Strange scanning results with AVG Free 7.0.296!

In my opinion, I think light weight AVs such as AVG, AntiVir, NOD32 or avast! can be used along with Prevx so these can offer the excellent fortress for some advanced users that are in high risk environment.

Prevx can prevent zero-day attack and unknown malware that get pass traditional anti-virus/anti-trojan/anti-spyware by generic detection+behaviour blocking, prevx doesn't rely on signature-based mathod and unreliable heuristic analysis.

You don't need to load up your pc with heavy weight anti-virus such as Kaspersky/Mcafee, anti-trojan, anti-spyware, anti-bla bla bla...in order to get excellent real-time protection.

 

Just added Ewido Security Suite 3.0 to my scanning table. Not bad at all.

Best regards,
Firefighter!

 

Fair enough, but Im my opinion to get EXCELLENT protection you do need to be looking at KAV, NAV, McAFee (questionable).

If you practice good internet security then a free AV and some other privacy software will do a reasonable job.
I still maintain that AVG is the worst of the free AVs though, give me AVAST anyday. I wouldn't reccomend paying for any of the FREE AV Pro versions though.

Of the middle ground stuff ....... NOD, CLAM, MKSVIR, NORMAN and the KAV engined progs ......... why pay for any of them when the best costs the same or LESS.

I'll probably get slated now but if you want the best it's KAV, NAV (and possibly) McAFEE.

 

If one uses reputable published test data, then McAfee consistently outperforms NAV in ALL benchmark caterories.

 

A lot of people have the misconception that mcafee is a second rate antivirus. In reality the only av the out performs mcafee in reputable test's is kaspersky and then it is close. That is covering file virus/ dialers/ trojans/worms/ and just malware in general. I won't mention a name but there is an av that does well in in the wild viri and has pretty good huerstics, but that is not enough. You have to be able to detect the other malware as well. which kav and mcafee do very well.

check it here http://www.av-comparatives.org/

 

In a tests like this, it's very hard to beat Kaspersky engined av:s, but now that has been done. The winner, McAfee VSE 8.0i & Ewido Security Suite 3.0 combo.

Just added to the table in post 1.

Best regards,
Firefighter!

 

I think ewido is a strong and well built program but I think you're overlooking others. TDS was always a contender and a-squared is becoming quite the impressive little program. Anyways, just a thought.

 

I would not yet group CLAM with any of these AV's, particularly those containing the KAV-engine.

But you have just stated that the KAV-engined AV's are only in the 'middle' ground! Further, as already noted, KAV and McAfee will give better overall malware detection than NAV.

 

Has anyone here seen AVG Heuristic in action? Or which file to use so i'll see (AntiVir was sensitive to system dir deleting batch).

 

I've seen so called AVG's heuristic (don't exactly know) does the job with modified Exploit.JPG-MS04-028, it can't flag pic 2 if its heuristic disabled. I've also seen so many detection by its gereric detection and heuristic when I test AVG with old DOS virus.

 

Use some of these files.

BAT.DeadByte.c.zip:\BAT.DeadByte.c Could be infected Trivial Infected, Embedded object
BAT.DeadByte.d.zip:\BAT.DeadByte.d Could be infected Trivial Infected, Embedded object
BAT.Loreli.zip:\Bat.Lorelei.bat Could be infected BAT/Generic Infected, Embedded object
BAT.Obsolete.335.zip:\BAT.Obsolete.335 Could be infected Trivial Infected, Embedded object
BAT.Vir94.zip:\BAT.Vir94.com Suspicion: unknown virus .EXE.COM Infected, Embedded object

HTML.Jsv.b.zip:\opr01BGU.htm Could be infected VBS/JScript Infected, Embedded object

Script.Inf.Zox.b.zip:\Script.Inf.Zox.b Suspicion: unknown virus .EXE.COM Infected, Embedded object
Script.Inf.Zox.c.zip:\Script.Inf.Zox.c Suspicion: unknown virus .EXE.COM Infected, Embedded object

Exploit.Win32.MS04-028.b.zip:\2.jpg May be infected by unknown virus Exploit.JPEG Infected, Embedded object

TrojanDownloader.Java.Psyme.zip:\TrojanDownloader.Java.Psyme Could be infected JS/Psyme Infected, Embedded object

TrojanDropper.JS.Mimail.b.zip:\TrojanDropper.JS.Mimail.b:\Articulos\EJEMPLOS\Interprete.zip:\Interprete\FORM1.FRX Could be infected IRC/Generic Infected, Embedded object

Trojan.Worf.215.zip:\Trojan.Worf.215 Could be infected Trivial Infected, Embedded object

Win32.Savior.1832.zip:\Win32.Savior.1832 Could be infected Win32/Savior Infected, Embedded object
Win32.Savior.1904.zip:\Win32.Savior.1904 Could be infected Win32/Savior Infected, Embedded object

I-Worm.Alcobul.a.zip:\opr01BXF.a Could be infected IRC/Generic Infected, Embedded object
I-Worm.Alcobul.b.zip:\opr01BXE.b Could be infected IRC/Generic Infected, Embedded object
I-Worm.Horty.a.zip:\I-Worm.Horty.a Could be infected VBS/Iloveyou Infected, Embedded object
I-Worm.Hybris.c.zip:\I-Worm.Hybris.c Could be infected I-Worm/Hybris Infected, Embedded object
I-Worm.Hybris.gen.zip:\I-Worm.Hybris.gen Could be infected I-Worm/Hybris Infected, Embedded object
I-Worm.Lee.g.zip:\I-Worm.Lee.g Could be infected VBS/VBSWG Infected, Embedded object
I-Worm.Lee.l.zip:\I-Worm.Lee.l Could be infected VBS/VBSWG Infected, Embedded object
I-Worm.Lucky.b.zip:\I-Worm.Lucky.b Could be infected VBS/CoolNote Infected, Embedded object

IRC-Worm.Milbug.b.zip:\IRC-Worm.Milbug.b Could be infected IRC/Generic Infected, Embedded object
IRC-Worm.Mill.d.zip:\IRC-Worm.Mill.d Could be infected IRC/Generic Infected, Embedded object
IRC-Worm.Ministry.595.zip:\IRC-Worm.Ministry.595 Could be infected IRC/Generic Infected, Embedded object
IRC-Worm.Monel.zip:\IRC-Worm.Monel Could be infected VBS/Baby Infected, Embedded object
IRC-Worm.Tiny.a.zip:\IRC-Worm.Tiny.a Could be infected IRC/Generic Infected, Embedded object
IRC-Worm.Tiny.f.zip:\IRC-Worm.Tiny.f Could be infected Trivial Infected, Embedded object
IRC-Worm.Upd.1161.zip:\IRC-Worm.Upd.1161 Could be infected IRC/Generic Infected, Embedded object
IRC-Worm.Wally.b.zip:\IRC-Worm.Wally.b Could be infected IRC/Generic Infected, Embedded object
IRC-Worm.Wally.c.zip:\IRC-Worm.Wally.c Could be infected IRC/Generic Infected, Embedded object
IRC-Worm.Wisk.11.zip:\IRC-Worm.Wisk.11 Could be infected IRC/Generic Infected, Embedded object

mIRC-Worm.Acoragil.a.zip:\opr010F3.a Could be infected IRC/Generic Infected, Embedded object
mIRC-Worm.Acoragil.f.zip:\opr010F6.f Could be infected IRC/Generic Infected, Embedded object
mIRC-Worm.Ahack.zip:\opr01A9C.Ahack Could be infected IRC/Generic Infected, Embedded object
mIRC-Worm.Fono.zip:\opr01A9D.Fono Could be infected IRC/Generic Infected, Embedded object
mIRC-Worm.Simpsalapim.e.zip:\opr01AA7.e Could be infected IRC/Generic Infected, Embedded object
mIRC-Worm.Simpsalapim.q.zip:\mIRC-Worm.Simpsalapim.q Could be infected IRC/Generic Infected, Embedded object
mIRC-Worm.Sleeper.k.zip:\mIRC-Worm.Sleeper.k Could be infected IRC/Generic Infected, Embedded object
mIRC-Worm.TooLame.a.zip:\opr01AAC.a Could be infected IRC/Generic Infected, Embedded object

Worm.Super.393.zip:\Worm.Super.393 May be infected by unknown virus Infected, Embedded object
Worm.Ternop.2551.zip:\Worm.Ternop.2551 Suspicion: unknown virus .EXE.COM Infected, Embedded object


Best regards,
Firefighter!

 

In my opinion there is a world of difference between Kaspersky and the Kav engined AVs (escan etc). There may not be much in it looking at "On Demand" tests but for "Realtime Protection" Kaspersky is far better.

Try doing some surfing & downloading here http://<removed>/ Kaspersky will pick up plenty of stuff that Escan will miss.

No links to malware please--Ron

 

I remember that eScan Free is unable to detect infected files more than 1 Megs and it's using KAV _x bases (= super secure), so I don't be so worried about this, because 100+ % detecting rate isn't even possible.

Best regards,
Firefighter!

 

FF.....
1. How's eScan paid as an RTS? How good is its cleaning - is it able to remove the malware it finds? or is it like Norton?
2. PM for you!

 

Sorry about that.

 

The version 4.4.7 was the latest that could delete/rename infected files/archives. You can get it there, the second post below.

http://www.spywarefri.dk/forum/topic.asp?TOPIC_ID=7592

You can update that proggie by just right clicking once that mwav.exe and choosing "extract here", then just execute the kavupd.exe and then when the update was finished also that mwavscan file.

Best regards,
Firefighter!