• Content count

  • Joined

  • Last visited

About Night_Raven

  • Rank
    Advanced Member

Contact Methods

  • ICQ
  1. I beg to differ. It doesn't look in every nook and cranny. I've always been the opinion that uninstallers are very situational: one may want to try them if an uninstallation has failed or was incomplete and one needs to find the remains and clean them manually. In that situation an uninstaller might come in handy. However, for everyday use I find these uninstallers to be useless. Uninstallers use one of two methods: 1) they launch the original uninstallation and after that scan for leftovers or 2) the new application is installed through the uninstaller so that it can record what files/folder and registry keys/values are created, so that the uninstallation can be much more complete. The first method is a lot simpler and is present in every uninstaller. The second method is more advanced so only few uninstallers have it, and those are the paid ones. Both methods have downsides. The first method is limited to scanning those folders and registry locations that the author deems necessary. Also, the uninstaller uses the program's name as a search string. However, if the program hasn't used its name to create its folders and registry entries, but instead has used the company name (for example), then the uninstaller would fail to spot and clean them. Also, the first method can't restore changed or deleted registry values, it can only find added entries. So, this method is not a very good one to completely clean an installation and it relies a lot on the application's own uninstallation to do most of the work. However, if the original uninstallation does the job well, then additional steps are unnecessary. The second method is generally more reliable but could also backfire. Some applications may add files and/or registry entries during installation but may intentionally not remove them during uninstallation. The application's uninstaller might be programmed to leave certain things on the system. If the user is using an uninstaller with the second method, then the uninstaller will not know to leave those files/registry entries behind. Depending on the situation the consequences may vary from none to very nasty. I'll give an example. I have made a specific codec pack based on my needs. When installed on Windows XP it replaces the existing MP3 decoder with a newer version, but doesn't remove it during uninstallation because then the system would be left without an MP3 decoder, and it also doesn't restore the old decoder because the newer one is better. It acts like a patch/update. However, a 3rd party uninstaller (like Revo) using the second method will see the file being replaced and will remove it during uninstallation, leaving the system without a DirectShow MP3 decoder. In other words: the author of a given application (should) know(s) how to clean after its creation, which files/registry entries to remove, which to leave behind, etc. Still, if an uninstaller gives you a warm fuzzy feeling, then use it, but to my experience they are not nearly as effective as the vendors and many users make them out to be.
  2. exile360, you get a thumbs-up for your wallpaper (Beast Wars was most definitely the best Transformers cartoon of all, loved it) and another thumbs-up for the taskbar color (I have a VERY soft spot for dark blue). OK... Here's my desktop. I've shown my tray icons because normally they are hidden. As you can see I like simplicity, and I hate desktop icons. And I mean that I haven't removed the icons for the screenshot, but that I generally have no icons. The wallpaper is my own design, based on another wallpaper.
  3. I apologize for my delayed response. I had forgotten to check this topic. Yes, the FP has been fixed.
  4. Some files of a Samsung' PC Studio v3 suite are being detected as 'Worm'Koobface' by MBAM's resident module and on-demand scanner. Definitions are the latest - 3101. Files have been archived and attached to the post. VirusTotal reports are all 0/41: SMSMoveD500 SMSMoveD500.exe SMSMoveZ510 SPCS_FP.rar
  5. One more thing. MBAM's protection module sometimes crashes after it detects something and I click 'Ignore'. Haven't tried clicking another button so I don't know how it would react to that. It says MBAM's service terminated unexpectedly. After I launch MBAM's scanner and try to re-activate the protection module it says the service can't be created. A reboot is required to get the PM running again. I can provide screenshots if needed. Edit: OK, it just crashed again when I tried to launch Update Notifier.
  6. Rebooted but to no avail. MBAM's real-time protection still thinks those files are evil.
  7. Updated rules to version 3050. Problem remains on my system (Windows XP SP3), the files are still being detected by the real-time scanner.
  8. Confirmed on a Windows XP system as well. MBAM's real-time protection detects them as 'Trojan.FakeAlert'.
  9. So a bunch of not very reliable antivirus programs classify it as some generic or unknown threat. Big deal. Frankly, for example I don't even look at what a-squared and Ikarus detect because they produce so many false positives. What I look at in any VT scan result page are the current top antivirus products: KAV, NOD32, AntiVir and avast!. The rest mean little to me. B) Just for the heck of it I unpacked Wc3Assistant.exe to wc3.exe with UPX (was too lazy to type something longer for an output file) and uploaded it for another scan. Here's what VT showed me:
  10. I apologize. I forgot to say it's the real-time protection that detects this as a Trojan.Downloader. The on-demand scanner doesn't. MBAM rules are the latest (3044).
  11. Wc3Assistant is detected as Trojan.Downloader. Website is in german but the download link should be fairly obvious.
  12. Not really. GeSWall is a policy based sandbox with some virtualisation thrown in. Its job is to run certain applications in an isolated environment so that they can't do any (or at least very little) harm if they get compromised (like a drive-by download for example) somehow. Programs that (should) be run isolated are basically all internet programs: browsers, FTP clients, messengers, IRC clients, P2P clients, etc. Other areas that can be isolated are other entry points: LAN, optical drives and USB drives. I'm not certain which of these are isolated by default, if any. If they aren't, they could be with a little additional tweaking. WinPatrol on the other hand checks important system areas (startups, services, ActiveX applets, hidden files, etc.) at specified time intervals and alerts the user if any changes are detected. GeSWall is an infection prevention tool, whereas WinPatrol is more of a system utility monitor/malware cleaner assistant. I haven't used them together myself but there is absolutely no reason for them to not like each other. Again, I haven't used these programs together but there should be no conflicts with any of the programs you mentioned. It should be noted however that CIS's Defense+ kind of makes WinPatrol redundant. With D+ you have control over so many things that something can hardly slip by it so it could be detected by WinPatrol afterwards. Actually only Avira AntiVir Personal is actually an antivirus program. The rest are not. You should be able to run all of them since there shouldn't any overlapping functions. Avira AntiVir, as already mentioned, is an antivirus program. Comodo Internet Security covers the firewall and HIPS department. Windows Defender is antimalware in general. WinPatrol Free is a system checker. SpywareBlaster is basically an immunization software. MBAM and SAS are antimalware programs but since they are used as on-demand only they shouldn't interfere with Windows Defender. Adding it is most certainly a good idea. It's not critically important or anything but it's a nice addition in general. However I wouldn't leave it monitoring all the time. I don't know how much resources it would require to do that but even if it's little and/or you have a powerful PC it's still not worth it. Unless you have quite a lot of programs installed it's quite unlikely that there would be updates often enough that would justify another resident program. I used to scan manually with Secunia PSI once every day for quite a while and haven't received an update/alert concerning 'insecure' software for a looong time. I just see no point in runing Secunia PSI all the time if I would get alerts a couple of times a month at the most. Not worth the extra resources, even if little of them are needed. Granted, my Start menu doesn't have 3 or more columns of installed software but still... Anyway, try it and decide for yourself. It's not like it takes hours to install/uninstall, or requires reboots, or something.
  13. Sites like and are hosted on this IP/server and are perfectly legit.
  14. More details and options? Actually I find Outpost Firewall Free to be a very solid product all around. While it doesn't shine at leaktests like Online Armor and Comodo Internet Security for example, it is still a more than enough for a really good protection. Its interface is in my opinion one of the best there is - no fluff and shiny colors, yet very well structured and intuitive. I myself love it and would actually be using the program if it weren't for its resource hunger. While I do have a rather old computer, I still think that software can be powerful and light at the same time. To prove me right there are Comodo Internet Security, Malware Defender (a classical HIPS software) and Privatefirewall. These are all very good products and they are much lighter on my old 'box'.
  15. This is something I would like to be addressed as well. This data is rather sensitive and should not be displayed like that on the About tab. That way any person can see it.