NoVirusThanks Malware Remover Free v3.1

Status
Not open for further replies.
jamescv7

jamescv7

Level 85
Thread author
Verified
Honorary Member
Forum Veteran
Mar 15, 2011
13,070
17,982
8,379
29
Philippines
[30-04-2011] – v3.1.0.0

+ Fixed Windows Server 2008 run error
+ Optimized behavioral scan
+ Option to Exclude items
+ Minor fixes and optimizations
+ Unlocked “Behavioral Analysis” for Free version
+ Unlocked “Scan Windows temp folder” for Free version
+ Unlocked “Scan current user temp folder” for Free version
+ Added “Accept EULA” Form
+ Fixed startup for Windows Vista/Seven
+ Optimized initialization of the application
+ Updated DB to v594
Click to expand...

Source
 
Not much I can say about an anti-malware that detects his own executable as possibly infected:
[attachment=186]
 

Attachments

  • Image 047.png
    Image 047.png
    8.6 KB · Views: 648
Seems a FP there even Kmplayer is a known for a legitimate was also flagged as infected.
 
The number of false-positives is huge. Legit Windows files are flagged:
Code: 
Files Infected:

c:\windows\system32\dwm.exe -> No action taken
c:\windows\system32\taskhost.exe -> No action taken
c:\windows\explorer.exe -> No action taken
c:\program files\acronis\trueimagehome\trueimagemonitor.exe -> No action taken
c:\program files\common files\acronis\schedule2\schedhlp.exe -> No action taken
c:\program files\avast software\avast\avastui.exe -> No action taken
c:\program files\comodo\comodo internet security\cfp.exe -> No action taken
c:\program files\mozilla firefox\firefox.exe -> No action taken
c:\program files\daemon tools lite\dtlite.exe -> No action taken
c:\users\bogdan\appdata\roaming\dropbox\bin\dropbox.exe -> No action taken
c:\program files\findandrunrobot\findandrunrobot.exe -> No action taken
c:\program files\mozilla firefox\plugin-container.exe -> No action taken
c:\program files\the kmplayer\kmplayer.exe -> No action taken
c:\users\bogdan\desktop\nmr_portable\portable\nmr.exe -> No action taken
c:\program files\java\jre6\bin\jp2ssv.dll -> No action taken

VT link: dwm.exe
VT link: explorer.exe
VT link: taskhost.exe

I have no comments.
 
bogdan said:
The number of false-positives is huge. Legit Windows files are flagged:
Code: 
Files Infected:

c:\windows\system32\dwm.exe -> No action taken
c:\windows\system32\taskhost.exe -> No action taken
c:\windows\explorer.exe -> No action taken
c:\program files\acronis\trueimagehome\trueimagemonitor.exe -> No action taken
c:\program files\common files\acronis\schedule2\schedhlp.exe -> No action taken
c:\program files\avast software\avast\avastui.exe -> No action taken
c:\program files\comodo\comodo internet security\cfp.exe -> No action taken
c:\program files\mozilla firefox\firefox.exe -> No action taken
c:\program files\daemon tools lite\dtlite.exe -> No action taken
c:\users\bogdan\appdata\roaming\dropbox\bin\dropbox.exe -> No action taken
c:\program files\findandrunrobot\findandrunrobot.exe -> No action taken
c:\program files\mozilla firefox\plugin-container.exe -> No action taken
c:\program files\the kmplayer\kmplayer.exe -> No action taken
c:\users\bogdan\desktop\nmr_portable\portable\nmr.exe -> No action taken
c:\program files\java\jre6\bin\jp2ssv.dll -> No action taken

VT link: dwm.exe
VT link: explorer.exe
VT link: taskhost.exe

I have no comments.
Click to expand...
EPIC FAIL!
Never tried NoVirusThanks...but after I've seen this ...I will avoid this product...
The developers of this products should really improve this product :P .
 
Out of curiosity what type of scan did you performed? Is the paranoid scan activated? Cause probably that's the main problem or if not then a serious flaw of FP.

nmr4-530x274.gif
 
It is probably caused by their "Behavior Analysis" feature but if something will produce so many false-positives don't enable it by default in your product and give a warning when the user activates it.
 
I only tried Flash & Quick but I think all types of scan will find those as long as Behavior Analysis is set to Advanced (Default for the portable version, never tried the installer version). Even Basic Behavior Analysis has its share of false-positives.
 
I've also tried the Portable version and NoVirusThanks manage to detect 2 threats .......One of which is it's own file and the other is ... chrome.exe ..... :)
[attachment=367]

Scan Log :
Code: 
NoVirusThanks Malware Remover Free 3.1.0.0
DB version: 594 (28.04.2011)
Report created on 6/6/2011 at 7:49:18 AM
Windows 7 Ultimate 6.1 Service Pack 1 32-bit
WIN7-PC - Win7

Scan type: Quick Scan
Time elapsed: 00:21:31
Objects scanned: 15929
Threats detected: 2

Files Infected:

c:\users\win7\appdata\local\google\chrome\application\chrome.exe -> No action taken
c:\users\win7\appdata\local\temp\rar$ex67.712\portable\nmr.exe -> No action taken

Folders Infected:


Registry Values Infected:


Registry Keys Infected:


System Hijacks Found:


IE Hijacks Found:


Hosts File Hijack Found:


Traces Found:


End.
I will also try the installer to see if it's any better...
 

Attachments

  • 1.png
    1.png
    69.4 KB · Views: 833
Still its a weird that their own file was detected and some files rated as FP.
 
Status
Not open for further replies.

You may also like...