Ok boredog, what's the advice you have on this one? Have you tested it at all? Felt it only right someone post a reply to new Topic Title. There's something to be said for users who tried and like it but it also sends a message with their silence
Hi EASTER This new version still detects the same Marcuim Reflect file I am going to run it again and post all the stuff it found on my computer. Running all versions seems to take quit awhile on my system. I downloaded the portable version.
Thanks boredog. That's how I am about those programs. If it is a portable all the better. Look forward to your details later.
Ran it again left to do some errands and computer had rebooted. Just ran again so I could watch and here is the detections. ¤¤¤ Registry : 6 ¤¤¤ [PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-3438962753-3298352509-1694371991-1001\Software\AppDataLow\Software\adawarebp -> Found [PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-3438962753-3298352509-1694371991-1001\Software\AppDataLow\Software\adawarebp -> Found [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{d3199732-475b-42df-be3b-f420052d1fc3} | NameServer : 10.4.0.1 ([]) -> Found [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{d3199732-475b-42df-be3b-f420052d1fc3} | DhcpNameServer : 10.4.0.1 ([]) -> Found [PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-3438962753-3298352509-1694371991-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> Found [PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-3438962753-3298352509-1694371991-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> Found ¤¤¤ Tasks : 0 ¤¤¤ ¤¤¤ Files : 1 ¤¤¤ [PUP.AutoIt.Gen][File] C:\Program Files\Macrium\Reflect\reflectbin.exe -> Found
PuP? LoL I always wondered why some scanner apps don't first run through an updated list of commonly known and accepted programs like this.
That is why I ran it in Shadow mode. Might try contacting them about this marcuim one. EDIT: sent message to them.
This is the reply I got from support. "RogueKiller detects Macrium Reflect executanle because it was written using the AutoIt scripting language and packed with UPX. Since malware writers often use thoses, we hardened the detection of such packers and flagged them as PUP (Potentially Unwanted Program)."
You can't really compare them because RogueKiller scan for all type of malware and AdwCleaner is mainly for PUPS/PUMS. For PUPS/PUMS adwcleaner is a lot more powerful but it is definitions based and can miss something. RogueKiller uses definitions as well but it have a generic engine too (it can scan the malware loading points and can detect new threats even without definitions but it can give some false positives as well - it is up to the user to decide how to proceed - to delete the entries found or not and this make the tool for experienced users only). If you are confident while using RogueKiller then you can keep both tools, otherwise stick to AdwCleaner.
