Holy shit, this anti-virus is awesome.

[WindupAtheist]

Kid brother picked up something somewhere that was causing all his search results to redirect elsewhere. Googled f13, clicked a link to the front page, ended up at some site trying to sell penny stocks. And so forth. Spent a ridiculous amount of time trying to get rid of it. Norton, nothing. AdAware, nothing. A bunch of other shit, nothing. I'm not expert enough to use HijackThis to it's full potential, but the suspicious looking shit I removed with it didn't do any good either.

A couple forum posts and shit I turned up said this was good, so I gave the free trial a shot.
http://en.wikipedia.org/wiki/Hitman_Pro

Here was the entire experience.

Me: *installs program*
Program: Click next to detect bad stuff.
Me: *clicks*
Program: Hey, a rootkit. Click next to remove bad stuff.
Me: *clicks*
Program: Bad stuff fixed, reboot to get rid of it.
Me: *reboots*

Done. Fixed. The scan took just over 3 minutes. The entire process involved like 3 clicks and took 5 minutes. I've never had an easier time removing something that the usual programs couldn't get at. I am blatantly talking it up because, at least in this particular case, it was just that fucking good. Has anyone else used this?

[Ratman_tf]

Huh. If AVG and Adaware can't get rid of it, I usually wipe the hard drive. This sounds promising. Thanks for the link.

[WindupAtheist]

It wasn't just the fact that it got rid of something the others programs didn't, it was the fact that it took 5 minutes and was ridiculously simple. There was none of that "start a scan, go watch TV" shit. From installation to success it really was just a matter of clicking next a couple of times. Your technologically hapless grandmother could use it.

I almost wish I had more problems to test it on. If this little experience was typical, it's the best thing out there.

[Trippy]

It sounds like your brother picked up the TDL3 rootkit. That just happens to be something Hitman Pro specializes in detecting and removing (many traditional AV programs have trouble detecting it). The reason why Hitman is so fast is because it doesn't scan everything. From what I can tell reading between the lines of the Web site it basically just compiles a list of likely infection spots and just scans those. I like its approach of using multiple AV scanners but because it doesn't give you the option of scanning everything it's not a complete replacement for a traditional AV scanner.

Edit: I'm assuming it doesn't have an option to scan everything as passing each and every file on your computer up to the cloud to be scanned would take forever not to mention being an incredible privacy problem.

[lac]

Heh, good to hear it actually does something. I was afraid it was scareware. A couple of years ago hit man pro was a fully automated script that downloaded trials and free antispyware software from the net and ran them in succession on the infected host. It was an approach that yielded great results for almost no effort. Sometime after it becoming popular the script vanished and the website started offering the current program. I had always assumed the domainname got sold to a scareware provider.

[Lantyssa]

The best AV tool is using a bunch in combination.  Hitman is good in that it does hit the likely infection points and uses multiple engines, so it's at least likely to get critical areas clean.  It's still a good idea to a full scan with other products after a known infection to be safe.

[IainC]

I always used HijackThis for stuff like that. Works in the same way.

[Lantyssa]

HijackThis requires a lot of computer knowledge to do anything with though.

[Der Helm]

This thing identified the Alganon Installer as a rootkit. Sounds legit to me.  

edit: -k+g

[dusematic]

I use MalwareBytes. 

[WindupAtheist]

The best AV tool is using a bunch in combination.  Hitman is good in that it does hit the likely infection points and uses multiple engines, so it's at least likely to get critical areas clean.  It's still a good idea to a full scan with other products after a known infection to be safe.

Yeah, though to be fair it does specifically pitch itself as a "second opinion" program to be used when the others aren't finding anything. In any case, I'm glad SOMETHING specializes, as Trippy said, in this particular rootkit. Because Norton, AdAware, MalwareBytes, and Housecall had all accomplished squat.

[Fabricated]

I usually use MalwareBytes and HijackThis when I'm on computer janitor duty.

[WindupAtheist]

I'm just really happy that I didn't have to reformat my kid brother's PC and then figure out what drivers it needs. Of course this isn't the first time he's had a problem. My other brother ended up reformatting the kid brother's hard drive a few months ago while I was out of town, because he'd picked up something bad. I think I'm just going to make him use the AdBlock/FlashBlock/NoScript combo and force him to specifically enable whatever he wants to see.

And again, I just gotta say, the combination of those three Firefox additions keeps away 90% of everything. I ran an AdAware scan for the first time in months the other day, and found a total of 10 objects to be deleted, none above level 3 on their threat scale. Back in the bad old days of using IE, I could go a week between scans and find a hundred things each time.

[Numtini]

More is always good. So far though, I've never found anything that Malwarebytes didn't kill.

[Morat20]

HijackThis requires a lot of computer knowledge to do anything with though.

True, but it's good for disabling a bunch of obvious shit -- plus, if nothing else, it can point you to likely culprits.

I mostly use it for those goddamn "Your computer is infected" popups that people KEEP FUCKING CLICKING ON that install some fake anti-Spyware shit. 80% of the time I can disable the fucker and it's little reloading dlls through HijackThis and then simply nuke it.

My wife seems to have a fondness for virtumonde trojans, and HijackThis is invaluable there. Although the last time I had to drag out VundoFix and CTFShredder I was seriously contemplating nuking her damn hard drive.

I've been happy enough with Kaspersky. I pair that with Spybot and rarely have any problems.

[Threash]

A few weeks ago i picked up a nasty virus that Hitman Pro couldn't fix, it took combofix to get rid of it.

[Morat20]

A few weeks ago i picked up a nasty virus that Hitman Pro couldn't fix, it took combofix to get rid of it.

Ah, yeah, that one lays around in my "Security Tools" folder too. Gets those nasty fuckers that randomly assign dll names, reverse them, and hide all over your fucking computer and infect your registry.

That's my "Fuck it, if this doesn't get it I'm reformatting" tool. :)

[jakonovski]

Gargh, someone from China tried to hijack my gmail account, but I managed to reset the pw on my work computer. Any idea how to get rid of a keylogger? MSE and Hitman Pro are showing nothing. I suspect the SO picked up something while surfing the WoW forums.

edit: d/ling AVG on the infected laptop as we speak.

[NiX]

Gargh, someone from China tried to hijack my gmail account, but I managed to reset the pw on my work computer. Any idea how to get rid of a keylogger? MSE and Hitman Pro are showing nothing. I suspect the SO picked up something while surfing the WoW forums.

edit: d/ling AVG on the infected laptop as we speak.

I got a message about South Korea. I haven't really been on my computer for the past 2 weeks, so not sure how it would even happen.

[Tarami]

Anyone surprised? (The second hit is unrelated.)

[Der Helm]

This thing identified the Alganon Installer as a rootkit. Sounds legit to me.  

Not me. 

[Tarami]

Oh. Bloodworth made me do it.