Hijack Scan, SpyDLLRemover, ClamWin

[aguilarojo]

The IObit application suite is a smart combination of integrated apps which provide real value in either their Free or PRO versions. My contribution to the fanfare expressing appreciation and admiration will be limited to admitting that I was persistent enough to successfully register for the Free license of the PRO version of ASC.

 

Doing so has allowed me to observe in greater detail the work ASC PRO does and develop a curiosity regarding it's various components. This time my curious nature is focused upon Hijack Scan. ALthough the details gathered and reported by Hijack Scan are quite informative, I believe that a bit of color coded cues would be useful in identifying problems more quickly. If the palette to be used for these color coded cues could be modified according to various culturally significant values -- this may make Hijack Scan less cryptic.

 

As IObit service is worldwide, allowing users to make such choices regarding the color cues useful or more easily recognized to their personal or cultural preferences enhances the quality of information to the user.

 

A different product which does some functions of IObit's Hijack Scan is something called Spy DLL Remover by RootKitAnalytics. The color coding of their product however is straightforward and static. I currently don't have the engineering background to fully explore the different products however I do see that Hijack Scan can access and utilize more tools due to it's integration within ASC thereby providing more means of providing to the user containment, repair and removal strategies than SpyDLLRemover. But detailed online help and references are accessible regarding any problem dll or process through SpyDLLRemover -- this assistance does not appear to be available through Hijack Scan.

 

I run SpyDLLRemover from my USB stick; it doesn't need to install any other components of itself to do it's work. Hijack Scan however, works best via either the Free or PRO version of IO Sec 360 desktop version.

 

• Observed Problems with IObit software: The portable versions of both ASC Free and IO Sec 360 install themselves not only into the Windows taskbar as running applications but also into the space along the side of the taskbar reserved for applications running or available from the desktop computer. Whenever I disengage or unmount the USB stick from which I ran the portable version of either IO Sec 360 or ASC, I get the unusual message of Windows - No Disk dialog error window (details of which I reported elsewhere in this Forum). My interpretation of what is occuring is that the portable IObit products are looking for the USB disk as though it was the computer's internal hard-drive which means that the portable applications are not really portable but designed to run from a desktop environment.
   
  I have reported this unfortunate tendency elsewhere in this Forum. I'm not sure that there is a solution to the difficulty other than to not run either portable version of IObit's products at all especially as the portable versions don't appear to match (according to other discussions elsewhere in this Forum) currently released desktop versions of IObit products.
  

 

Unlike other Forum participants I came across IObit as a result of my search for portable applications I could run from my USB stick. In that sense alone, IObit products do not appear to be designed to work in that modality. I remain hopeful that the difficulties I reported here will be addressed.

 

Reported Trojan and Worm:

I searched for a means to report this but I did not find a different means to get someone's attention. According to Clamwin (portable version of Clamav for Windows) I found two Trojans whereas ASC did not report discovering or removing them. Therefore I'm submitting the name of the Trojans here:

 

• DFSP_061025_U3_LOCALIZED_CD_STOMP.u3p: Trojan.Pocks
  
• Worm.Bagle.BY-2
   
  

 

I have Trojan.Pocks quarantined if someone wishes to study it.

 

The Worm however is in my client's (Thunderbird) inbox. If there are tools within ASC to remove it I'd appreciate the procedure.

 

Thanks.