App Review ESET Online Scanner vs Malware

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
Content created by
cruelsister
I still use HMP myself. The creators themselves even stated that they focus on specific malware for their scanner so it's not wholly inclusive.

I don't use eset online scanner because I run eset but damn that's a horrid result. Goes to show how important are the deep OS hooks that online scanners can't get.

As a side note. Today I learned that Karen is an actual real language and not something entitled people speak when wanting to talk to the manager.
 
  • Like
Reactions: simmerskool, vtqhtr413 and Dave Russo
Stargazer_Steve said:
I still use Hitman Pro scanner occasionally, is that not reccomended these days?
Click to expand...
Just like Malwarebyes, HitManPro (or Sophos Scan&Clean) are horrible against non-exe types infections (Scriptors). Personally I find these to be a total waste of time to use.
 
  • Like
  • +Reputation
  • Thanks
Reactions: Nevi, brambedkar59, roger_m and 8 others
Xeno1234 said:
Very interested to see the KVRT Disinfection Process. I know Kaspersky uses advanced disinfection which im pretty sure is the best disinfection, but I dont think KVRT has that.
Click to expand...
KVRT has a bit more limited advanced disinfection. Once the advanced disinfection starts, it will prevent any executables from starting and will delete files and associated registry entries from the system. However, it doesn't have the ability to delete undetected files/changes created by malware in sensitive system locations, compared to KAV/KIS that have System Watcher. KAV/KIS can reference the chain of file/registry creation/modification of a malicious file that is detected after infection by signatures/scanning (unrelated to behavioral detection on execution), so even if System Watcher fails to detect malware on execution, once the file is detected its associated files logged by System Watcher will be rolled back as well.
 
  • Like
  • Hundred Points
Reactions: Nevi, brambedkar59, Sunshine-boy and 1 other person
N31R said:
KVRT has a bit more limited advanced disinfection. Once the advanced disinfection starts, it will prevent any executables from starting and will delete files and associated registry entries from the system. However, it doesn't have the ability to delete undetected files/changes created by malware in sensitive system locations, compared to KAV/KIS that have System Watcher. KAV/KIS can reference the chain of file/registry creation/modification of a malicious file that is detected after infection by signatures/scanning (unrelated to behavioral detection on execution), so even if System Watcher fails to detect malware on execution, once the file is detected its associated files logged by System Watcher will be rolled back as well.
Click to expand...
Yeah. I'd assume KIS/KAV Advanced Disinfection is better since it has active logs. Has Kaspersky's Advanced Disnifection ever not fully disinfected a system.
 
  • Like
Reactions: Nevi and Sunshine-boy
I don't think any scanner, creates a complete cleanup.
Malware Removal also shows us here in the forum that never a tool It alone manages to remove all the manipulations of malware infection.
Even if none of these scanners show something, can still change on the real PC but are also on a virtual PC.
That is why malware fighter and malware analysts work with other tools, for example
Farbar Recovery Scan Tool, RKill and further tools.
Because they know what they look and how it is fought (deleted).
Small changes can form weak points in the system.
 
  • Like
Reactions: Nevi, Sunshine-boy and cruelsister
Xtwillight said:
I don't think any scanner, creates a complete cleanup
Click to expand...
Perhaps not, but it's important to know which are better and more importantly which are of dubious value and are dangerous as they give the User a false sense of security.
Xtwillight said:
malware analysts work with other tools, for example
Farbar Recovery Scan Tool, RKill
Click to expand...
These would fall into the latter category mentioned above.
 
  • Like
  • +Reputation
Reactions: Nevi, Xtwillight, roger_m and 1 other person
It's a disappointment to see that the ESET online scanner detected the threats but couldn't neutralize them. The premium products fare much better. I have ESET Premium and Norton Power Eraser for the on-demand scanner. I also use CCE, i.e., Comodo Cleaning Essential, to see a quick verdict for the system. @cruelsister, can you test KillSwitch and the Autorun Analyzer from CCE Tools against your malware? KillSwitch and Autorun scan processes and files and give trusted, malicious, and unknown verdicts.
 
cruelsister said:
Click to expand...

Another comment. If eset were to be installed as a resident scanner then it would again pickup those variants as it booted. Most likely it would remove them with higher success than the online version. At least it would keep alerting the user to their persistence which would allow the user to bring bigger guns if necessary.

But I agree a false sense of security is being presented by Eset scanner that the threat was dealt with.
 
  • Like
Reactions: simmerskool and roger_m
cruelsister said:
Perhaps not, but it's important to know which are better and more importantly which are of dubious value and are dangerous as they give the User a false sense of security.

These would fall into the latter category mentioned above.
Click to expand...
What you write is correct.(y)

I just want to draw attention to it,
that a complete clean-up by such tools is unlikely.

Many tools fail because the active part of a malware in memory is not deleted first.
This requires that almost all active processes in Windows are deleted first.
are eliminated, the PC is shut down and restarted in safe mode and then the malware parts are deleted

It is certainly important to know which tool helps best.(y)

Translated with DeepL.com (free version)
 
  • Like
Reactions: roger_m

You may also like...