on January 06, 2022, 03:42 PM
Yikes! Do you have nvidia GPU  as primary display? Nvidia drivers aren't included in those.

I have a relatively old Nvidia GTX-970 which I bought several years ago. Unless you have money to burn don't even think of upgrading it, at least not at this time.  In any case, I'm not clear what any of this has to do with antivirus live CD's. I have yet to find one that boots on my system.

The only antivirus that might work is the one on the Parted Magic live CD. It started fine but it's confusing. I couldn't get it to do a scan.
I use 980M Alienware and its working fine for me. I will be moving to new laptop this year or next year depending on prices. I don't like paying extra import fees etc..
Have you checked if Asus has released new BIOS?
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on January 10, 2022, 05:29 AM
Quote from: Vasudev on January 09, 2022, 04:42 PM
I use 980M Alienware and its working fine for me.

By this do you mean it can boot those unbootable antivirus programs? Or do you mean something else?

Quote from: Vasudev on January 09, 2022, 04:42 PM
I will be moving to new laptop this year or next year depending on prices.

In your case this makes perfect sense. You use your lappie for heavy duty games and for (I assume) processor-intensive  engineering programs in your job.

Quote from: Vasudev on January 09, 2022, 04:42 PM
Have you checked if Asus has released new BIOS?

At this moment the only Asus hardware I have is an old lappie which I use for browsing, emails, and other general stuff. It's been a long while since new firmware was written for it. My current board is MSI which, frankly, works quite well. It was the only thing the computer store had in stock and I needed it immediately.
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on January 11, 2022, 03:48 PM
Quote from: humbert on January 10, 2022, 05:29 AM
Quote from: Vasudev on January 09, 2022, 04:42 PM
I use 980M Alienware and its working fine for me.

By this do you mean it can boot those unbootable antivirus programs? Or do you mean something else?

Quote from: Vasudev on January 09, 2022, 04:42 PM
I will be moving to new laptop this year or next year depending on prices.

In your case this makes perfect sense. You use your lappie for heavy duty games and for (I assume) processor-intensive  engineering programs in your job.

Quote from: Vasudev on January 09, 2022, 04:42 PM
Have you checked if Asus has released new BIOS?

At this moment the only Asus hardware I have is an old lappie which I use for browsing, emails, and other general stuff. It's been a long while since new firmware was written for it. My current board is MSI which, frankly, works quite well. It was the only thing the computer store had in stock and I needed it immediately.
I don't game that much.
Then again I use my Ivybridge for coding duties and 6700hq has issues.
Title: Re: (New) Testing Anti Virus Suites
Post by: scarface on July 16, 2022, 12:44 PM
Note that a new version of Mcafee endpoint security is available here: https://www.nomaher.com/forum/index.php?topic=1718.msg36900#msg36900
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on July 17, 2022, 05:38 AM
Quote from: scarface on July 16, 2022, 12:44 PMNote that a new version of Mcafee endpoint security is available here: https://www.nomaher.com/forum/index.php?topic=1718.msg36900#msg36900

Thanks. How do you run this? Does it have to be installed or can you boot from an ISO and clean if the need arises?
Title: Re: (New) Testing Anti Virus Suites
Post by: scarface on July 17, 2022, 09:42 AM
Quote from: humbert on July 17, 2022, 05:38 AMThanks. How do you run this?
You double click on the exe file.

Quote from: humbert on July 17, 2022, 05:38 AMDoes it have to be installed or can you boot from an ISO and clean if the need arises?
No you can't boot it from an iso, it must be installed.
If you want to use a standalone application from mcafee, you can try stinger: https://www.mcafee.com/en-us/consumer-corporate/mcafee-labs/free-tools/stinger.html
Title: Re: (New) Testing Anti Virus Suites
Post by: scarface on October 13, 2023, 01:44 AM
Note that a new version of Trellix Endpoint Security (formerly Mcafee) is available here: https://www.nomaher.com/forum/index.php?topic=1718.msg36900#msg36900
This is the latest version.

Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on March 03, 2024, 05:43 AM
Vasudev, et. al. -> You probably won't know the answer to this, but hopefully you can point me to a source that might help. I've been dealing with malware forever but I've got one that simply defies explanation.

On the root directory of one of the network drives on the router's USB port, something creates files named video.scr, photo.scr, af.scr and links. You delete them and they come back. This does not happen if the drive is disconnected from the router and connected to the PC's USB drive. I've run no less than 3 antivirus program which have found nothing except patches, keygens, activators, and PUP's (this is normal). To make this even more mysterious, I've uploaded all these SCR files to virustotal and they are CLEAN. To put the icing on the cake, the files are produced even with the PC powered down and unplugged. I logged in with my Android phone and saw the files there. Delete them and they come back even with the PC unplugged.

I've read somewhere that this is some sort of cryptocurrency mining software that managed to find its way to my system. Not only did this not appear on my system, but Task Manager is reporting that the CPU and GPU are running normally with no mining program or any other producing unusually high usage.

I am stumped. Is there a forum somewhere were someone can render assistance?
Title: Re: (New) Testing Anti Virus Suites
Post by: scarface on March 03, 2024, 06:20 AM
Quote from: humbert on March 03, 2024, 05:43 AMVasudev, et. al. -> You probably won't know the answer to this, but hopefully you can point me to a source that might help. I've been dealing with malware forever but I've got one that simply defies explanation.

On the root directory of one of the network drives on the router's USB port, something creates files named video.scr, photo.scr, af.scr and links. You delete them and they come back. This does not happen if the drive is disconnected from the router and connected to the PC's USB drive. I've run no less than 3 antivirus program which have found nothing except patches, keygens, activators, and PUP's (this is normal). To make this even more mysterious, I've uploaded all these SCR files to virustotal and they are CLEAN. To put the icing on the cake, the files are produced even with the PC powered down and unplugged. I logged in with my Android phone and saw the files there. Delete them and they come back even with the PC unplugged.

I've read somewhere that this is some sort of cryptocurrency mining software that managed to find its way to my system. Not only did this not appear on my system, but Task Manager is reporting that the CPU and GPU are running normally with no mining program or any other producing unusually high usage.

I am stumped. Is there a forum somewhere were someone can render assistance?
Hi humbert.
I found a topic dealing about this issue here:
https://www.bleepingcomputer.com/forums/t/779798/photolnk-videoscr-files-all-folders-of-a-network-drive/
It comes to the conclusion that those files are harmless.
Now if you think they are not (several suggestions):
1: Use Trellix antivirus (available above)
2: Format your hdds
3: Don't plug hdds to your router if it's not necessary
4: Don't use a router (I have no router...)
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on March 05, 2024, 04:56 AM
Quote from: scarface on March 03, 2024, 06:20 AM1: Use Trellix antivirus (available above)
2: Format your hdds
3: Don't plug hdds to your router if it's not necessary
4: Don't use a router (I have no router...)

Thanks for your help. I found that site you mentioned and ran that program they recommended. Didn't help much. I will remember Trellix antivirus.

This is truly the weirdest issue I've run into since I first started to play around with computers. So much so that the problem actually went away by itself! Those files have not reappeared. I didn't do anything and have no explanation. To deepen the mystery, I sent all those scr files to virustotal and they all came back clean. Not one of the 50 or so antivirus companies detected any kind of malware anywhere. If indeed these files had malware, I would love to meet the guy who wrote the software. He succeeded in making his malware totally undetectable.

Another thing doesn't make sense. If indeed this was some sort of cryptocurrency mining going on as the site explains, it follows that the CPU & GPU would run at almost full speed - otherwise mining can't happen. In my case both were running normally and showing maybe 1% or 2% usage when the computer isn't running any program.

Unlike you, I have no choice but to use a router - and a strong one at that. I have no less than 15 devices connected to it and any time. Both my computers, 3 cell phones, 3 TV's and/or streaming devices plus some more stuff (thermostat, EV charger, etc). I have important data on drives connected the router's 2 USB ports. They must be accessed from anywhere in the house and from the street if I'm out. Without a router I'm dead in the water.

You said you don't use a router. Does this mean you connect your cell phone to the internet only via mobile data, i.e., no WiFi at home? If you need to use WiFi for a large download, to you go to Starbucks or use the one at work?
Title: Re: (New) Testing Anti Virus Suites
Post by: scarface on March 09, 2024, 01:47 AM
Quote from: humbert on March 05, 2024, 04:56 AMYou said you don't use a router. Does this mean you connect your cell phone to the internet only via mobile data, i.e., no WiFi at home? If you need to use WiFi for a large download, to you go to Starbucks or use the one at work?
I have no router because I'm using my smartphone as a mobile hotspot. Formerly, I used to have a box, but I don't download any more. I have a data usage limit of 200 Gb.
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on March 12, 2024, 05:14 AM
Quote from: scarface on March 09, 2024, 01:47 AMI have no router because I'm using my smartphone as a mobile hotspot. Formerly, I used to have a box, but I don't download any more. I have a data usage limit of 200 Gb.

So your only ISP is the phone? You have a laptop tethered to it and that's how you get online?

My phone provider is T-Mobile. They give me 100 GB. After that they slow me down only if there's traffic, but there is no additional charge. Unfortunately this does NOT include tethering. That's only 40 GB. It's quite possible that somewhere out there somebody has written a program that allows me to tether mobile data without T-Mobile knowing that I'm tethering. Haven't needed to look into it yet.
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on March 12, 2024, 08:46 PM
Quote from: humbert on March 05, 2024, 04:56 AM
Quote from: scarface on March 03, 2024, 06:20 AM1: Use Trellix antivirus (available above)
2: Format your hdds
3: Don't plug hdds to your router if it's not necessary
4: Don't use a router (I have no router...)

Thanks for your help. I found that site you mentioned and ran that program they recommended. Didn't help much. I will remember Trellix antivirus.

This is truly the weirdest issue I've run into since I first started to play around with computers. So much so that the problem actually went away by itself! Those files have not reappeared. I didn't do anything and have no explanation. To deepen the mystery, I sent all those scr files to virustotal and they all came back clean. Not one of the 50 or so antivirus companies detected any kind of malware anywhere. If indeed these files had malware, I would love to meet the guy who wrote the software. He succeeded in making his malware totally undetectable.

Another thing doesn't make sense. If indeed this was some sort of cryptocurrency mining going on as the site explains, it follows that the CPU & GPU would run at almost full speed - otherwise mining can't happen. In my case both were running normally and showing maybe 1% or 2% usage when the computer isn't running any program.

Unlike you, I have no choice but to use a router - and a strong one at that. I have no less than 15 devices connected to it and any time. Both my computers, 3 cell phones, 3 TV's and/or streaming devices plus some more stuff (thermostat, EV charger, etc). I have important data on drives connected the router's 2 USB ports. They must be accessed from anywhere in the house and from the street if I'm out. Without a router I'm dead in the water.

You said you don't use a router. Does this mean you connect your cell phone to the internet only via mobile data, i.e., no WiFi at home? If you need to use WiFi for a large download, to you go to Starbucks or use the one at work?
Hey Humbert, did not receive email notification so missed the post. Have you tried running Emsisoft Emergency Kit? If nothing comes up then I believe the malware wrote those infected scripts to Windows recovery or ESP which can be thoroughly removed using LiveCD of Dr.web or Kaspersky or Bitdefender.
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on March 13, 2024, 03:59 AM
Quote from: Vasudev on March 12, 2024, 08:46 PMHey Humbert, did not receive email notification so missed the post. Have you tried running Emsisoft Emergency Kit? If nothing comes up then I believe the malware wrote those infected scripts to Windows recovery or ESP which can be thoroughly removed using LiveCD of Dr.web or Kaspersky or Bitdefender.

I ran Emsisoft only this time not as the default to find malware but the entire drive. It found 2 infected files. Then I booted up Strelec's CD and ran Dr.Web. That one found 2 more. The problem is gone (at least for now) and the malware was found after those files stopped coming back. Oh well...
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on March 13, 2024, 07:35 PM
Quote from: humbert on March 13, 2024, 03:59 AM
Quote from: Vasudev on March 12, 2024, 08:46 PMHey Humbert, did not receive email notification so missed the post. Have you tried running Emsisoft Emergency Kit? If nothing comes up then I believe the malware wrote those infected scripts to Windows recovery or ESP which can be thoroughly removed using LiveCD of Dr.web or Kaspersky or Bitdefender.

I ran Emsisoft only this time not as the default to find malware but the entire drive. It found 2 infected files. Then I booted up Strelec's CD and ran Dr.Web. That one found 2 more. The problem is gone (at least for now) and the malware was found after those files stopped coming back. Oh well...
You might need linux livecd since running from PE some files mask themselves as System which makes it impossible to remove. Try the ISO using Ventoy or Rufus. Scan speed should be pretty quick outside WinPE.
https://free.drweb.com/aid_admin/
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on March 15, 2024, 03:30 AM
Quote from: Vasudev on March 13, 2024, 07:35 PMYou might need linux livecd since running from PE some files mask themselves as System which makes it impossible to remove. Try the ISO using Ventoy or Rufus. Scan speed should be pretty quick outside WinPE.
https://free.drweb.com/aid_admin/

Thanks for the tip. I downloaded the LiveCD and will put it on the same Ventoy flashdrive that has other ISO's on it.

Are there any other LiveCD's you recommend for malware removal or any other purpose, other than Strelec which was your recommendation?
Title: Re: (New) Testing Anti Virus Suites
Post by: Vasudev on March 22, 2024, 09:15 PM
Quote from: humbert on March 15, 2024, 03:30 AM
Quote from: Vasudev on March 13, 2024, 07:35 PMYou might need linux livecd since running from PE some files mask themselves as System which makes it impossible to remove. Try the ISO using Ventoy or Rufus. Scan speed should be pretty quick outside WinPE.
https://free.drweb.com/aid_admin/

Thanks for the tip. I downloaded the LiveCD and will put it on the same Ventoy flashdrive that has other ISO's on it.

Are there any other LiveCD's you recommend for malware removal or any other purpose, other than Strelec which was your recommendation?
Kaspersky Rescue Disk and Bitdefender (can be buggy and slow)
Title: Re: (New) Testing Anti Virus Suites
Post by: humbert on March 23, 2024, 06:00 AM
Quote from: Vasudev on March 22, 2024, 09:15 PMKaspersky Rescue Disk and Bitdefender (can be buggy and slow)

OK fine. Any other recommendations?