I have a question regarding the virus scan feature. While in the guide it does say that Glasswire works with your current Antivirus, there is no indication that when you use the virus scan feature, my antivirus is the one doing the scanning. I am currently using Norton. Checking Norton’s logs didn’t show it doing any on-demand scans. So I’m wondering how or what exactly do you use to scan the files. Sorry for asking but I need to know the virus scan result is something I can trust.
Could you tell me what version of Norton you are using and what version of Windows? I will confirm with our development team.
Are you sure there was nothing in the logs with Norton?
Right now I’m using Microsoft Security Essentials (Windows Defender) and that’s what does the scan for me.
I’m using Norton Antivirus 2014, program version 18.104.22.168. If it helps, I’m currently using a 6-month extended trial because this is a fresh install PC and I was lazy to shop around for a new antivirus.
I clicked on the advanced button, and checked the history section, which shows the logs for everything, and I didn’t see any scan done right after I used the virus scan feature in Glasswire.
Not that I’m against using Windows Defender, but I love testing out new and different versions of security products every now and then. That is why I instantly downloaded Glasswire and gave it a run after seeing it on Majorgeeks and reading all the info on your website.
Hopefully you and your team can give some insight regarding my question. Thanks
We use the Windows API similar to Firefox when you download a file with that browser. Maybe it does use Defender but I’ll ask the development team to confirm how it works and see if we can make it work with Norton, etc… instead. I’ll get back to you once they give me more info.
I also would like to know what is doing the scanning when one clicks GlassWire’s Virus Scan facility.
Indeed, I would most appreciate a facility for the user to specify a program to do the scanning. Incidentally, I use Comodo Internet Security, not any Windows security programs. My general understanding from my reading around is that the Windows security programs give only a low level of security and thus are effectively harmful, because they encourage people to imagine that they have worthwhile protection, which they really do not have until they get using high-grade third party security programs.
After reading the posts I tried the virus scan -it Worked ! .My Dr Web total internet +virus protection came up with a small rectangle with a green tick saying -okay
OK I’d like some clarification too. I use ESET NOD32 and will occasionally have Glasswire scan something that looks odd. I started getting a ton of updates from my Graphics card a few months ago, and totally disabled the auto-updating, as well as removed it from the startup services…but it still seems to be occurring some…according to Glasswire data. I found some more things enabled in startup services so I’ve just disabled them too…but I’m not sure if its what I disabled previously.
I ran a virus scan on the one shown in Glasswire today and for the first time ever the scan results came back as an infected file. It’s a NVIDIA GEForce Experience Backend file…which was installed around the time the constant updating started. I can’t delete the file because it’s in use. ESET shows no logs of having ever run any of the ‘mini’ on-demand scans in Glasswire. I ran a complete scan with ESET on the drive in question and it found not threats. So what antivirus app has determined this file is threatening? I sort of agree it may be a threat but I’d like to know anyway!
I have a gtx670 2G video card but I cant find any backend GEForce experience file,there again I stopped the constant updates as they werent doing my PC any good some drivers couldnt install but I have a very good protection program that blocks anything suspicious .Trying to install them caused video instability . They seemed to be updates nearly every day . AS a very suspicious person due to lives experiences I just stopped the update and download service and you know what no more problems on my Dell Ultrasharp U2412M -a highly recommended model and it is! Mostly the updates were for some new games app not for any everyday use . My DR Web also shows no record of scan on GW but that doesnt bother me. I have blocked multiple downloads on both my browsers for security. Nvidia did have trouble in the past from hackers so I am very careful and watch and check each download before I allow it to be run ,even then hackers are now using the apps own installer to cover up malware as scanning the installer shows up clean. I will check up this backend file for info.
Well that didnt take too long to check apart from my protection blocking 2 info sites as malware . One site was 73 % okay 27 % threat . Next site 83 % threat to 17 % okay . Third site poster said using 100 % of his CPU told remove it because it is not essential . An exe file that starts up with each users log on. Personally I would uninstall it. I have found through experience lesser is better unless it is a vital part of the app and this is not.
Really interesting Duncan…thanks for all the information. Like you I’ve had some previous experiences which cause me to be hyper-aware of safety. I didn’t know NVIDIA had been targeted although I guess its not surprising…and good to know. I know that NVIDIA Backend experience is legit…but I do think its related to keeping stuff updated for gaming which I have no interest in. Since deleting the files didn’t work…I’ll check out uninstalling…I don’t know why that didn’t occur to me!
Here’s what happened the night I wrote my question. I ran a complete scan by ESET which found nothing harmful. But ESET told me I was missing an important update from NVIDIA…odd because I’d just run update a few days ago…but installed that update and ran a Malwarebytes scan on the NVIDIA folder on C: on reboot. Nothing found there either. I’d double checked the ‘virus’ designation of the file in GlassWire multiple times. After the update I scanned the file in GlassWire again and it removed the ‘virus’ designation! So, I’m assuming the update helped something recognize that that file was really OK. But I’d still like to know what that ‘something’ was…because based on ESET logs…it’s not ESET. I do have Malwarebytes, Windows Firewall and Anti- Exploits running too…but ESET is the antivirus app!
If I have any trouble deleting a file because I run as a standard user not administrator as ,unusually MS are right it cuts down the attacks -I say unusually as I am no lover of MS again due its control over your PC. I have Process Hacker which I have fully integrated into Windows (even protected by the "“trusted” Installer )-NOT ! I then terminate it and its tree and hey presto !! I can uninstall it . I also have Everything this program a blessing it shows up a whole host of programs that most programs dont show up .I click on a program and click -open path and I get exactly where it is on my PC I can then delete it if I want . This program is so good that MS and others tried to block it several times but I hit back and "crippled " some of MS,s basic programs so that they couldnt attack using Windows programs . I also have Malwarebytes -good program +anti-exploit as you have . ESET I know nothing about but I would change Windows Firewall for something better year after year it gets low ratings. A WIN 8 user was boasting on a PC mag Win 8 started up and ran in 33 seconds -saying Win 7 Which I have ) took 5 minutes . I run Win 7 Prof. and start up time from powering up to the actual Windows screen(not the welcome one ) is =34 seconds I emailed the mag . Two programs I am testing are quite new=Close The Door and PhishBlock both have no pups/malware -PhishBlock has 100 % installations in the US it designer is still working on it . Have a look at both they are pretty interesting -low memory+low CPU usage… I have an update driver on Windows update for Nvidia its never going to get installed.
Duncan…thank you for all the great ideas! Somehow I missed your exceedingly helpful reply and haven’t been back to the forums until today. Your ideas are really great & appreciated and that’s why I’m replying this way.
I was warned this would bump the thread back to the top…but that’s what I wanted to both thank you and to let other people read your suggestions. I just wish I knew the right way to do that because I suspect the title can’t be changed and my bump won’t matter much :-/ If you don’t already, you should write a blog about securing Windows. If you do please share the address here! Thanks again and happy, happy holidays!
One more thing to add…I don’t really pay attention to Windws Firewall because we have a hardware firewall in place…but I completely agree with you that if that went the case I’d suggest looking for something better. Although I don’t know if things are better in Win 10…I would hope they are but haven’t taken the plunge yet and not sure if/when we should.
AS always vsatech I am straight forward and honest sometimes to my own determent, nevertheless I personally would never upgrade to Win 10 -aka -the Spy Network ,its not only that MS in windows 10 have taken even more control of their system and you are even more limited in what you can change ,even stepping up from "user " is now limited and you will find there are a multitude of "users " with more power over windows programming than you . Many of your apps wont work in it and you have to use their store for apps (although a lot of new approved ones will ) Its a closed system with a backdoor that gets hacked . There is a lot more I dont like but there are millions using win 10 and are happy with it but MS is trying to force Win 10 on Win 7 users by forced installation ,if you dont watch out ,why because win7 is so popular that the sales havent reached the many multi-millions in the time it has been out ,look at world % . I am posting this using LInux Mint -a world of a difference although I still have Win 7 on dual-boot but the difference in control is amazing I feel I own my PC in lInux I dont in Windows . Dont let that put you off Windows 10 this is only my personal opinion and many will disagree.