Good second opinion scanner to try?

Discussion in 'other anti-virus software' started by nine9s, Jun 25, 2014.

Thread Status:
Not open for further replies.
  1. nine9s

    nine9s Registered Member

    Joined:
    Feb 8, 2013
    Posts:
    265
    Location:
    USA
    I use Emsisoft Anti-malware as my main security. I used to use Malwarebytes free as a secondary scanner. Today, the new update was forced on me. I tried it, but it kept crashing, so I uninstalled it.

    What I seek:

    1) On demand (does not run unless I start it and scan with it.)
    2) Gives me control of settings (not low user-control like on Kaspersky Security scan.)
    3) Works well and is good compliment to Emsisoft's scanning.
    4) Reliable (does not cause problems or hang like the new Malwarebytes.)

    Basically, I want one that like the old Malwarebytes did.

    Any recommendations?
     
    Last edited: Jun 25, 2014
  2. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,081
  3. GakunGak

    GakunGak Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    953
  4. nine9s

    nine9s Registered Member

    Joined:
    Feb 8, 2013
    Posts:
    265
    Location:
    USA
    Thanks, Is Hitman Pro problematic? I was always leery because it had so many engines. Seems it would be more susceptible to problems or false positives with so many engines?
     
  5. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    974
    If you still want to continue using Malwarebytes 1.75 and not be offered the new program update to
    (MBAM 2.0) then go into MBAM 1.75 GUI > Settings > Updater Settings > uncheck the top 2 boxes.

    Support for Malwarebytes Anti-Malware 1.75 will continue until March 2015.

    Check Wilders post thread: Malwarebytes Anti-Malware 2 released [page 28]
     
  6. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,081
    HitmanPro uses only Kaspersky and Bitdefender detections and is not problematic. Herdprotect, OTOH uses 68 engines and can give you false positives.
     
  7. guest

    guest Guest

    HitmanPro compares scanned files against its in-house behavioral analysis (I am sure it means heuristic) engine first, then when a file is considered as suspicious based on the behavioral analysis result, it will get uploaded to the cloud to be checked by multiple AV engines' database. So how many engines HMP uses shouldn't be relevant.
     
  8. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    I too would say that you can stay with MBAM 1.75 for a while longer if you have issues with MBAM V2.
     
  9. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    830
    Location:
    UK
    Yes stick with mbam 1.75

    I also use hitmanpro.

    Problems?
    Maybe you are thinking of the Early warning scanner?
    Just needs attention after the first scan
     
  10. nine9s

    nine9s Registered Member

    Joined:
    Feb 8, 2013
    Posts:
    265
    Location:
    USA
    Is Avira free scanner reliable and good detection (same as reviewed Avira packages)?
     
  11. guest

    guest Guest

    JFYI, HMP doesn't scan inside directories in custom/right-click scan mode.
     
  12. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,081
    Since it is using 100 MB of definitions files, I believe it has similar detection as Avira without real-time protection.
     
  13. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    1- Hitman Pro
    2- VirusTotal

    NOTE: MBAM's on-demand scans are dreadfully slow on my computer. Your mileage may differ.
     
  14. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
  15. GakunGak

    GakunGak Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    953
    And has it's own http://www.herdprotect.com/engines_herdprotect.aspx
    And it uses additional measures to hide false positives as much as possible.
    Hint: Settings>Settings and Options>Hide possible false positive detections.
    Tho false positives DO happen from time to time [much less than from a full blown av], it is better to double check each and every one and what engines detected what.
    Also additional analysis is available on check files and processes.
     
  16. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,081
    "Much less than from a full blown av"? That is not my experience, quite the opposite. My experience is that when you use many AV engines to scan files, the chances of false positives are much higher than when scanning only with one full blown AV. I got 0 FP from full blown ESET in last few years. OTOH quite a lot FPs with Virustotal or Herdprotect.
     
  17. GakunGak

    GakunGak Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    953
    My experience, was Norton and McAfee, but then again, no one can "test" all products out there in such a short time.
    This thing is nicely evolving, adding new features with each released beta version, but even now it is usable most of the time. Some hardened malware it will be unable to remove, but most low-grade is OK.
    Herd is already on it to minimize false positives as much as possible, I suspect either it will be with cloud hash database, or client/cloud realtime behaviour analysis on the spot. They will pretty much have to, if they would like to go into real-time protection as scheduled. What I like the most, it detects adware/toolbars/crapware, which makes it easy to remove.
     
  18. HKEY1952

    HKEY1952 Registered Member

    Joined:
    Jul 22, 2009
    Posts:
    648
    Location:
    HKEY/SECURITY/ (value not set)
    Try Microsoft Safety Scanner:
    http://www.microsoft.com/security/scanner/en-us/default.aspx

    Do not download it, just run it.....in other words click Run, then Run.

    By running The Microsoft Safety Scanner, instesd of downloading it, the scanners executable is then automatically
    stored and automatically executed from the Temporary Internet Files folder. Deleting the Temporary Internet Files,
    deletes the executable. No need to wory about the ten day expiration or concern about where the download was saved.

    If one chooses to download the Microsoft Safety Scanner instead, the executable expires ten days after downloading.

    To run an scan after ten days, one must download the executable again, overwriting the expired one.

    Also, the Norton Power Eraser mentioned in Post #3 is excellent:
    https://security.symantec.com/nbrt/npe.aspx

    When the Norton Power Eraser executable is executed by the user, it automatically checks for newer versions and
    signatures before running the scan. It also features scanning the system for Rootkits. (requires reboot of system)

    NOTE: Both scanners do not require any installation, simply double click the executable.



    HKEY1952


    EDIT: hyperlinks
     
  19. GakunGak

    GakunGak Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    953
  20. iTrendsNET

    iTrendsNET Registered Member

    Joined:
    Aug 6, 2008
    Posts:
    93
    When I am in the final stages of the cleanup of a clients infected machine I always use the excellent ESETfree online scanner, setting it to do a deep scan to check for root kits and to delete anything it finds. I've never run into any problems.
     
  21. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    974

    I have used ESET Online Scanner occasionally for scanning. I enable
    detection of potentially unwanted applications & click on advanced settings for more options.
    There also is a check option to uninstall after scan completion which leaves some
    files and reg keys behind.

    NOTE: For some reason the scan indicator bar showing scan in progress seems to
    jump from around 19% to 80% in very short amount of time. It seems like it's skipping many
    files even though I have it set to scan all local drives.
     
  22. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,081
    That's a known "problem" with ESET's scan process indicator. When I scan my system (C drive) with ESET online scanner it scans for around 5 minutes. After 2 minutes it comes to 99% then it scans the remaining "1%" (WinSxS folder) for whole 3 minutes. Percentage shown does not represent realistic scan status neither by data size, number of files or time used in scan process. You should take the percentage shown with a grain of salt.
     
  23. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    974
    Thanks hqsec. Noticed also with Emsisoft Emergency Kit scan process indicator slowed at around 60% then sped up
    at around 80% till reaching scan end. I'm hoping these scanners are actually scanning what they claim by the time
    indicated and number of files scanned. (not going by % shown as you mentioned)
    ESET if I recall correctly took less than 10 min. to scan all local drives and EEK set to "Deep Scan" took about 16 min.
    It's seems hard to believe you can scan that many files on local hard drives in these amount of times.
     
  24. GakunGak

    GakunGak Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    953
    May I suggest killing all background apps [best via HitmanPro holding CTRL], then via Task manager [CRTL+ALT+DEL, not starting explorer.exe, if not killed, kill it], then manually start ESET scanner. That should complete it in full. If not, try in Safe Mode with Networking and then run scan.
     
  25. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    974
    Tried your advice excluding HitmanPro. Stopped explorer.exe from running via Task Manager & manually started
    ESET Online Scanner. Checked same settings as before. Scan finished in under 9 min. Pretty much same results as
    before. Didn't try Safe Mode with Networking. Thanks for advice.
     
Loading...
Thread Status:
Not open for further replies.