Poll: **********The All New Official OcUK Anti-Virus Program Thread - KEEP ALL AV QUESTIONS IN HERE*******

What AV do you use the most?

  • Total voters
    1,941
Your first response to me is 'LOL' yet you seem to have an incredibly small understanding of malware and its prevention and removal.

Comodo on its own is fine, your problems started before you even installed it. Since Comodo runs a sandbox, and Defense+ with default deny, nothing can or will get past it even if there is no signature for a particular piece of malware, and even if it gets past the heuristics. That's what makes it so effective.

In your case you should either format the drive and start again (there's no need for secure erase or second drives), or take it to someone who knows what they're doing. If you're that worried about malware that you can't live without ten different scanners then maybe consider installing Linux when you reinstall your OS. ;)
 
Rainmaker said:
Since Comodo runs a sandbox, and Defense+ with default deny, nothing can or will get past it even if there is no signature for a particular piece of malware, and even if it gets past the heuristics. That's what makes it so effective.
Click to expand...

Except if the malware in question has a legitimate digital signature like what happened in that test you posted a few pages where two fake programs got past comodo because they had proper digital sigantures.
 
Rainmaker said:
Your first response to me is 'LOL' yet you seem to have an incredibly small understanding of malware and its prevention and removal.

Comodo on its own is fine, your problems started before you even installed it. Since Comodo runs a sandbox, and Defense+ with default deny, nothing can or will get past it even if there is no signature for a particular piece of malware, and even if it gets past the heuristics. That's what makes it so effective.

In your case you should either format the drive and start again (there's no need for secure erase or second drives), or take it to someone who knows what they're doing. If you're that worried about malware that you can't live without ten different scanners then maybe consider installing Linux when you reinstall your OS. ;)
Click to expand...

LOL again. My understanding is simple, I had a problem, I tried various programs to see how they dealt with it as it was proving troublesome. I had no idea Comodo was so superior as I had not had any problems for years and it seemed MSE and Avira with the odd Malawarebytes scan was enough.

Not found Comodo to be perfect, no scan during safe boot, and it did not get rid of the problem. Hitman Pro seemed to do the job, but yet, with Avir Guard Service off, and no Comodo I have just had an Avira pop up at 21.50 highlighting a TR/Crypt.XPACK.Gen2 in C:\Windows\Temp\CAV60E6.tmp and this is not showing with Malawarebytes. Ad-Aware and MSE have been running in the background and nothing has popped up.

After every above mentioned Anti Virus and malaware has shown my system to be clean up to the above incident, and GMER has reported no root kits or such and running sfc /scannow has shown no missing system files.

Anyway, you have told me nothing. As we can see someting is wrong, Comodo did not sort it, I did find some issues with Avast and Comodo it may seem regarding compatibility. I still see no single Anti Virus worth trusting solely on its own.

Take it to "somebody who knows what they are doing"? Who What Where Why?

So worried about Malware that I need ten different scanners? Eh what did you just wake up and have god tell you Comodo and it was so?

Install Linux? Been there seen it done it uninstalled it etc.

So you got any actual answers? Can you state what these CAV files are? Are they Comodo Conflicts? How is it getting into the system when nothing is running but this Forum page?
 
demonix said:
Except if the malware in question has a legitimate digital signature like what happened in that test you posted a few pages where two fake programs got past comodo because they had proper digital sigantures.
Click to expand...

Nobody said Comodo is perfect. I'm not trying to sell anything, it's a free product and I happen to have not found anything better even after spending hundreds of my own money on Kaspersky, NOD32, Avira, Avast etc. :) The difference in this case is that even with something that manges to slip through the first layer of defence (eg by having a digital signature), you have many other layers to fight malware with. Even in the case of a signed app, you simply need to go to Defense+ in the options, run the process manager and "terminate & block" the undesired process. That or just reboot as it should be in the sandbox anyway. It depends how you've set it up. Voilà, no more malware.

sastusbulbas said:
LOL again.
Click to expand...

For someone posting to ask advice, you're not half belligerent to those offering it. If you look at the screenies you posted, you have a single temp file being flagged by Avira as possible malware. That temp file actually appears to be a temporary install file from Comodo (CAV = Comodo Antivirus). Did you follow standard practice and run CCleaner to get rid of the temp files before you scanned? More to the point, this is yet another reason not to use several products together. Avira is well known for false positives and overly aggressive heuristics.

The rest are either false positives (eg Linpack/Burn Test), or are being kept captive by another AV (Avast temp store). That's why you were told not to run several AVs together, and that's why Comodo is chasing its tail. But what would I know? I've told you nothing so far. :D

Since you only seem to have managed to insult me and moan, and have ignored any and all advice I've tried to offer you, I'm out. If anyone else can be arsed to try to help you while you sit there loling and hurling random abuse, they can feel free. If not, have fun trying to fix something you clearly don't understand on your own. :\
 
Rainmaker said:
For someone posting to ask advice, you're not half belligerent to those offering it. If you look at the screenies you posted, you have a single temp file being flagged by Avira as possible malware. That temp file actually appears to be a temporary install file from Comodo (CAV = Comodo Antivirus). Did you follow standard practice and run CCleaner to get rid of the temp files before you scanned? More to the point, this is yet another reason not to use several products together. Avira is well known for false positives and overly aggressive heuristics.

The rest are either false positives (eg Linpack/Burn Test), or are being kept captive by another AV (Avast temp store). That's why you were told not to run several AVs together, and that's why Comodo is chasing its tail. But what would I know? I've told you nothing so far. :D

Since you only seem to have managed to insult me and moan, and have ignored any and all advice I've tried to offer you, I'm out. If anyone else can be arsed to try to help you while you sit there loling and hurling random abuse, they can feel free. If not, have fun trying to fix something you clearly don't understand on your own. :\
Click to expand...

Sorry but I felt you were belittling me and taking the ****.

I was not "running" several AV's together with ten different scanners, due to some paranoia but to see what I liked and what would find an infection and help get rid of it. Pretty sure I am not the only person to try installing/uninstalling a different AV suite or two or be in the situation I was in.

I initially had a Java exploit while using MSE and Avira, I may have made mistakes and felt I was getting told to try what I had already attempted, then it all went sideways with focus on false positives.

I made the mistake of posting in bad taste and putting LOL here and there. Well fair enough, your advice though is noted and not ignored. As we can see I have tried a lot of stuff out, and seem to be getting reports from various AV suites of a clean system. I still think a clean install may be a good thing (the homegroup issue is not related to the virus), just need to think of what AV suite I want to trust, no doubt whatever the choice another issue will pop up some day.

Guess I will watch the thread and see how things pan out for the most regarded security sollutions. At the moment I still have four items in my task bar which do not seem to conflict or highlight any system issues, probably don't need them all.

Rainmaker, my apologies.
 
sunderland said:
well nod is no angel it let through a trojan on my htpc but malwarebytes got rid of it,might try this MSE and see what it is like
Click to expand...

Did the same to me, let through a trojan wohich stopped all AV updating, used an updated version from another pc of Malwarebytes which found and removed it.
Shame as I liked NOD32.
Gonna go with Kaspersky (as a recommended by a ex-hacker) but Ive gaind a free version of Bullguard with my new laptop, dont know whether to risk it....
 
Forgive me if I'm being stupid, but in KIS 2010, can anyone explain what the benefits are of the Application Control, Proactive defense, Anti-spam and Anti-banner modules are? Are they really necessary? Aren't the other modules enough to prevent viruses, spyware and malware ending up on my computer?
 
For the first time (to my knowledge anyway), an account of mine has been compromised. Logged into gmail this morning and a little red banner directly above my inbox said "your account was accessed by someone from China". At first I thought "lol, yeah ok, like I'm going to click that". But it was genuine after looking in the recent activity log an unusual IP from China had access it around 16 hours ago.

Quickly changed my password, but it doesn't seem like any damage has been done. Nothing deleted or in my sent box, no forwarding. Phoned my partner and she hasn't received any spam from me. Still hundreds of unread emails as I use Opera's client.

So, how did the buggers get in? I don't share my passwords or click on dodgy links. Virus maybe? Going to run a full Avast scan when I get back from work.

Anything else you guys think I should try running / doin other than Malwarebytes and Combofix?

Vista 64
Avast
Spybot search & destroy
 
Do you use any script/adblocking in Opera? it could be a dodgy website (or even genuine but with dodgy ads) has pulled data off your machine via a browser exploit somehow.

Run Malwarebytes and Spybot as well as AVAST because each will find things that the other won't.
 
I prefer Avast, AVG is way more popular though. 3 things I like about Avast are, 1: It is pretty light on memory/cpu usage, 2: It has a pirate language option :D 3: It actually catches stuff before they cause havoc.

Compared with AVG, which has many little processes running and seems to nag you about their other products. It is also often installed on my customers PC's which are loaded with viruses, malware and rootkits...not impressed.

edit: Yup, there is a thread for these kinda threads!!!
 
Last edited:
ah thanks for the replies guys! and apologies for missing that thread, i have thought about mse, but its for a friend and he doesnt like paying for his OS, i dont think mse would work in that situation?
 
Last edited:
theron said:
ah thanks for the replies guys! and apologies for missing that thread, i have thought about mse, but its for a friend and he doesnt like paying for his OS, i dont think mse would work in that situation?
Click to expand...

Well, I don't think many of us actually like paying for Windows. ;)

MSE requires the whole validation thing, so yeah, it probably won't work for him.
 
Definitely a legit part of gmail.

Ran Avast and Malwarebytes which have came up with nothing, apart from 1 confirmed false positive. Couldn't get Combofix to run as it doesn't like 64bit OS though :(.

Any other decent AV apps I should run?
 
Last edited:
You must log in or register to reply here.
Back
Top Bottom