Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Best AV out there?

22 Feb 2014   #41
Britton30
Microsoft MVP

Windows 7 Ultimate X64 SP1
 
 

Quote   Quote: Originally Posted by scottls59901 View Post
My IE11 Google browser (fully updated) got hijacked yesterday (No Install Chrome button/slow...), and my KIS2013 (Kaspersky Internet Security) AV failed to prevent this or detect it on All scans!

I then ran my Full on-demand scans with MBAM- Negative.

I then ran my on-demand Emsisoft-kit, and it detected/Quarantined a High-Risk browser hijacker in the registry!

The Emsisoft AV always has a High detection rate, but did Not play well with my Windows Security Center (Non-MS code... is Not recognized by WSC), and their Firewall was a BSOD pain!

Other thoughts- In the past I hated the Google Chrome nag, but now I like it!
First, what is a IE11 Google Browser?
Second, can you add links to Emisoft and the other you mention?


My System SpecsSystem Spec
.
23 Feb 2014   #42
UsernameIssues

W7 Pro SP1 64bit
 
 

Quote   Quote: Originally Posted by Britton30 View Post
Quote   Quote: Originally Posted by scottls59901 View Post
My IE11 Google browser (fully updated) got hijacked yesterday (No Install Chrome button/slow...), and my KIS2013 (Kaspersky Internet Security) AV failed to prevent this or detect it on All scans!

I then ran my Full on-demand scans with MBAM- Negative.

I then ran my on-demand Emsisoft-kit, and it detected/Quarantined a High-Risk browser hijacker in the registry!

The Emsisoft AV always has a High detection rate, but did Not play well with my Windows Security Center (Non-MS code... is Not recognized by WSC), and their Firewall was a BSOD pain!

Other thoughts- In the past I hated the Google Chrome nag, but now I like it!
First, what is a IE11 Google Browser?
Second, can you add links to Emisoft and the other you mention?
scottls59901 has a thread here. This is a duplicate post :-(

To stay on topic for this thread, I'll say that Emsisoft flags several of W7's native DLLs. I wonder how the OS survives with that AV tool installed.
My System SpecsSystem Spec
23 Feb 2014   #43
Stephanie

Win 7 Pro x64, Win 10 Pro x64, Linux Light x86
 
 

I have been using Roboscan Internet Security for about a week and I'm considering buying Pro 8.40 GBP a year
My System SpecsSystem Spec
.

23 Feb 2014   #44
UsernameIssues

W7 Pro SP1 64bit
 
 

Quote   Quote: Originally Posted by Stephanie View Post
I have been using Roboscan Internet Security for about a week and I'm considering buying Pro 8.40 GBP a year
I would avoid any company that uses the phrase "Boost your Registry":

Best AV out there?-robo.png

To me, that casts a shadow of doubt on their entire product line.


My System SpecsSystem Spec
23 Feb 2014   #45
Stephanie

Win 7 Pro x64, Win 10 Pro x64, Linux Light x86
 
 

Well I'm a little computer savy so I prob would not use that part ... bit like CCleaner, I clean my own registry


Attached Thumbnails
Best AV out there?-000794.jpg  
My System SpecsSystem Spec
23 Feb 2014   #46
UsernameIssues

W7 Pro SP1 64bit
 
 

Sorry - I did not mean to imply that you did not know what you were doing. My comments were meant for those finding this thread while seeking suggestions for an AV tool.

Along those lines I'll add that the pro version of Roboscan has a featured called "Cover My Tracks". This feature allows the user to clear a list of web pages that were "opened". The feature only works for IE9 and below. Starting with IE10, the surfing history is kept in a way that Roboscan does not clear. If Roboscan ever updates their "Cover My Tracks" feature to work with IE10 and above, the tin foil hat crowd might like this feature since it can be set to automatically clear surfing history on a periodic basis.

Roboscan's interface is nice, but I would only recommend it for the tech savvy. There are several features that should (IMO) be changed from the default. (e.g. heuristic scanning is off by default)

Roboscan did fairly well in detecting/cleaning infected files based on my very unscientific method of testing. (I turned on heuristic scanning - which probably only impacts detection once a file runs - unless Roboscan virtualizes/simulates a run.) The infected files that I downloaded were new enough to not be listed/caught by IE's SmartScreen Filter; however, one of the files that Roboscan let thru is this file (g6h.exe): https://www.virustotal.com/en/file/9...is/1393177078/

g6h.exe renames itself as Yunior.exe and runs that exe. Yunior starts when Windows does and connects to an IP in this range WHOIS Search, Domain Name, Website, and IP Tools - Who.is
Best AV out there?-y-connect.png

Yunior also hides itself from Windows Explorer in a way that I'm not familiar with:
Best AV out there?-y-hide.png

This makes it impossible to submit the Yunior EXE to VirusTotal.com using the normal web interface. Fortunately, Process Explorer can still find/submit the infected file for you: Process Explorer 16


Turning on Roboscan's firewall (and restarting the computer just for fun) did not stop Yunior from making an outgoing connection. Such blocking is turned off by default.

It seems odd that some of the very features that one would pay for would be disabled by default.


My System SpecsSystem Spec
24 Feb 2014   #47
scottls59901

Windows 7 Pro (32)
 
 

Quote   Quote: Originally Posted by Britton30 View Post
Quote   Quote: Originally Posted by scottls59901 View Post
My IE11 Google browser (fully updated) got hijacked yesterday (No Install Chrome button/slow...), and my KIS2013 (Kaspersky Internet Security) AV failed to prevent this or detect it on All scans!

I then ran my Full on-demand scans with MBAM- Negative.

I then ran my on-demand Emsisoft-kit, and it detected/Quarantined a High-Risk browser hijacker in the registry!

The Emsisoft AV always has a High detection rate, but did Not play well with my Windows Security Center (Non-MS code... is Not recognized by WSC), and their Firewall was a BSOD pain!

Other thoughts- In the past I hated the Google Chrome nag, but now I like it!
First, what is a IE11 Google Browser?
Second, can you add links to Emisoft and the other you mention?
Two of the highest detection rate free on-demand AV scans are-
1. MBAM (MalwareBytesAntiMalware)-
There Free is VG (Whatever you do Don't get Pro!), and will even remove PUPs (Potentionally Unwanted Programs- i.e. Eye Candy). https://www.malwarebytes.org/free/

1a. The Best/easiest free Rootkit remover that found 4 rootkits, all the others missed is -
Malwarebytes : Malwarebytes Anti-Rootkit BETA

2. Free Emsisoft Emergency Kit- GUI Must reside on your desktop (Not shown in All Programs).
https://www.emsisoft.com/en/software/eek/
You can Customize Updates (remove other languages), after update you may see A Restart on your taskbar (for Version updates), and then update again Before scan.
Custom Scan- specify Direct Disk Access (to get rootkits...), and only scan your C: drive... (Full scan takes Forever!).

-The trick is to run All on-demand AV's... 15min After a no activity reboot, and to First temp disable your active AV until After a Restart (in case it wants to remove something on reboot...)!
-Always do a reboot after scans, even if they are negative!

Enjoy!
My System SpecsSystem Spec
Reply

 Best AV out there?




Thread Tools Search this Thread
Search this Thread:

Advanced Search



Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 11:47.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App