Anti-Virus for 64-bit

[Kursah]

I use Avast 5.0 Home (Free Version) and Malwarebytes (free version for now). So far I've had very few issues, and what I have had was immediately detected and taken care of without issue or complications.

I'm actually considering purchasing Malwarebytes for the pure fact it works so damn well, and adding an active scanner and a one time $25 fee for an unlocked product is kind of interesting. Though since going to x64 I've experienced a massive drop in malware anyways...though I don't expect that to last.

Has anyone purchased the full version of malwarebytes and had experience with the active scanner? The price is nice in an arena full of much more expensive products, some with yearly leases and what-not...and considering how well it works for free I'm almost willing to buy it just to donate some cash their way to continue improving the product.

 

[Steevo]

Ultimate lockdown for me was with Comodo, however it is annoying as fuck for about two months as it learns what is and is not threats.

Avast is good, but their new UI sucks, I cannot find my URL blocker anymore.

AVG is a good all around free antivirus-antimalware I have never had a problem with it except in the most hardcore of stupid users.


MSE works and keeps to itself and occasionally refuses to update, or doesn't finish a update correctly, it has caught all the crap that my idiots have found. Haven't tried it with the hardcore idiots, almost scared to.

 

[TotalChaos]

as i didn't read each and every post the one thing I would also mention is to make sure System restore is turned off before cleaning otherwise all the previous restore points that are on your rig are likely infected as well

 

[GSquadron]

@ _JP_
I have downloaded a trial of the kaspersky, but that is not for 64-bit
Now i am ok, so i don't need any anti-virus programs.
Most of, i have always used my 64 bit windows xp without any anti-virus programs!
So my rig was very likely to be hit...

 

[95Viper]

Run a scan from a rescue disk or usb stick.

Kaspersky Rescue Disk 10

Download here:Kaspersky Rescue Disk 10 download

Run this, too:Kaspersky Virus Removal
Tool 2010
Download here:Kaspersky Virus Removal Tool 2010 download

Run HijackThis and post the log, maybe you can be helped.

 

[GSquadron]

I am SAVED man, so i don't need anymore help. Anyway thanks to all who suggest further, in order to help not only me, but all who need it!

 

[_JP_]

@ _JP_
I have downloaded a trial of the kaspersky, but that is not for 64-bit

I think I mentioned ESET Smart Security, not Kaspersky.

But it's good to know that your problems are over.

 

[Perseid]

ComboFix to fix the current problem(but it's not a virus scanner).

As long as Windows actually boots up, you NEVER need to reformat and reinstall. There's always a way.

 

[qubit]

As long as Windows actually boots up, you NEVER need to reformat and reinstall. There's always a way.

Unfortunately, that's just not true.

So many people make the mistake of thinking they can "clean" the PC of it. Malware is stealthy by nature and will try every trick in the book to stay on your computer, especially by using those nasty rootkits, which are nearly impossible to detect and remove, regardless of all the big claims by a/v vendors: they only have to miss one. Just one. And you'll never know. This leads to the following situation:

If the PC shows signs of malware, then you definitely have an infection.

If it doesn't and you're running a hardware firewall (built-in router one will do) Windows has been clean installed (not an upgrade install) you've patched Windows and apps with all security updates, are running decent internet security software and don't put the PC in harm's way (run dodgy attachments etc) then you're most likely to be ok. No guarantees over time, unfortunately.

Here's the crux of the matter:

If Windows had an infection and you've "cleaned" it, you have no way to know if it's truly gone, however squeaky clean all the anti-malware programs think it is. You also have no way of knowing what other malware is on there. This is because the chance of the malware hiding from your a/v program is very high. You also don't know what other changes it's made to your system files to leave your PC vulnerable and/or still infected. On top of that, once you get one infection, they tend to attract lots of others, like flies to shit.

Because of this, the only guaranteed way to get rid of the infection, is to format the HD - all of it, regardless of how many partitions it has, with a boot disc of some kind (Windows setup disc and a quick format of each partition will do) and reinstall Windows from scratch. Any other action leaves you with a huge chance of missing some malware and/or leaving the PC vulnerable due to corrupted system files and Registry settings.

Remember, when it comes to security, it pays to be a little paranoid.

Finally, make sure you have a backup of all your data before erasing anything!

As it says in my siggy, I'm an IT professional (don't take the joke advice in the siggy though, lol ). I'm giving everyone here good free advice that maximises your chances of having a PC free of malware. Do yourselves a favour and take it.

Any questions and feedback welcome.

 

[Radical_Edward]

qubit speaks truth, even if you remove the malware, virus, etc. It can still leave open the same back doors it was feeding info through. Thus leaving you open to the same attacks or worse.

A fresh install is the only way to know you are virus/malware free.

 

[wiak]

Eset + MalwareBytes Anti-Malware + My Brain = Win!

 

[Mussels]

@ _JP_
I have downloaded a trial of the kaspersky, but that is not for 64-bit
Now i am ok, so i don't need any anti-virus programs.
Most of, i have always used my 64 bit windows xp without any anti-virus programs!
So my rig was very likely to be hit...

what? why does it need to be x64? 32 bit AV has no limitations to an x64 one.


qubits message can be summed up much shorter:

Removing a virus/malware doesnt mean you've removed all the debris, or cleaned up all the damage. SInce that stuff is never normally going to go bad, there is no easy way to fix it - so format.

 

[de.das.dude]

I know that method, but i didnt use it, cuz the virus is still in your computer and there are some viruses who are "active" of which after dead they never appear again, like humans.
But there are some ADVANCEMENTS in "viruso-technology" that after killing them, they have left the babies to other files... So better not to risk it. Who makes the viruses knows for sure this method
When i worked as an operator an informatics engineer told me that
And still i am having ANOTHER PROBLEM with the thumbnails!!!
The names of the photos do not appear T_T
I know this is another kind of virus

use something called, USBantivirus its got a wonderful windows repair tool with it which actually works.

 

[GSquadron]

@mussels
Not that it doesn't work with 64-bit windows.
It only says a newer version of windows is needed for installation to continue!

 

[95Viper]

@mussels
Not that it doesn't work with 64-bit windows.
It only says a newer version of windows is needed for installation to continue!

Hmmm, you must have XP sevice pack 2 or higher to use it... guessing you don't?

 

[GSquadron]

I have service pack 1
Anyway not a problem for now....

 

[qubit]

I have service pack 1
Anyway not a problem for now....

You should install SP3 on it. No reason not to in this day and age.

 

[twilyth]

I use Avira and Malwarebytes (paid version, with auto-scan). I tend to prefer AV's that use heuristics in addition to standard signature searches. Avira does. I don't know about any of the names mentioned here. I can say that I wouldn't even consider Norton/Symantec or McAfee.

 

[qubit]

I use Avira and Malwarebytes (paid version, with auto-scan). I tend to prefer AV's that use heuristics in addition to standard signature searches. Avira does. I don't know about any of the names mentioned here. I can say that I wouldn't even consider Norton/Symantec or McAfee.

I can tell you that the latest Norton 2010 has been improved beyond all recognition. I've read a lot of comments about, so decided to try the one that came on the front of a computer magazine a while back. Malware updates can even come every few seconds now which is fantastic and it's no longer a resource hog. It really is a good product now and I can recommend it.

The version I've got has 6 months of updates.

I'm still using Kaspersky though, as I prefer that and I get it for free with my bank account.

McAfee's still crap though.

 

[tianhui]

+1 to ESET

now i use free Avira Anti-Vir and just downloaded malwarebytes anti malware

 

[FreedomEclipse]

McAfee's still crap though.

from my understanding, its always been crap. back in 2001 I done a presentation about anti-virus/firewall software for college & McAfee was one of the packages i reviewed. they havent improved at all. detection rate is still pants. your probably better at looking out for signs of viral infection yourself then havin McAfee on your system.

Ive used Eset - their quite good but not great.

as everyone has said Norton 2010 is quite a good one. myself, i prefer kaspersky. Ive been using them since 2005 n never looked back

 

[Steevo]

Unfortunately, that's just not true.

So many people make the mistake of thinking they can "clean" the PC of it. Malware is stealthy by nature and will try every trick in the book to stay on your computer, especially by using those nasty rootkits, which are nearly impossible to detect and remove, regardless of all the big claims by a/v vendors: they only have to miss one. Just one. And you'll never know. This leads to the following situation:

If the PC shows signs of malware, then you definitely have an infection.

If it doesn't and you're running a hardware firewall (built-in router one will do) Windows has been clean installed (not an upgrade install) you've patched Windows and apps with all security updates, are running decent internet security software and don't put the PC in harm's way (run dodgy attachments etc) then you're most likely to be ok. No guarantees over time, unfortunately.

Here's the crux of the matter:

If Windows had an infection and you've "cleaned" it, you have no way to know if it's truly gone, however squeaky clean all the anti-malware programs think it is. You also have no way of knowing what other malware is on there. This is because the chance of the malware hiding from your a/v program is very high. You also don't know what other changes it's made to your system files to leave your PC vulnerable and/or still infected. On top of that, once you get one infection, they tend to attract lots of others, like flies to shit.

Because of this, the only guaranteed way to get rid of the infection, is to format the HD - all of it, regardless of how many partitions it has, with a boot disc of some kind (Windows setup disc and a quick format of each partition will do) and reinstall Windows from scratch. Any other action leaves you with a huge chance of missing some malware and/or leaving the PC vulnerable due to corrupted system files and Registry settings.

Remember, when it comes to security, it pays to be a little paranoid.

Finally, make sure you have a backup of all your data before erasing anything!

As it says in my siggy, I'm an IT professional (don't take the joke advice in the siggy though, lol ). I'm giving everyone here good free advice that maximises your chances of having a PC free of malware. Do yourselves a favour and take it.

Any questions and feedback welcome.

I run a 2 stores worth of network PC's and 90% of the time there is no need to format and reinstall. I watch our networks inbound and outbound traffic, get reports, alerts and real time traffic.


What most users see as "scary" changes are the residual effects of a infection in system files. They are no longer infected, but the changes made to system files causes a change in the way windows works. For example a friend kept spreading a infection to his PC and his family as he kept reformatting but never cleaned his source and backups. He was having problems with steam and out of frustration he had me come over, a few minutes into a system file check and we found a few damaged files, replaced those and he was good to go.


Run a A/V client. Run Anti-malware. If you system still doesn't act right, or if you visit questionable sites then keep a clean slipstreamed disk and backup ready. But don't feel the need to reformat and reinstall for every little thing.

 

[qubit]

I run a 2 stores worth of network PC's and 90% of the time there is no need to format and reinstall. I watch our networks inbound and outbound traffic, get reports, alerts and real time traffic.


What most users see as "scary" changes are the residual effects of a infection in system files. They are no longer infected, but the changes made to system files causes a change in the way windows works. For example a friend kept spreading a infection to his PC and his family as he kept reformatting but never cleaned his source and backups. He was having problems with steam and out of frustration he had me come over, a few minutes into a system file check and we found a few damaged files, replaced those and he was good to go.


Run a A/V client. Run Anti-malware. If you system still doesn't act right, or if you visit questionable sites then keep a clean slipstreamed disk and backup ready. But don't feel the need to reformat and reinstall for every little thing.

It's nothing to do with "scary" changes. The only way to be 100% sure you've got rid of it and haven't left any back doors on your system is to reformat. Period.

People don't always understand this, which is why I explained it in detail.

Imagine if the system is acting normally and there's a keylogger hidden by a rootkit, sniffing your passwords and sending data very sparingly out over an encrypted link how are you gonna know? You'll have a hard enough time tracking it down if you do know it's there, let alone if you don't know.

It's an arms race, so with all your fancy technical knowhow and monitoring, these things can still get past you. It's enough to miss only one and you're in trouble. By all means maintain your scanning processes (the more the better) but once you find something, give yourself and your customers that peace of mind with a reformat.

You're right about scanning the sources and backups though. Just goes to show how sneaky this malware is.

Personally, I'd rather play it the safe way and guarantee that I've got rid of it. Keeping a system image on a write only medium like DVD is good for a known clean reference point.

 

[Steevo]

100% way for me is a hex editor in in live distro looking at the disk for changes at the mount point, jump, and load. If the rest of the windows files are OK and the disk passes a chkdsk, defrag and isolation test with me watching its traffic, its clean.


Even a DVD distro can contain a pre-boot time rootkit that inserts itself with a different landing sector to hide its own files, and with a few of NTFS weakpoints you could hide it in space supposedly occupied by metadata and the system would know nothing.


But by looking at it in its raw format, by using a scanner like the alternate streams scanner in hijack this, and a basic rootkit tool that looks through metadata and other files at RING0 level with a few latentcy checks you can determine if you are running in a partial VM, or being intercepted.


I can clean anything.

 

[qubit]

I can clean anything.

Even if you have the skills to look at things at this low level to tackle infections, you can't seriously give that out as advice for everyone to do this?

You are very confident in your abilities... I see a case of overconfidence here and I don't believe it's possible for any one person to outwit all of the world's malware writers all of the time.

The DVD will be 100% clean if you have a freshly formatted hard disc that has the OS installed and an image snapshot immediately made. How is malware gonna sneak in then?

No, it remains that my advice is the only sure way to clean malware off a PC: in short, don't tackle it, wipe it.