which scanner one can trust

Discussion in 'NOD32 version 2 Forum' started by hadi, Apr 25, 2005.

Thread Status:
Not open for further replies.
  1. hadi

    hadi Guest

    Hi all
    Running these creatures

    NOD32,spywareblaster,spywareguard,M$ antispyware,spybot S&D,adaware
    system comes up clean as a wistle.
    However, readings has infected me with a bad habit of checking the "on line scanners" I usually check only -C:Windows- to shorten scanning time. yesterday "eTrust Antivirus Web Scanner" found "abest.exe"
    Today "rav online scanner" marked this
    C:\WINDOWS\IFinst25.exe - Backdoor:Win32/IzRam.1_7 -> Infected

    loading IFinst25.exe in jotti. results are

    File: IFinst25.exe
    Packers detected: UPX
    Scanner results
    AntiVir Found nothing
    Avast Found Win32:Trojan-gen.
    AVG Antivirus Found nothing
    BitDefender Found Backdoor.IzRam.1.7
    ClamAV Found nothing
    Dr.Web Found BackDoor.Ifinst
    F-Prot Antivirus Found nothing
    Fortinet Found W32/Izram.A-bdr
    Kaspersky Anti-Virus Found nothing
    mks_vir Found nothing
    NOD32 Found nothing
    Norman Virus Control Found nothing
    VBA32 Found nothing
  2. kjempen

    kjempen Registered Member

    May 6, 2004
    I guess your computer is infected with this trojan.
    See here for which AV vendors got this in their definitions.

    Also try scanning this file at VirusTotal , and hopefully more AV vendors will add detection for it soon.
  3. hadi

    hadi Guest

    Hi kjempen

    Thanks for the link, its similar to jotti.org link. So, you think my comp is infected, and that is exactly what I mean, assuming that my comp is infected, what is the use of NOD32, adaware, spybot S&D, spywareguard, spywareblaster and M$ antispyware if they cant detect the infection. Which scanner is reliable then. thanks
  4. kjempen

    kjempen Registered Member

    May 6, 2004
    Yes, it is similar to jotti, but it does have a few scanners that jotti doesn't.
    Also, when you scan files at these 2 places you also submit the samples that are scanned automatically in the same process.

    No scanner can protect you 100%. It is not a bad selection you have of security programs, but might I suggest something like NOD32 combined with Trojan Defence Suite 3? And do you have a firewall? Firewalls are extremely important when it comes to protection for backdoor trojans.

    You seemed to be extremely unlucky since you came across a piece of malware that even KAV failed to detect (which usually have a signature for almost every piece of malware out there).

    Good luck! And don't give up just because you got unlucky one time.

    EDIT: Some stupid typos etc. fixed
Thread Status:
Not open for further replies.