Trend Micro HouseCall

[Anupam]

Recently my cousin's PC was infected by virus which came from pen drive. They did not scan the pen drive before using it, and the result was a PC infection. Avast 4.8.1351 was installed on the PC. Avast could not prevent the infection, but started to give repeated virus alerts after the PC was infected. Avast was unable to remove the infection. Even boot time scans of the PC came up clean, but the virus alerts still remained. One alert was about a rootkit.

I ran several anti-rootkit programs like Sophos Anti-rootkit, F-secure Blacklight, Panda Antirootkit, Rootkit Buster, but they did not suggest anything malicious.

Fortunately, the internet was still working, and so I decided to give other programs a try, which I had not used before.

I tried Hitman Pro first... it detected some files, and removed them, although, it could not remove the whole infection.

I had also tried Panda Cloud Antivirus, since I had read it was good at rootkit removal. It also did not find anything.

I then tried Trend Micro HouseCall. It requires you to install a small download, after which you can install it, and scan the PC. Although the scan took a lot of time, but it was able to remove the infection totally. Autorun files had been installed on all the disk partitions because of which Avast was unable to remove the infection completely... on deleting the files, they were being regenerated. HouseCall was able to find those autorun files, and delete them. No other scanner caught those files.

I don't know if the alert about rootkit was true, because I have read rootkits are very very difficult to remove. Maybe it was not a rootkit, or maybe it was not a very malicious one.

So, I can say Trend Micro HouseCall is good, and if you ever find yourself in trouble with an infected PC, and the internet is working... you can give this online scanner a try.

There are several other online scanners, but I have not tried them, so cannot say how effective they are. If you know of other good online scanners, please share them here.

Also, in such cases, rescue CDs from various antivirus can be of use too. I have not used them before. If you know some good ones to share, please do so.

[Taurus]

Thank you for the information about Trend Micro Housecall. That's very useful information.

I have used Avira's Rescue CD successfully a number of times when trojan infections prevented PCs from rebooting. Scanning from the Rescue CD, I had to delete the infected files (which Avira did successfully) and the machines booted to desktop. I then ran Avira Personal, SAS, and MBAM until I came up with clean full scans and no symptoms of infection remained.

[dharma23]

Anupam: did you install anything like Panda USB vaccine on your cousin's PC? The current version can be set to automatically disable autorrun in any USB device you plug into your PC.

[benhenry]

Quote:

Originally Posted by Taurus

Thank you for the information about Trend Micro Housecall. That's very useful information.

I agree with Taurus. Thank you, Anupam.

I'm going to see if I can run this from Bart's PE Builder as a stand alone without an internet connection (like Mcafee's Stinger).

[Anupam]

Thanks Taurus, for mentioning the Avira Rescue CD. I will take note of that .

Quote:

Originally Posted by dharma23

Anupam: did you install anything like Panda USB vaccine on your cousin's PC? The current version can be set to automatically disable autorrun in any USB device you plug into your PC.

No I haven't. This is a good idea, thanks . I am also planning to install antivirus specially for pen drives. Its Mx One Antivirus, and I found it good.

Quote:

Originally Posted by benhenry

I'm going to see if I can run this from Bart's PE Builder as a stand alone without an internet connection (like Mcafee's Stinger).

If you are talking about HouseCall here, it won't run without an internet connection. It is an online virus scanner.

[benhenry]

Quote:

Originally Posted by Anupam

If you are talking about HouseCall here, it won't run without an internet connection. It is an online virus scanner.

Oh. Yeah.

Darn. And I can't get the Bart PE to recognize my net adapter. Oh well. If I
ever have to use the disc it'll be because I have more of a problem to worry
about than a virus. I did get the excellent RootKitRevealer and RegDelNull
to run from the commandline. They are from: http://www.nirsoft.net

Great little programs with no install and small footprints.

[Anupam]

Very true. Nirsoft has excellent utilities, which are small, and portable.

[Anupam]

Want to share another successful story of PC rescue by Trend Micro HouseCall. This time it was my PC. I had gone to a cyber cafe, with my pen drive, for taking a printout. The pen drive got infected there. I had seen new files being made on the drive, and I knew the drive had got infected. I thought, that I would plug in the drive on my PC, and I would scan it before using it, and it would be safe. But, I had forgot, that I had not vaccinated my PC against the autorun. Result... I plugged in the pen drive on my PC, and it autoran, and my PC got infected.

First, the two files on the pen drive won't go away. I used Unlocker, and then formatted the drive. But, when I plugged in the drive again, the two files were back. I knew my PC was now infected.

I ran scan with Avast, but nothing was found. I have the latest version. These two incidents, have diminished my faith in Avast a little. Because first, it could not prevent the infection, and second, it could not find the infection, and clean it.

I decided to scan the PC with Trend Micro HouseCall, and it found the files which Avast had missed. The infection was a trojan horse. Saved once again.

I am amazed at HouseCall's capability. I did not run scans with MBAM, or SAS. Maybe they would have found the trojan.

I would recommend everyone to scan their PC with Trend Micro HouseCall once a month, even if they feel that they don't have any infection. I am really impressed by this scanner.

I have also download Panda USB Vaccine, and I am going to use it. I recommend everyone to do the same. Infected pen drives are a major source of PC infection. Their autorun should be disabled, and should be scanned before using them, specially if you have used them at someone else's PC.

[Taurus]

Quote:

Originally Posted by Anupam

I would recommend everyone to scan their PC with Trend Micro HouseCall once a month, even if they feel that they don't have any infection. I am really impressed by this scanner.

Good information Anupam

Is Trend Micro Housecall an on demand, cloud based av\am scanner? This is not the first time I've read very good reports about Housecall.

Does any one know if Housecall can be run along with Panda Cloud Antivirus without there being any conflicts?

Thanks.

[Anupam]

Quote:

Originally Posted by Taurus

Is Trend Micro Housecall an on demand, cloud based av\am scanner? And does any one know if Housecall can be run along with Panda Cloud Antivirus without there being any conflicts?

HouseCall is supposed to be an online scanner. But, it requires a small download, and installation. After that, when it connects to the internet, it runs some updates, and then is ready to scan the PC. I don't know more about it, whether its cloud based or more... I will try to know more.

As it is an on demand scanner, I think it should run fine alongside any other resident antivirus.