AntiVir and detecting exploits

Discussion in 'other anti-virus software' started by minacross, Jul 30, 2004.

Thread Status:
Not open for further replies.
  1. minacross

    minacross Registered Member

    Joined:
    May 12, 2002
    Posts:
    657
    how important is scanning for expoits? Is using an AV that does not scan for exploits is a big risk?
    pls check this thread:
    undetected trojan
     
  2. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    To minacross from Firefighter!

    Some Exploits are not undetectable by AntiVir 6.26!

    D:\CHECK\EXPLOIT_61
    Exploit.Applet.ActiveXComponent.zip
    ArchiveType: ZIP
    --> Exploit.Applet.ActiveXComponent
    [DETECTION] Contains signature of the JScr/Seeker.B4 virus
    Exploit.IE.Dword.zip
    ArchiveType: ZIP
    --> url2dword\URL2DWORD.exe
    [DETECTION] The Trojan horse TR/Expl.IE.Dword
    Exploit.IE.Fearless.zip
    ArchiveType: ZIP
    --> FE IE Exploiter\FE Exploiter.exe
    [DETECTION] The Trojan horse TR/IEexploitr.A
    Exploit.IRC.Slap.zip
    ArchiveType: ZIP
    --> Exploit.IRC.Slap
    [DETECTION] The Trojan horse TR/Expl.IRC.Slap
    Exploit.UNIX.Sendmail.a.zip
    ArchiveType: ZIP
    --> opr01CCN.a
    [DETECTION] Contains signature of the Unix virus Unix/SendmailExp.A
    Exploit.Win32.DComII.a.zip
    ArchiveType: ZIP
    --> Exploit.Win32.DComII.a.a
    [DETECTION] The Trojan horse TR/DComII.A

    End of scan: 30.07.2004 10:38
    Time taken: 00:06 min

    0 directories were scanned
    204 files were scanned
    0 warning messages were issued
    0 files were deleted
    0 files were repaired
    6 detections

    These Exploits were mainly named by Kaspersky 5.0.142.

    Best regards,
    Firefighter!
     
  3. minacross

    minacross Registered Member

    Joined:
    May 12, 2002
    Posts:
    657
    thanx for the fast reply Firefighter :)
    so, as far as I understanded AntiVir does not give me a full protection against exploits and its related trojans :(
     
  4. WhoCares

    WhoCares Registered Member

    Joined:
    Jul 7, 2004
    Posts:
    2
    Hi FireFighter,

    Does this mean AVPE detects 6 out of 204 Exploits you collected ?

    ***

    ***

    NOBODY! (except BRAIN1.x) offers you anything even remotely approaching full protection

    ;)
     
  5. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    To WhoCares from Firefighter!

    Actually there were 59 of my 61 Exploits that were in that folder to be scanned when AntiVir detected 6. The number of files doesn't mean the same as scanned infected archives in my case, usually there are far more file ones.

    To evaluate AntiVir against some other proggies as how good they are against exploits - here are the results against those all 61 exploits.

    60 -- Kaspersky 5.0.142
    41 -- Panda Platinum 7.07.01
    32 -- MKS_VIR 2004 with AH
    26 -- BitDefender 7.2 Free & NOD v2.0 upd 1.815 with AH
    25 -- ClamWin 0.35
    -7 -- AntiVir 6.26.0.51

    Best regards,
    Firefighter!
     
  6. illukka

    illukka Spyware Fighter

    Joined:
    Jun 23, 2003
    Posts:
    633
    Location:
    S.A.V.O
    who cares is right. nothing beats brain v 1.xx against exploits..
    a fully patched os&browser also help, with firewall and IDS

    safe surfing!
     
  7. minacross

    minacross Registered Member

    Joined:
    May 12, 2002
    Posts:
    657
    FF, what about eTrust promo? Could you test it against these exploits? :rolleyes:
    thanx in advance :D
     
  8. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    To Firefighter from Bellgamin...
    Wow! ClamWin did pretty good.

    Would you PLEASE include Command AV & DrWeb in any future tests? {Those are my 2 main anti-virus programs}.
     
Loading...
Thread Status:
Not open for further replies.