AVG vs Spy Sweeper (Revisited)

Discussion in 'other anti-malware software' started by DVD+R, Jan 11, 2007.

Thread Status:
Not open for further replies.
  1. DVD+R

    DVD+R Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    1,979
    Location:
    The Antipodes
    I recently wrote how much a resource monster was compared with AVG. I personally found this to be true,and switched to AVG:

    Not The Best Of Moves:

    Just the other day I reformatted my pc (for some reason cant remember why but anyway) And what a dumb thing I did :rolleyes: I went searching for something without any Anti Virus or Antispyware Installed! :eek: Everything suddenly went to ****! My homepage got Hijacked with something that set the page to C:\system32.html and I couldnt fix it back :'( I ran AVG when I installed it again, and after running a Scan 7 Trojans were found and Quarentined. Then after rebooting to Complete the Quarentine process like what AVG instructed me to do, I ran AVG for a Second time,and 6 More Trojans were found :eek: and the homepage was still stuck on C;\system32.html, but this time when opening Internet Explorer,an eror message said C;\system32.html could not be found. So I ran AVG yet again ,and 3 more Trojans named exactly the same as the ones I had Quarentined were found :blink: but still the homepage was Hijacked. I got totally pissed off,and was just about to reformat my comp again :rolleyes: but thought differently,and Installed Webroot Spy Sweeper 5.2 and ran a Custom Scan to Scan absolutely every inch on my Computer, and BINGO! It immediately found the little Bastard who had Hijacked my homepage,and about 5 other Trojans,after Quarentining,and then deleting them, I ran another Sweep and 1 more was found,after this My Homepage was restored back to the original as it was after my reformat and clean install :D Then I installed NOD32 and did an indepth scan,and this found a new type of virus apparently :eek: cant remember its name but it again had something to do with system32.

    Conclusion:

    Not wanting to knock back AVG, as it did foind a mass of trojans, but it failed in repairing the Homepage Hijacking problem where as Spy Sweeper fixed this up :) On the whole I think I can live with a program that uses more resources than others If It can save me from disaster like what Spy Sweeper did.

    I have in the past asked AVG people about Adding Shields like what Spy Sweeper has, but they declined, Come on Guys Isnt this example enough to do just that :ninja:
     
  2. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    Its quite well known that ewido/avg antispyware isn't the best for cleaning an infected system. However for detection and prevention it is very good.
     
  3. EASTER.2010

    EASTER.2010 Guest

    And is precisely why is been my favorite. :thumb:

    On the other hand DVD+R, yes it is an absolute giveaway of your computer system when you choose to enter active internet lines without the assistance of any firewall/AS/AV and is begging to invite another Re-format. :rolleyes:

    For additional suggestion i recommend you at the very least INSTALL some HIPS such as CyberHawk or System Safety Monitor (many others), had you done only that, even without AV/AS, your machine would have faired better and you been able to "BLOCK" those files from falling into your PC's lap and then taking off running.
     
  4. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    780
    Location:
    West Virginia (USA)
    I'd also recommend that you check your system for a rootkit using Blacklight or RootkitRevealer or Gmer. Plus do a remote scan with Kaspersky is my recommendation as well.
     
  5. DVD+R

    DVD+R Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    1,979
    Location:
    The Antipodes
    Here are Some of the Trojans Webroot Detected and AVG Did Not :eek:

    1.Name CWS_secure32.html hijack
    Unique Code 9S4OPLO1
    Type Hijack
    Severity High
    Description CWS_secure32.html hijack may hijack any of the following: Web searches, home page, and other Internet Explorer settings.

    Characteristics CWS_secure32.html hijack may redirect your Web searches through its own search engine and change your default home page. This hijacker may also change your other Internet Explorer settings.

    Method of Infection Hijackers generally propagate through the use of seemingly-innocent dialog boxes, various social engineering methods, or through scripting errors. Usually hijackers are bundled with various free software programs.

    Consequences If this hijacker changes your Internet Explorer browser settings, you may be unable to change back to your preferred settings.


    2.Name SpySheriff
    Unique Code SSRF939
    Type Adware
    Severity Very High
    Description SpySheriff is an adware program that may display advertisements on your system.

    Characteristics SpySheriff may display advertisements on your computer.

    Method of Infection SpySheriff generally propagates itself using dialog boxes, various social engineering methods, or through scripting errors. Usually adware and BHOs are bundled with various free software programs.

    Consequences This program can display advertisements. It may also cause slowing of your Web browser and system performance issues.


    3.Name Trojan-Backdoor-Rustock
    Unique Code HPFFLCBS
    Type Trojan Horse
    Severity Very High
    Description Trojan-Backdoor-Rustock is a remote access Trojan that that may allow a hacker to gain unrestricted access to your computer when you are online.

    Characteristics Trojan-Backdoor-Rustock may manage files on your computer, including creating, deleting, renaming, viewing, or transferring files to or from your computer. It can utilize a program manager that allows a hacker to install, execute, open, or close programs. The hacker can gain remote control of your cursor and keyboard and can even send mass e-mails from your infected computer. It can run in the background, hiding its presence.

    Method of Infection Trojan-Backdoor-Rustock is usually disguised as a harmless software program and is generally distributed as an e-mail attachment. Opening the attachment may cause an auto-installation process that loads the Trojan onto your computer without your knowledge or consent.

    Consequences This Trojan may open a port on your computer that may enable a hacker to gain remote control of your computer. Additional Comments: It is recommended that you change all of your passwords after removing this program. If you bank online, you might consider changing your credit card and bank account numbers. You should also monitor your credit card and bank statements carefully over the next several months for signs of fraudulent activity.

    Webroot Scanned for Rootits in its Custom Scan,and Also System Restore Folder.
     
Loading...
Thread Status:
Not open for further replies.