No antivirus engine is perfect, even the market leaders will miss the occasional threat, and so installing just one security package could leave you exposed to risks.
WinMHR, though, will scan your system and use the collective intelligence of more than 30 antivirus tools to identify malware, which means it’s much more likely to detect even the lesser-known dangers.
We launched the program and it scanned the executables for all our running processes, calculating MD5 hashes (digital signatures) for everything it finds. These are then compared with a central Malware Hash Registry, which the authors say is aggregated from over 30 antivirus engines (though they don’t name them), and you’re alerted to any hits, all in just a few seconds.
WinMHR can also scan specified files, folders or entire hard drives, calculating and comparing hashes in much the same way. This approach has several advantages. You don’t have to send an entire file, for instance, as you do with services like VirusTotal; and there’s no need to download definition updates, as comparisons are always done on Team Cymru’s servers with the very latest version of their database.
There are problems, though, too. The program isn’t particularly configurable, for example. You’re not able to create a “custom scan” as you can with many antivirus tools, specifying a group of folders and file types that you particularly want to check. As a result you’ll probably end up running a full scan of your entire drive, and that can take several hours.
And more significantly, aggregating the results of over 30 antivirus tools doesn’t just mean you detect additional malware: it also greatly increases the number of false positives. Team Cymru say they’ve tried to minimise this by not listing items with less than a 5% detection rate, but we still saw many identified in our test report. And, unlike VirusTotal, WinMHR doesn’t tell you how many of its antivirus engines detected a particular file as a threat. You’re told it’s malware, whether it was 30/30 or just 2/30 engines that delivered the “guilty” verdict.
This isn’t a tool for the antivirus novice, then, as you can’t assume it’s actually identified anything dangerous, and the program can’t remove the files itself anyway.
If you know what you’re doing, though, WinMHR is still worth a closer look. There’s no doubt that it can identify threats that many individual antivirus engines might miss, and if you’ve the time and knowledge to separate these from the false positives then the program can play a significant part in improving your PCs security.
Your Comments & Opinion