Hi BlackHawk1
Frequently Asked Questions, here you should have all your answers in
Documentation English pdfhttp://www.mcshield.net/download.htmlWell, there is difference between antivirus and antimalware programs. These are two different things.
Just compare the two probably most popular free products in the security world, Malwarebytes and avast! ...MCShield is free
(non-profit) antimalware program:
- MCS can NOT replace avast! nor any other antivirus.
- do not even try to compare them as they are not the same.
As already been told, AV programs are mainly signature based software. In world, this means that AV
has to wait for signature in order to detect in this case the USB based malware or
new malware. For this reason, there are various additional anti malware/tools that target either specific infections or come as addition to the primary AV program just as help. MCS is here to help the AV or some other AM program and MCS doesn't need a signature (btw, MCS does have his own database as well) but uses a
pattern and varius detection behavior
routines in order to detect
even new USB based malware as a specialized tool only for this malware type.
That's where the main difference is! This is MCS's job.
For real advanced user, MCShield may not be necessary, but yet again, nor AV is required if IT admin-user know what he is doing.
You mentioned the MCS FP detection. Well, they are now rare but if some FP does occour it is autorun.inf related. Why?
Well, autorun isn't always malware by itself, it is just some form of txt file. autorun.inf is the
trigger to the real malware executable file.
What, where and why . . it is explained in some previus dr_Bora's post.Btw, there is no known
0day USB malware, it is again something ...else. But new and undetected, unknown USB malware does exists.
Btw2, autorun is today the old way (read: unpopular way) to triger/load the malware from USB to system and this exploit apply most on today old XP system, not on Vista and newer OS's, where USB based malware uses some different techniques.
I am amazed at how infected some computers can get these days. I don't know how people can screw up so bad.
I'm doing this for very, very long time. And trust me, I can not fully figure how they do that.
... ... ... ...
You mentioned that you have KAV since 1996 and only one infection at that time. How do you know?
Modern malware has the job not to indicate its presence, to be executed without the knowledge of AV/AV and user, some even to delete itself after executing
in order not to leave traces ...etc. So you're now saying that you had no active (just one) malware during that time? Congratulations, but, how do you know and are you 100% shure?
Do you have idea how much I examined the system where some AV's has green notify "
you are protected, there is no threads" or simething like that but active malware is loaded on the system and preform his job, most users are unaware the presence of malware because they expect that they will feel some bag in system. No, they will probably not feel any bags or something that indicate the malware presence.
Hardware and core-system is far advanced and fast, user in 80% of cases are not aware that is infected BC the user sees his system in perfectly working state.
Unfortunately, many users ask for help for malware removal only when their AV flag some warning.
facts: AV is must have, without AV, PC life would be difficult and impossible. But AV are not 100% almighty and sometimes AV need some addition help.
Cheers