Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Immunizing portable HDD

31 May 2015   #21
gabe22

Windows 7 Home Premium, Version 6.1 (Build 7601: Service Pack 1)
 
 

Oh and btw I don't know much about security products but I'm quite sure ... premium or free ... both versions for almost all top protection systems uses same virus definitions and same database so .. in my case .. MBAM .. which is very good, no questions there but .. somehow it failed to detect number of issues.

Perhaps its because I didn't have real-time protection but ... when its on the system and I'm running a full system scan .. it failed to detect .. on multiple different scenarios. so considering the fact that free version & premium versions both uses same virus definitions .. if free cant detect ... premium will fail to detect too ... with a high possibility.

While Avast did the job both times but for various reason I'm looking for a better solution.

Basically what I'm saying is .. premium ... it has its perks but really premium doesn't keep you safe(not in all case) ... atleast not in my case and yes I used to have MBAR premium .. didn't make much of an impact really .. even had a malware infection with the premium version.
Ofcourse one could say its the user to blame .. for clicking the wrong url or dl'ing the wrong file .. but if an av scan fails to detect ... that is a problem, actually scratch that .. its a serious issue.

But ofourcse there are premium only protection systems that doesn't allow one to use it for free to all or maybe a few days trial .. those are different, could be million things really .. for example: could be that they have a different detection algorithm, higher sensitivity system, better firewalls ... or perhaps their virus definitions more sophisticated than the ones offered with free protection systems but that's a total different scenario.
Then again there could be scenarios where a free may fail and premium may succeed or the other way around.

Basically what I'm saying is, I think ... premium/free ones stand very close to each other really ... the difference isn't that much but it depends on user and their needs.


My System SpecsSystem Spec
.
31 May 2015   #22
MoxieMomma

OEM Windows 7 Ult (x64) SP1
 
 

Hi:

Quote:
atleast not in my case and yes I used to have MBAR premium
Perhaps that is a typo? (There are a lot of alphabet-soup software products from Malwarebytes with similar names and abbreviations.)
Alas, there is no such thing as MBAR Premium.
MBAR is Malwarebytes Anti-Rootkit beta -- this is a specialized, standalone, beta tool designed for use with expert guidance to help remove stubborn rootkits. Many of its capabilities have been built in to the current version of MBAM (Malwarebytes Anti-Malware).

If you "used to have MBAM Premium" and you purchased your license before March 2014 (or under certain promotions or from some online trusted partners after that date), then you would have a lifetime license with no expiration and no need for renewal and no further cost.
Perhaps you refer to the 14-day Trial version that is enabled by default during installation of MBAM?

I'm not here to argue or to endorse any particular product.
And I make no claim to being a security expert -- that's why I provided the links in my earlier reply here.

In any event, it's certainly your choice how to protect your system.

Cheers,
My System SpecsSystem Spec
31 May 2015   #23
GokAy

Windows 7 Ultimate x64 SP1
 
 

Regarding MBAM not finding some infections, it is already documented in MBAM support pages.

https://support.malwarebytes.org/cus...are-?b_id=6438

Short read.
My System SpecsSystem Spec
.

31 May 2015   #24
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

Quote   Quote: Originally Posted by MoxieMomma View Post
Hi, again:

Getting back to the OP's original question about protecting/immunizing a USB external hard drive, I spotted this authoritative, expert and detailed list of USB Protection tools over at bleepingcomputer.com -- the entire thread may also be valuable for you:

Is there a way to safely get data from SD and USB - Page 2 - General Security

Cheers,
I'm exactly on the original question.

When you do something that gets a computer infected the first step is to stop doing that which gets your computer infected.

Of course I would never plug something into someone else computer with out permission.
My System SpecsSystem Spec
31 May 2015   #25
gabe22

Windows 7 Home Premium, Version 6.1 (Build 7601: Service Pack 1)
 
 

@Layback Bear
I think you missed my answer .. please check: Immunizing portable HDD
It was an accident really ... or perhaps plain bad luck

@ MoxieMomma
My bad, thats a typo .. in mean malwarebytes
And I didn't mean to argue with you, sry if I gave that impression, I just thought to share my 2cents .. is all!

@ GokAy
I thought about it but then experts here helped me resolve the issue .. so I didn't contact their support.
My System SpecsSystem Spec
31 May 2015   #26
gabe22

Windows 7 Home Premium, Version 6.1 (Build 7601: Service Pack 1)
 
 

Here is the scan results:

Scan results
------------

HitmanPro_x64(one time scan trial version)
> It detected number of cookies from mozila,chrome etc browsers ... thats about it really.
# However I was unable unable to clean them as I installed hitmanpro years back when I had an infection issue .. so the trial is over.

Crystal Security 3.5.0.125
> No unsafe or suspicious objects detected
# This version doesn't have custom scan feature and also the user interface is rather different from the screenshot

Emsisoft Emergency Kit
> Ran a full system scan, it took over 3hours .. detected the following .. screenshot and scan report attached



# Should I removed them all?
# Also whats this " D:\Skypee\googleupdate.a3x " ... I checked the D drive which is the Portable HDD ... and no such directory exists there.


Comodo cleaning essentials

> Detected a few and deleted/fixed them


Also I installed Comodo IceDragon(based on mozila) and Dragon (based on chrome)

# It seems Drgon version loads a bit faster but other than that both version has
> Built in ad/cookie blocker
> Secure dns by comodo
> Virtual browsing

I'm wondering if Comodo browsers are better secured than normal browsers for example right now I have ... Mozilla latest with no script+ad block plus+minimal siteblock(to block specifc urls)

Also I disabled avast permanently and testing Comodo internet security+firewall free version ... will run a scan and post back results.

On another note, on my previous rootkit issue i have been told my experts here and also on Avast forums that it could be a drive by virus and today I read this article which stated avast can't detect driveby viruses that well ... while Comodo does it pretty good ... any thoughts on this?
My System SpecsSystem Spec
31 May 2015   #27
GokAy

Windows 7 Ultimate x64 SP1
 
 

Seems there are 2 screenshots posted but doesn't show. Screenshots and Files - Upload and Post in Seven Forums
My System SpecsSystem Spec
31 May 2015   #28
MoxieMomma

OEM Windows 7 Ult (x64) SP1
 
 

Hi:

Quote   Quote: Originally Posted by GokAy View Post
Regarding MBAM not finding some infections, it is already documented in MBAM support pages.

https://support.malwarebytes.org/cus...are-?b_id=6438

Short read.
Yes, of course.
I was not in any way claiming that MBAM was a substitute for an AV.
I don't think that was the OP's original question, as he seems to be quite clear that MBAM is not an AV.
(If you read my posts in this thread and any others here pertaining to MBAM, I'm always quite clear about that.)
That is why I supported in my earlier reply here the OP's statement that one needs a layered approach, with an AV PLUS an anti-malware (whether MBAM or another product), PLUS other measures.

If you choose to describe that as "not finding some infections", that's fine.
To be clear, MBAM does what it is designed to do, not what an AV is designed to do*.

MBAM specifically targets binaries that start with the first two characters being; MZ
They can be; EXE, CPL, SYS, DLL, SCR and OCX. Any of these files types can be renamed to be anything such as; TXT, JPG, CMD and BAT and they will still be targeted.

MBAM does not target certain file types.
For example, MBAM does not target script files. That means MBAM will not target; JS, PY, .HTML, VBS, VBE, .CLASS, SWF, SQL, BAT, CMD, PDF, PHP, etc.
It also does not target documents such as; PDF, DOC, DOCx, XLS, XLSx, PPT, PPS, ODF, etc.
It also does not target media files; MP3, WMV, JPG, GIF, etc.

Until MBAM v1.75, MBAM could not access files in archives. Version 1.75 added that capability, so it can now unarchive a Java Jar (which is a PKZip file), but it won't target the .CLASS files within. Same goes with CHM files (which is a PKZip file), but it doesn't target the HTML files within. MBAM (v1.75 and later versions) does specifically deal with: ZIP, RAR, 7z, CAB and MSI for archives, as well as self-Extracting ZIP, 7z, RAR and NSIS executables (aka; SFX files).

I'll leave it to all of you to debate the finer points of the "which AV is better" topic.

Hope this helps,

*Thanks to MBAM Forum Expert & Malware Researcher David H. Lipman for this detailed explanation.
My System SpecsSystem Spec
31 May 2015   #29
Callender

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 

Re: Your question on Comodo CIS free. Well actually I use it myself along with the firewall. Then on top of that a few other layers of security. What do I think of Comodo CIS? Well it doesn't get suggested much here as configuration can be tricky and if poorly configured it can lead to problems. According to the tests you linked it does provide 100% protection against zero day exploits but again - only if properly configured!

On another note: The auto sandbox feature in the latest verion will attach an ADS Stream to just about every file on your machine. I'm not comfortable with that so although I still use the sandbox feature I've disabled the ADS Streams.

See this: Comodo CIS ADS Stream Fix

Re: Comodo Secure DNS - I alternate between that and Norton SafeConnect DNS - if one service is having server issues I switch to the other.

Re: Firefox. I use a variant but use this addon - you might find it useful:

https://addons.mozilla.org/en-US/fir.../trafficlight/

Quote:
Real Time: TrafficLight scans the pages you visit for malware and phishing attempts each and every time you access them to avoid the threat of legitimate but recently compromised websites.

Precise: TrafficLight won't block an entire website if just some pages within are malicious. Only the potentially harmful elements are blocked, leaving you free to view the rest of the site if you so choose.

Unintrusive: TrafficLight does not add a toolbar to your already-cluttered browser interface. Its interface remains invisible until your input is needed or it's called up with a simple mouse gesture.

Search Results: TrafficLight flags malware and fraudulent websites in search results. It also detects suspicious links on your Facebook wall and Twitter feed, and blocks them.
My System SpecsSystem Spec
31 May 2015   #30
Callender

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 

Re: Emsisoft Emergency Kit
> Ran a full system scan, it took over 3hours .. detected the following .. screenshot and scan report attached

I can't see a sreenshot or report!

# Also whats this " D:\Skypee\googleupdate.a3x " ... I checked the D drive which is the Portable HDD ... and no such directory exists there.

That does look suspicious.

Note   Note
Infection Channel:

Downloaded from the Internet, Dropped by other malware, Propagates via removable drives


See: WORM_IPPEDO.B - Threat Encyclopedia - Trend Micro USA

Removal looks slightly tricky. In addition to the steps mentioned in the above link you could also try scanning with a Trend Micro product. Here's what I use on my own machine for occasional checks:

Trend Micro Anti-Treat Toolkit instructions and download links
My System SpecsSystem Spec
Reply

 Immunizing portable HDD




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Is a USB portable SSD viable?
I mean the speed that an SSD has is accessed through the SATA connexction, but having a portable SSD means using a ISB to connect, will the USB be a huge bottleneck, hugely slowing the transfere rate down?
Hardware & Devices
Are portable apps preferable, even for non-portable use ?
Some software publishers or authors offer both portable and installable versions of their products. (Kee Pass is one of them.) Is it advisable to systematically prefer the portable version, when running it from a fixed drive and not a thumb drive, according to the logic that if it's possible not...
Software
how to create a portable app?
I have an application that I want to make portable. It is free and I have. EXE for it. I also installed the PortableApps start and NSIS portable. I'm stuck in trying to create an application portable. I can not find any detailed instructions at all. I found bits and pieces here and there, but...
Virtualization
USB Win XP Portable
Has anybody make a successful Win XP Portable with a thumb drive? I have read many websites and "How To's" but to no avail... it is one of those things that I tell myself I must learn to do as it would make my life easier for those times when the computer has a virus or help a friend with a...
Installation & Setup
Immunizing Firefox with Spybot S&D
Since re-installing 7 ult x64 about two weeks ago (and, of course, along with it, all my applications), I've noticed that Spybot S&D no longer immunizes firefox (currently 3.6.2). When I update SS&D every Wednesday, and apply the new immunizations, it basically has to do all 13k of the items again...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 04:48.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App