Need a no-bullshit antivirus/trojan/malware scanner

[Nash]

I am usually VERY careful with this stuff but recently I think I may have done something to compromise my system, I need recommendations for a straight-to-the-point, no BS solution that can detect any of the rubbish on my system... help please.

[Caligari87]

In my understanding, MalwareBytes was and still is a very thorough and respected solution, though it may not get everything. I'd say run that first then see if you're still having problems. Some of the more insidious stuff may need dedicated removal tools.

[SHayden]

Since you're talking about it can someone tell me a good antivirus or something, I'm using avast but I feel like it munches on my computer's resources almost like chrome and sometimes it kicks in and my game drops from 60 fps to 40-45 and it pisses me the hell out.

[Solid-Head]

What did you install exactly before the problems start happening ?

Try using Ccleaner and check what is on Startup. Disable any entry that look suspicious and start deleting the malware manually (Don't forget in Regedit too).

There is no good antivrus. Nod32 and Kaspersky are good but use way too much ressources and leave atrocious mess in your files and registry after desintallation.

[Rachael]

It might be a brand new variant of the Pantera trojan that was dropped with a Powershell-scripted trojan.

There's not enough analysis done on this variant yet because it *just* appeared. But it uses an obfuscated powershell script to spawn an .exe file that is Base-64 encoded inside the script.

Since the file was submitted to VirusTotal though - that means all anti-malware authors will be receiving a sample of this one, and hopefully it means that detections will be written by tonight and we might get some documentation on what it does.

[Nash]

Yes, I've ran this through with Rachael privately and it appears she's had some of it figured out. This is VERY new, literally almost no results on Google.

[NeuralStunner]

I've had good results in the past with Norman malware cleaner. Also a neat choice because it obfuscates itself to work around malware that blocks antivirus webpages and executables.

[Reactor]

Spybot Search & Destroy can also be a viable option. It helped meg countless times, and it is very capable of annihilatin' lots of unwanted visitors. Its "immunization" feature is also a very effective one to say the least.
And the best of all - it is free! I'd say give it a try.

[R4L]

Definitely recommend MalwareBytes and the sister app Adwcleaner. If it is really persistent, HijackThis and ComboFix usually work with a little know-how. Clam-Win is a viable A/V as well.

[Rachael]

None of those work to detect it yet. I just reanalyzed the file, and it's still fairly unknown.

https://www.virustotal.com/#/file/8ddf4 ... /detection

[R4L]

None of those work to detect it yet. I just reanalyzed the file, and it's still fairly unknown.

https://www.virustotal.com/#/file/8ddf4 ... /detection

Ah, I missed Nash's second post. Didn't realize it was new-new. Still, MalwareBytes should have a definition for it soon especially with the payload uploaded.

[Rachael]

Yeah, it's really a question of how often AV vendors check VirusTotal. Apparently it seems, not very often.

[Nash]

In the end, I just decided to format because I didn't want to take any chances. Oh well.

[Rachael]

This is a really good demonstration of the true threat of malware:

No matter how careful you are, no matter how many virus scanners you have, no matter how good you think your virus scanner is - all the virus scanners in the world are not going to protect you when something new comes out. Does that mean it's useless to have one? Of course not. But it's by no means a substitute for practicing "safe internetting". And backing up your shit frequently.

The first time this file got scanned, it came up with about 12 vague positives, mostly obtained through heuristics. Now - detection is a lot more robust. But it's still not perfect - many scanners are not processing this file properly.

https://www.virustotal.com/#/file-analy ... E5NTc5Mg==

Anyway - I hope you all learned something. It's a dangerous world out there - always stay safe!

[kb1]

This is a really good demonstration of the true threat of malware:

No matter how careful you are, no matter how many virus scanners you have, no matter how good you think your virus scanner is - all the virus scanners in the world are not going to protect you when something new comes out.

My method protects me pretty much 100%, but it's not for everyone:
1. Don't connect your main PC to any network connected to the internet.
2. Scan your files on your internet network, for a few weeks, to give the major AV vendors time enough to detect and create signatures for the latest malware.