What is the best protection against trojans? Avast and Antivir PE failed.

Yesterday I was downloading some infected files, I had Antivir PE installed. It did recognize the trojan but could not stop infection. I had to restore my partition.

Then today I tried it with Avast. Again, Avast did recognize the threat, but failed to do anything about it.

So my question is what is the best protection against these trojans? (besides not downloading illegal files )

I am looking for solution that use minimal system resources. I prefer free software, but if i have to pay for a good solution I will.

Thanks.

(and yeah i know that antvirus is not the best protection against trojans)

 

I'm no expert in this matter, but try Spyware Terminator. It is free for personal use and it has an integrated anti-virus and web guard system. Get it at www.spywareterminator.com

It uses little system resources and has all the functionalities you might want, including on-demand and resident scanning and scheduled scans.

Hope it helps. Let me know if it detects and prevents infection with that file.

 

Have you tried Spyware Doctor Starter Edition from Google Pack? It's free

 

Trying this one right now. I'll put it to the test

 

Sounds good too. thanks. I will first see if Spyware doctor survives my stresstest.

 

The combination of Avast + Spyware Doctor did not survive the Trojan.

This trojan is nasty!

If anyone wants to see if his PC is well protected PM me, I'll give you the link to download the trojan.

 

Is your Avast up to date? I have used several Anti viruses at home and work and Avast is the best that I have used to date and I cuurently have it set up at my workplace which has over 200 pc's and the users are students which have semi restricted access to the web and have never had problems.

 

Yes it was.

I am now testing the combination of AVG Free + Spyware Terminator.

I will continue updating in this thread: http://forum.notebookreview.com/forumdisplay.php?f=15

 

Are you an administrator? (And is this XP or Vista?) Running as a user without admin privileges is a great defense against most stuff... and it doesn't use any system resources.

Also, did these AV programs you tried recognize the threat when you downloaded the file or when you tried to run it?

 

Interesting! i never considered that.

I am administrator i think. I only have one account.

 

Avast is pretty good/sensitive even on Normal settings. And how did Avast fail to do anything about it? It always gives me an Option. Maybe you should play with the settings.

 

Avast DID notice the threat. It warned me. I said delete. Still the system got infected.

Same for AVG Free, Antivir PE, NOD 32.

Now testing McAfee.

 

I doubt if you'll get any takers.

 

Maybe if you get enough people to infect their computers the AV companies will take note and improve their defenses!

 

Yeah, when i saw that i started to laugh. It'd be pretty funny if virus makers started using this method.

Me: La, la, la, la, la, la, la.
Computer hacker: Hey would you like to download some spyware?
Me: Sure.
Computer hacker: Alright go here, and click buy and ship.
Me: Uhg, that's some nasty spyware, but since you asked nicely...

 

7 people have downloaded it sofar. I know I like to test this. I always thought my PC was pretty safe.

 

I'd be curious to know if you still get infected if you set up a limited user account (non-admin) and run it there.

I would never rely on AV software as a primary defense... it's more of a backup strategy in my opinion. (Primary defense IMO is not running as an admin, using Firefox for browsing, not running every dodgy .exe file you can find, keeping OS and software up-to-date, and general common sense.)

Anyway, I'm still curious about the answers to my other questions...

Is this Windows XP?
And did the AV programs warn you about the file when you downloaded the file or when you tried to execute it?

 

Only when running it. OS is XP Pro SP2.

Me too. Haven't tried this yet. It's propably about time I start doing this.

 

AVG Anti-Virus Free Edition

 

Maybe a good scanner but failed on this test.

 

What kind of Virus are you talking about (referring to the one you linked)? Is this an active virus? Super Secret Virus?(LOL)

Seems like your running scare tatics when most likely non of us will run into this Virus, and if Avast can detect it like you said .....Trust me........It will NOT download or let it on the drive unless "Ignore" is pressed. You choose to purposely put it on your PC.

 

a combination of backboors, trojans and virusses.

I think you misunderstood me. Avast, and all the others, did notice it. They say "Alert! Virsus found!" "What do you want to do?"

I choose "Delete" or other times "Put in virus vault". Within 1 minute the virus disabled the virusscanner. So even though they did notice it, they were unable to do anything about it.

It depends. If someone ever downloads .exe files from non trusted websites it is not unlikely to run in to this virus. I know I did.

It may seem that way. I am just a guy who thought he was safe. I was always lauging at these apple fanboys. I used to say "Man if you run good protection you never get a virus". Now I will have to change my behaviour.

 

Have you tried running a boot-time scan with avast to see if it picks it up that way?

 

No i did not. How do you run a boottime scan with Avast?

 

Maybe that is the root of why so many AV programs are failing. Your hitting them with so many different things that they can't possibly pick up all of the programs. Any chance this might be why?

 

I think that is part of the problem yes.

Still I am susprised by the ease this little .exe file disables every single scanner I tested.

Update: I think i found a solution, i will update here: http://forum.notebookreview.com/showthread.php?t=170458

 

That doesn't explain much. Names?


I play with a lot of Viruses under Virtual Machines and it's still pretty hard for them to act out with all of the security placed.

 

I've seen too many names too remember. One name I remember is Virut.

If you have Avira + run it in user account you're safe to check it out. You can trust me.... i think

 

What about Nod32? From what I've read, it detects virtually all known viruses and a large amount of unknowns. Free trial available, just google nod32.

 

Nod32 did not get it.

Neither did:
Antivir Personal Edition
Avast Home Edition
Spybot Search & Destroy
Trend Micro Housecall Online
McAfee VirusScan Plus 2007
Norton Internet Security
AVG Free
Spyware terminator
Spybot Search & Destroy

What finally did effectively stopped my system from getting infected was working from a limited user account in XP (in combination with Antivir PE)

If you want to read details:
http://forum.notebookreview.com/showthread.php?t=170458

 

If you right-click on the system tray icon and choose start avast, schedule boot-time scan will be one of the menu options. Once you schedule it, the next time you restart, it will scan your computer before windows actually starts. I find this generally makes the scan go faster and can sometimes catch things that you wouldn't otherwise during a normal scan within windows. It's been a while since I've done a non boot-time scan though, so it's possible there isn't as much of a difference now.

 

A multiple defense approach is best. I feel that the first line of defense should be a firewall. Second to that, AntiSpyWare. Third is AntiVirus. Some of the testing reporting sites actually disable certain aspects of the software they are testing, allegedly to ensure that they are only testing the specific aspect of that software they intend to test. This is a critical flaw in testing methodology in my opinion as software is often not intended to be artificially crippled in this manner. Unless one takes a systemic view of security, whether via separate products or via a suite, something will invariably get through.

And, quite honestly Phil, I'm getting a little annoyed with your spamming of these forums with multiple posts in multiple forums in multiple topics on essentially the same post and topic. You may well have something to say, but either say it once and refer to it elsewhere or cut it out.

 

ooh where is that coming from?

The only reason I started another thread was that I changed the subject.

At first I was looking for a good tool to protect me from trojans. That was one thread I started.

The second thread I start was a test and discussion on the general quality of virus scanners.

How is that spamming?

Are there any more people who think I am spamming the forums?
Maybe I will keep my testresults to myself.

 

AKA, I agree with Phil on this one. I honestly don't think he's spamming the forums. He merely switched subject and therefore started another thread.

This is much much better than starting a thread that after 3 or 4 pages is on a completely different subject.

 

To be fair, I don't think that the multiple posts constitute spamming but it would be excellent if a mod could merge the threads together considering how similar the topics are. I don't believe there is enough of a switch in topical matter to merit a new thread though.

Still, its certainly not spam.

 

All right. Apologies. Not spam. But a thread merge would be good. Perhaps even a sub-forum for "Security" to include such things as AV, Anti-spyware, Firewalls?

 

I can not find this in the free version of Avast. Maybe it's only in the paid version?

 

It's in the free version.

Right-click the system tray icon.
Choose "Start Avast antivirus".
After the memory scan, it shows a window with one drop-down menu. In the default skin, this is an image that looks like the icon for an eject button. It's near the top-left of the window, in any case.
From that menu, choose "Schedule boot-time scan..."

 

yep. got it. thanks.