• Welcome to Maher's Digital World.

Suggested Anti-Malware Programs

Started by humbert, October 22, 2021, 05:27 AM

Previous topic - Next topic

humbert

I know Vasudev is the expert on this, but let me ask not just him but whoever else can help.

Just today I discovered a serious malware infection on my PC. I found out quite by accident. I was playing around with a copy of Windows 11 on VirtualBox and, when I copied over my favorite file manager (Total Commander), immediately Windows Defender popped up and found several infected files in the TC folder. When I updated and ran EEK it found all kinds of malware and cleaned it up. My PC runs OK. All the while there were no symptoms and I was under the impression everything was OK.

I deactivated Windows Defender on my PC due to the almost unending false positive alerts. I was using EEK which does not protect in real time. So I became complacent and didn't check for quite a while.

Is there an anti-malware program you can recommend that provides some sort of real time protection to at least minimize the possibility that this problem (or worse) doesn't happen again?

So ask not to open another topic, let me ask: what's a good substitute for Ccleaner? Even with the cracked version when you install an update it prompts to you to install PUP's. I'm getting tired of this. Is Bleachbit good and, will it accept winapp2.ini files?

scarface

Well, you can still find Malwarebyes here: https://www.nomaher.com/forum/index.php?topic=1718.60
As Vasudev explained, it's not very useful once the free trial has expired. And you can also find an Antivirus, which could have better results, since the symptoms you are describing are showing that the disease on your computer might be spreading rapidly.

humbert

Quote from: scarface on October 23, 2021, 11:23 PM
Well, you can still find Malwarebyes here: https://www.nomaher.com/forum/index.php?topic=1718.60

I didn't see a link for it, at least not for a cracked copy. As I understand it the free version of Malwarebytes will always work. The only thing is it doesn't provide constant malware scanning. You have to scan manually. This is according to their web site.

Quote from: scarface on October 23, 2021, 11:23 PM
As Vasudev explained, it's not very useful once the free trial has expired. And you can also find an Antivirus, which could have better results, since the symptoms you are describing are showing that the disease on your computer might be spreading rapidly.

He're the strange thing. I updated and did a full malware scan using EEK and it came up clean. Then I booted from USB into Strelec's WinPE. I downloaded and ran Kaspersky. It found 118 infected objects and cleaned them. What I'd like to know is how EEK missed 118 infected files. All this with no symptoms.

Vasudev

#3
@Humbert: I feel EEK portable folder was compromised.
Kaspersky or Dr. web liveCD or Eset Sysrescue LiveCd results can be trusted. In case if you saw Bootloader entries were infected, I'd suggest going into BIOS and disable capsule updates that will prevent BIOS updates from applying through Linux or Windows updates.
Never thought you will run into a malware that was demo'ed in Win 11 security.
I'd throw CCleaner in the bin from all devices! Bleachbit can download latest Winapp2.ini and hide unnneeded entries. You can pair Bleachbit with Wise Disk Cleaner, Wise registry cleaner(skip network tweaks section) and Hibit Uninstaller(Registry cleaner can be skipped since it was not safe on my cousin's PC with autodesk SW refusing to startup).
I second @scarface 's views on MBAM, once expired the trialware become a nagware/ransomware which force you to buy a paid license.

Always download Win 10/11 builds from uupdump.net
Here is the Win 11 21H2 https://uupdump.net/download.php?id=b597b515-a6f6-492c-9cce-d969208f44b4&pack=en-us&edition=core;coren;professional;professionaln

EDIT: If you want anti executable w/o Real Time protection modules affecting System Performance I'd  suggest Appguard https://www.appguard.us/
If you feel WD is slowing down PC try Eset basic AV or IS.

humbert

Quote from: Vasudev on October 24, 2021, 05:36 PM
@Humbert: I feel EEK portable folder was compromised.

Let me uninstall and install a fresh copy, see if that helps.

Quote from: Vasudev on October 24, 2021, 05:36 PM
Kaspersky or Dr. web liveCD or Eset Sysrescue LiveCd results can be trusted. In case if you saw Bootloader entries were infected, I'd suggest going into BIOS and disable capsule updates that will prevent BIOS updates from applying through Linux or Windows updates.
I downloaded Eset Sysrescue LiveCd. Let me put it on a flashdrive and check it out.

Quote from: Vasudev on October 24, 2021, 05:36 PM
Never thought you will run into a malware that was demo'ed in Win 11 security.

I found out about this when I installed Win11 under VirtualBox. I simply copied over Total Commander and Windows Defender popped up. I then ran EEK and it found some 38 infections. Since there were no symptoms on my PC I almost couldn't believe it.

Quote from: Vasudev on October 24, 2021, 05:36 PM
I'd throw CCleaner in the bin from all devices! Bleachbit can download latest Winapp2.ini and hide unnneeded entries. You can pair Bleachbit with Wise Disk Cleaner, Wise registry cleaner(skip network tweaks section) and Hibit Uninstaller(Registry cleaner can be skipped since it was not safe on my cousin's PC with autodesk SW refusing to startup).

I'm going to follow your advice. Just one question: how do you pair Wise Reg Cleaner and Hibit Uninstaller? I'm not seeing a way to do it. Importing winapp2.ini was in the settings, no problem there.

Quote from: Vasudev on October 24, 2021, 05:36 PM
Always download Win 10/11 builds from uupdump.net

I'm not too clear what this site has? Are these ISO's or are they parts and pieces, or updates? Also, dp these guys have Win11 ISO's with Secure boot & TPM disabled?

Quote from: Vasudev on October 24, 2021, 05:36 PM
EDIT: If you want anti executable w/o Real Time protection modules affecting System Performance I'd  suggest Appguard https://www.appguard.us/ If you feel WD is slowing down PC try Eset basic AV or IS.

Appguard's web site ask you to request a demo. You have to give them all kinds of personal info. Can you clarify?

Vasudev

Quote from: humbert on October 25, 2021, 06:12 AM
Quote from: Vasudev on October 24, 2021, 05:36 PM
@Humbert: I feel EEK portable folder was compromised.

Let me uninstall and install a fresh copy, see if that helps.

Quote from: Vasudev on October 24, 2021, 05:36 PM
Kaspersky or Dr. web liveCD or Eset Sysrescue LiveCd results can be trusted. In case if you saw Bootloader entries were infected, I'd suggest going into BIOS and disable capsule updates that will prevent BIOS updates from applying through Linux or Windows updates.
I downloaded Eset Sysrescue LiveCd. Let me put it on a flashdrive and check it out.

Quote from: Vasudev on October 24, 2021, 05:36 PM
Never thought you will run into a malware that was demo'ed in Win 11 security.

I found out about this when I installed Win11 under VirtualBox. I simply copied over Total Commander and Windows Defender popped up. I then ran EEK and it found some 38 infections. Since there were no symptoms on my PC I almost couldn't believe it.

Quote from: Vasudev on October 24, 2021, 05:36 PM
I'd throw CCleaner in the bin from all devices! Bleachbit can download latest Winapp2.ini and hide unnneeded entries. You can pair Bleachbit with Wise Disk Cleaner, Wise registry cleaner(skip network tweaks section) and Hibit Uninstaller(Registry cleaner can be skipped since it was not safe on my cousin's PC with autodesk SW refusing to startup).

I'm going to follow your advice. Just one question: how do you pair Wise Reg Cleaner and Hibit Uninstaller? I'm not seeing a way to do it. Importing winapp2.ini was in the settings, no problem there.

Quote from: Vasudev on October 24, 2021, 05:36 PM
Always download Win 10/11 builds from uupdump.net

I'm not too clear what this site has? Are these ISO's or are they parts and pieces, or updates? Also, dp these guys have Win11 ISO's with Secure boot & TPM disabled?

Quote from: Vasudev on October 24, 2021, 05:36 PM
EDIT: If you want anti executable w/o Real Time protection modules affecting System Performance I'd  suggest Appguard https://www.appguard.us/ If you feel WD is slowing down PC try Eset basic AV or IS.

Appguard's web site ask you to request a demo. You have to give them all kinds of personal info. Can you clarify?
By pairing I meant install them alongside to use Hibit's good and thorough uninstaller + disk cleaner + Wise reg cleaner's defrag and removal of invalid registries except their Network tweaks which Win 10/11 already manages very well.
AppGuard do seem to collect lot of info for a demo and Appguard Solo costs close to 100$/year.
I did find a 3rd party UI for WD for configuring settings easily.  DefenderUI from VoodooShield
UUP is the new way MSFT delivers updates in compact way and target multiple virtual editions such as Pro Education, Pro Workstation, IoT etc using Pro base version.