MAB or SAS or Both?

Discussion in 'other anti-malware software' started by mrm3601, Jan 30, 2010.

Thread Status:
Not open for further replies.
  1. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    The TDL3 rootkit is created by very professional malware authors who clearly know what they are doing. IMO it is currently one of the most sophisticated rootkits actively spreading.

    We can only assume they will update their armor to prevent its removal. So if they release a new variant, we most likely need to update Hitman Pro to accommodate.

    Also note that most AVs have signatures/heuristics for most parts (files) of the TDL3, but they all fail to find the parts on an infected system. This as the rootkit is doing a pretty good job to stay undetected. Hence, signatures/heuristics are useless if you can't find the file to run them on.

    See also this post.
     
  2. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    thanks erik very clear explanation;)
     
  3. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    TDL updated to 3.241
     
  4. YanK33

    YanK33 Registered Member

    Joined:
    Jan 30, 2010
    Posts:
    195
    people need to be least freak about security, 3 or 4 softwares to do the same is not better security, security means knowing where you browse and what you do in the net no need to me an install uninstall freaky guy lol enjoy the web and leave you hard drive free for your stuff no for 100 security softwares lol
     
  5. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    10,239
    Location:
    Lloegyr
    I have run SUPERAntiSpyware as an on-demand scanner for about 18 months. It once found a trojan I had picked up on a Russian newspaper website that Spybot & Norton missed (neither of which I use any more). I will almost certainly use the vendor (realtime) version for my next computer. I ran MBAM (freeware) for nearly a year, & although I am sure it is very good, after about half a dozen false-positives which could have been potentially damaging & problems with the download mirrors I decided to uninstall it.
     
  6. kmr1685

    kmr1685 Registered Member

    Joined:
    Aug 22, 2009
    Posts:
    62
    hi people sorry to say this but every pc user on this world must have their black day (i.e. affected by some unknown nasties, some security software will find it, but could not remove it entirely). then only option is to reinstall os again, or install the good backup image of the hdd. so point is no security software gives you 100% protection now a days, the greatest security is only common sense. :) :p
     
  7. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    10,239
    Location:
    Lloegyr
    Yes, I agree! Brain.exe is certainly the best form of defence. :thumb:
     
  8. Threedog

    Threedog Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    1,125
    Location:
    Nova Scotia, Canada
    I couldn't agree more. :thumb:
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.