antivir missed trojan

I wouldn't have thought of switching just because one sample was missed. At the time you did Jotti's scan, 4 other AVs reported nothing. Are they just as bad? Even when you did the VirusTotal scan, 5 AVs reported nothing, including Avast and Sophos.

This has only come to light because you've been using more than one AV. Think of JoeBloggs who only has one AV on their system -- they would be none the wiser.

I think the general rule of thumb when using more than one AV is to submit anything missed by the other AV -- that way, if it is indeed suspicious, they can update their signatures, and we all get protected against the same malware.

What happens if, heaven forbid, Kaspersky misses a sample? Would you switch again? The lesson learnt here is they all miss something at one time or another, but it is only through the diligence of users to report such anomalies that things can be put right.

 

Anybody looking for an AV with 100% detection is gonna be looking for a long time. Your best solution is multi layered security to try and catch anything that falls thru.

 

Absolutely. It is easy to select a certain AV, and then to select Jottis results that are what one wants.

Best,
Jerry

 

I'd merely add that Jotti's not reliable enough and you must sometimes upload the same file several times to get a valid result. I'd always check it at VirusTotal as well, just to be 100% sure.

 

What really surprises me is AVG seems to pickup the ones the more "advanced" antiviruses miss. I guess low detection rates on comparisons have little to do with real world detections. Just an off topic note, Hawaii had a 6.6 magnitude earthquake today just off the big island. No one was seriously hurt but there was some physical damage to homes, roads and landscape.
SourMilk out

 

So, will you send the sample or not, hawkeen? Still waiting for it, I want to improve the heuristic. I checked with our malware collections, there were several Small.KN samples - and all were detected.

 

Didn't he (hawkeen) say that Antivir already added detection for it?

 

Yes, it apparently ended up being detected as TR/Small.KN.1, which was added to definition version 6.36.00.108 on 14 October.

 

It's their job mate!

 

I'm too tired to remember, and too tired to bother searching... When KAV missed two trojans I found, did I come here and cry like a baby about how I was dumping it? For the life of me I can't recall...

 

yep we should remember, all the security softwares miss trojans, backdoors etc etc

scary thought maybe, buts its fact... none are perfect, some are great, good, poor.

personal preferance is always the best choice, that gut instinct that most people have to tell them 'they now feel secure'

 

ahh..we have a personal attack I do believe and the warm fuzzies are overtaking me. Enjoy your dungeon cause I will not share it with you.

cheers
Hawk

 

KAV missing trojans?...hard to believe..

 

Yesterday, I found a Zlob variant that Kav missing .
Yesterday only three have found: Antivir(signature), Fortinet and Panda(heuristic)

Today: + Nod and AVG

 

The goal is not to find the AV solution that will not miss anything--as that is not possible. Instead find an AV that will catch the things you are exposed to. Antivir failed this task. So far KAV has not. I am sure KAV misses things but it has not missed anything that has came to my computer yet and that my friends is the difference.

Also, the antivir mailguard is pretty useless in its current state. I have a setup where I use popfile for spam filtering and antivir's mailguard will not allow custom configuration to work with popfile. KAV works out of the box with popfile.

cheers
Hawk

 

The point is to prevent the malicious code from being downloaded. Are you positive that IMON didn't block the url you tried to download that Zlob from? If it didn't, try with the update 1.1833.

 

The emphasis is on YET, don't get me wrong KAV is a first class AV, but you'll end up in an endless loop between different AVs because your argumentation is based on coincidence.

 

I don't use Nod32. I am scanning file via virustotal. But I think IMON blocks the URL because it is a well known fake codec site (vc ).

 

hawkeen, is your CHKDSK working ok? I'm not being nasty, I just want to see how many people who use KAV or AOL AVS are having the problem with CHKDSK mentioned in this and the Kaspersky Forum, that don't realize it yet.

 

If you really didn't intend to be nasty, then why didn't you simply PM Hawkeen which would have made sure he noticed you question, instead of hijacking a thread about AntiVir?

 

I have a PC, that uses this great product. Today I checked it and my sisters who has it,CHKSDK worked flawlessly. Give me a break and find another problem to go after. This is nothing but crap. Geez

 

2 things and I will shut up. Antivir is one of the 4 best AVs on the market. Missing "a" trojan is still better than all those with a computer that have little protection and miss "a lot" of trojans. Don is a good person who helps here and at the Kas forum.

Its really funny that there is a thread about what are the 4 products that you cant be without. Me? I look at like, what are the 4 licenses, not products, I cant live without. I will change among the 4 depending on which at the time, provides me the best protection. And Nod and Kas are my top 2.

 

I really didn't even think to PM anyone, or hijack anything. I have used and liked Antivir, but the reality of all this is, many people like their choice of AV's and hawkeen obviously likes KAV. Off of what he posted I simply wondered if he had any troubles with CHKDSK. Again I certainly meant no ill will here, and to be truthful I now use , oh wait I don't want to hijack this thread again. LOL. Seriously though, I want hawkeen to know that I believe KAV is very good, and that AOL AVS was and still is my favorite Free AV, but I am just worried about using it. I am not however, worried about using Antivir PE, and will probably do so when they fix the Guard disappearing while updating. And Don, if you thought I was being nasty and hijacking a thread, you could have chose to PM me as you have done in the past. I am truly sorry for this whole thing though, and I won't let it happen again. Take care all, especially you hawkeen, and of course you Don.

 

I was not offended and I appreciate the good banter. I like good joshing as long as its civil.

As for chkdsk, I have not checked it. Also, at work I bought multiple NOD32 licenses for our servers because it is very light. The servers do not have email on them therefore I am not worried about trojans as much as I am at my home.

I have used KAV/NOD over the past 2 yrs with great success. The only problem with earlier versions of KAV was its slow speed.

cheers
Hawk