I have a legitimate security product and it still shows items that slipped through. Why?

FAQ

I have a legitimate security product and it still shows items that slipped through. Why?

Non-running files, registry entries and cookies may be discovered by definition-based scanners. These pieces are not running processes or by themselves threats. Scrubit is designed to cleanup active running processes. Active running processes are the real threat. Badware must run in order to cause problems. These remnant pieces are not infectious or active, they are just extra files. Definition-base scanners do a good job of recognizing these files and removing them. Use your scanning programs to remove this pieces. If they are part of the badware removed by Scrubit, removing the extra files by scanners will free up some space on your hard drive.

Scrubit does not do registry cleanup of non-running traces of badware. Scrubit does not clean up cookies, as these are not running processes. Scrubit does not cleanup the folder or file remnants inside of the parent folder of badware it has removed.

The non-active leftover pieces remain on your system for a reason. In case of a false positive or user error (the safelist was never created or safelist was shut off) programs can be completely restored to their original running state; this is an important reason Scrubit does not arbitrarily cleanup folders or extra non-active items. Since, Scrubit does not clean based on definitions the remaining pieces pass the test of standard behavior and are left alone.

If a legitimate program is cleaned as result of a false positive (for example a safelist was not created), you can restore the auto-running components back to the parent folder. Because Scrubit does not remove the non-running components, the program formerly quarantined will work again. This approach allow Scrubit to work as a standalone Badware cleaner or to work in conjunction with definition-based systems. Each doing what they do best.

Scrubit protects, but still allows a user to make errors and restore program functionality. This behavioral design that leaves the non-infectious traces is powerful enough to catch (polymorphic ) mutating badware that definition-base scanners cannot catch. Scrubit can differentiate between what is a genuine security problem and what is not, and is forgiving enough to allow users to make mistakes and restore things.