An interesting antivirus experience - A "dynamic" test

Jim Wynne

Jim Wynne

Leader
Admin
Without going into details, I recently had the opportunity to several different virus scanners a "dynamic" test. I had, in an e-mail message, an attachment (a zip file) which I knew from the nature of the message contained some sort of bad thing.

I use the free version of AVG, so I had it scan the file, and it failed to identify the trojan therein. Then I used the online scanners of Symantec (Norton), Trend Micro, and Panda. Of those three, only the Norton scanner correctly identified the bug as trojan.peacomm.

Even after giving AVG's definitions a week to catch up, it still reported the file as clean.

Many people will recommend anti-virus software based on the fact that they've never had an infection while using their favorite. The fact is, though, that you never know whether yours is any good or not until you're faced with an actual threat. There's always a "dead zone" between the time that a new virus/trojan starts to proliferate and when the antivirus developers come up with an answer for it. This means, (A) you can't always depend on antivirus software to save you, and (B) the one you use should have a good history of speedy release of new definitions for new threats.

While I've used AVG for three or four years, the first time it was tested, it failed miserably, so I'm looking elsewhere.
 
W

wmarhel

Re: An interesting antivirus experience

Two packages that I'm pretty impressed with:

PREVX (Free Trial Available)

and

Computer Associates

I've used PREVX to help bail a friend of mine out after his kids had downloaded a little nasty. Over 500 removed files (beware of zip archives around 178k in size), and a day and a half later, the system was back to normal.

Wayne
 
D

David Hartman

Re: An interesting antivirus experience

Jim Wynne said:
While I've used AVG for three or four years, the first time it was tested, it failed miserably, so I'm looking elsewhere.
Click to expand...

Jim,

About 4 years ago I was an avid AVG, Ad-Aware, and Spybot S&D user, then I had the opportunity to use a trial version of McAfee. The first full-sytem scan with the McAfee resulted in 1136 items that consisted of viruses, trojans, worms, and the usual adware bugs. This was the last time I have relied upon AVG. I am currently using Norton along with AdwareBlaster, Ad-Aware, and Spybot - and have saved my system twice now with Norton's GoBack program.

What I have not mentioned is that my computer is in the hands of two 20 year old boys late at night, accessing Lord knows what, including opening almost anything sent to them from MySpace, IM, Yahoo, etc. :mg:

Thank you Symantec! :agree1:
 
Jim Wynne

Jim Wynne

Leader
Admin
Re: An interesting antivirus experience

ddhartma said:
Jim,

About 4 years ago I was an avid AVG, Ad-Aware, and Spybot S&D user, then I had the opportunity to use a trial version of McAfee. The first full-sytem scan with the McAfee resulted in 1136 items that consisted of viruses, trojans, worms, and the usual adware bugs. This was the last time I have relied upon AVG. I am currently using Norton along with AdwareBlaster, Ad-Aware, and Spybot - and have saved my system twice now with Norton's GoBack program.

What I have not mentioned is that my computer is in the hands of two 20 year old boys late at night, accessing Lord knows what, including opening almost anything sent to them from MySpace, IM, Yahoo, etc. :mg:

Thank you Symantec! :agree1:
Click to expand...

I downloaded a 15-day trial of the Norton program, and it's as sluggish as I had remembered earlier versions being. It also has a boot nag that tells me something's amiss with my system, which as far as I can see so far, can't be turned off. The "problem" it's seeing is that I don't have automatic Windows update turned on, and I have no intention of turning it on.
 
C

chergh - 2008

Re: An interesting antivirus experience

If you looking for a new virus program Nod32 is well worth checking out IMO
 
N

nickh - 2011

Re: An interesting antivirus experience

http://www.av-comparatives.org/ does a good job of reviewing the various products. As far as I can tell, they don't exhibit any bias. Their overall winner for 2006 was Nod32. Nod32 is also well known for having a small memory footprint and fast scanning.

I currently use AVG, but it's not very well rated. Someday my cheap butt will pony up the dough for a decent A/V tool. But in the meantime, I just don't click on anything dubious.
 
Jim Wynne

Jim Wynne

Leader
Admin
Re: An interesting antivirus experience

nickh said:
http://www.av-comparatives.org/ does a good job of reviewing the various products. As far as I can tell, they don't exhibit any bias. Their overall winner for 2006 was Nod32. Nod32 is also well known for having a small memory footprint and fast scanning.

I currently use AVG, but it's not very well rated. Someday my cheap butt will pony up the dough for a decent A/V tool. But in the meantime, I just don't click on anything dubious.
Click to expand...

Interesting that you should mention it, because I had meant to post back here. At the suggestion of chergh, I downloaded a trial of NOD32 and, still having the trojan isolated (as it came to me, in a password-protected zip file) I gave it a whirl. It failed. It said that it couldn't verify the zip file because it was password protected. It did, at least, urge caution, which is more than AVG did, which deemed the file clean. I now have a trial of Kaspersky installed, and it does identify the trojan (as did Norton).

It's very handy having a positively-identified trojan on hand to be able to test things with.
 
T

Tupham - 2008

Re: An interesting antivirus experience

This is a most interesting and informative thread. Thanks, everyone. A friend of mine had her PC de-virused a few weeks ago and the "tech" recommended AVG. Her computer is slowing down noticably as the weeks go by. Maybe I now know why. Time for a serious av checker!
 
G

Gert Sorensen

Re: An interesting antivirus experience

Jim Wynne said:
It's very handy having a positively-identified trojan on hand to be able to test things with.
Click to expand...

I could do with a copy of that. Could be interesting to see if my own AV-scanner catches it.

ddhartma said:
What I have not mentioned is that my computer is in the hands of two 20 year old boys late at night, accessing Lord knows what, including opening almost anything sent to them from MySpace, IM, Yahoo, etc. :mg:
Click to expand...

Sounds like it is time for user accounts and a little bit of IT-security. You may wanna use Spywareblaster and enable all protection. That keeps a lot of dirt out of your system. Give the kids normal accounts and make sure that they can't turn of firewall and antivirus, that should help a lot.

I can't help noticing a recurring thing: A lot of us seem to be in favour of either Adaware or Spybot or other. None of those gets rid of all the nasty stuff :( If there is something that you can't get rid of, and you're cheap like me, then try the trial version of Spy Sweeper. That is highly efficient, and to be honest, if I had a credit card I just might purchase it. Spy Sweeper has been able to help me on several occasions when I was called to the rescue of my nephews (aged 14-19).
 
You must log in or register to reply here.

Similar threads

J
Experts: Gumblar attack is alive, worse than Conficker
Replies
0
Views
2K
Juan Dude
J
Wes Bucey
More ugly truths (how to cope)
Replies
5
Views
3K
kgott
K
Wes Bucey
The FIRST computer virus - only on Apple?
Replies
5
Views
3K
Jim Wynne
Jim Wynne
R
New virus alert info - E-mail package - Backdoor.Haxdoor.O
Replies
6
Views
3K
Wes Bucey
Wes Bucey
Marc
Top viruses, worms and malware in 2006
Replies
2
Views
2K
Marc
Marc
Top Bottom