It's time to break out the popcorn
Last week, fourteen cybersecurity experts, infosec biz ESET, and tech advocacy groups the Internet Association and TechFreedom filed friend-of-the-court briefs urging the US Supreme Court to review a 2019 appeals court ruling against antivirus maker Malwarebytes. The flurry of legal arguments represents an effort to ensure …
Try running any software from China!
i use the iobit package, it works OK,
malawarebytes sees it as a pup, add it to allow list by folder,
sees each process as a pup.
add each process to allow list.
sees each operation as a pup.
just ignore results as it pisses me off
further result, UNTICK AUTO RENEWAL.
it will expire eventually and no more frustration.
pity otherwise i like this software.
bit late to this party but I thought I'd put my beef on record.
I agree, in general, with the overall security brief, that malware detection is one of the vital layers of protection (against known threats). But the bastards are often clearly and egregiously guilty of abusing their position.
The classic example of abuse by the anti malware crowd is their failure to respond or react to reports of false positives.
Process Hacker is the instance which riles me most of all. As we speak Virustotal reports that 20 detectors identify it as a threat. This is bollocks, as I suspect a fair smattering of Reg readers are fully aware.
a) it's open source and has been around since 2008. That makes it instantly more trustworthy than most of the alleged malware detectors
b) it is in constant use by several thousand, possibly million, reasonably experienced users; a community who would have identified real threats well before the malware detectors got around to it
Some argue that the Malware hypers are targeting PH because it is better, and certainly more transparent, at detecting illicit hidden processes than they are and thus threatens their own credibility and bottom line. While this is true, it doesn't make much sense. Nobody has the time (regularly) to sweep their system manually, using PH, to find the occasional threat. And users of PH are the least likely netizens to have exposed themselves to such threats in the first place.
What is really happening, in my view, is that the Malware hypers are - deliberately - conflating dangerous tools (which PH certainly can be, in inexperienced or malicious hands) with actual malicious software. PH CAN be used to damage stuff, (as can hundreds of other software tools) but isn't intended for that purpose. And it's ONLY stuff whose intentions are malicious (or whose code is obviously faulty, like the Norton 2016 example) that should be in their crosshairs.
The real kicker, though, is that it doesn't matter how many of us ( and I know there are many thousands) report PH as a false positive, NONE of the malware hypers ever acknowledge or react to such notifications.
For those who have become thoroughly pissed off by the automatic disabling of PH (especially when it's set to replace Task Manager), the way to prevent that is to activate the Admin account and install it as admin. That usually prevents the bastards from mucking about with it. Otherwise you'll find yourself in a constant round of "permitting" or "excluding" it from their overactive and knowingly dishonest "protection"
And the most dangerous result of this deliberate deceit by the anti-malware crowd is that a sizable portion of the community they should most value (the likes of us) have learned not to trust them. After all, if they can consistently report, as a threat, something we know to be safe, why should we trust any of their other reports?
Biting the hand that feeds IT © 1998–2020