Do You Really Need To Run A Antitrojan Program With Kav?

Discussion in 'other anti-virus software' started by Mr2cents, Feb 24, 2005.

Thread Status:
Not open for further replies.
  1. dread

    dread Registered Member

    Joined:
    May 18, 2004
    Posts:
    195
    When I say mcafee and msantispyware didnt catch it, I meant when I ran the file activesheild didnt catch it. Mcafee does have that Unwanted Programs option but you can only check or uncheck it when you do a scan. I just did a scan on that dir where I extracted the files to and mcafee did detect the files. I am running full scan now to see if mcafee can detect the registry entries but pestpatrol didnt. Pestpatrol detected it when it loaded and all the files.msantisypware hasnt fount anything yet. Gonna run over to mcafee forums and see if anyone can answere why the activesheild on the home version doesnt detect it. If the normal scan can I would think that activesheild could. I thought the activesheild would detect the same things as the normal scan.
     
  2. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    8,251
    Location:
    The land of no identity :D
    Trend PC-cillin also detects this I think...
     
  3. happin-in

    happin-in Guest

    there are a lot of threads on this in search. Also over at dsl forums from when Magnus first "promoted" this as something specific for TH users. I wouldnt be concerned at all if my AV/AT chose to ignore this as they are busy enough with real threats. It was added by some software developers later including Bo clean and others , I suspect, to appease subscribers who wanted to have it detected so they may feel comforted .
     
  4. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    Shouldn't an anti trojan or anti virus that are on the ball,ie up to date with defs ignore this"trojan simulator" because it is just that a simulator and thus should be recognised as such
     
  5. Randy_Bell

    Randy_Bell Registered Member

    Joined:
    May 24, 2002
    Posts:
    3,004
    Location:
    Santa Clara, CA
    Well, that depends: EICAR is just a harmless text-string but it is detected by ALL antivirus scanners since it is a standard. This is a similar thing to test trojan detection {hence the name, "trojan simulator"}. So it depends on how you look at it; yet of course this simulator, written by Magnus Mischel, has not attained the universal acceptance that EICAR has. ;)
     
  6. NAMOR

    NAMOR Registered Member

    Joined:
    May 19, 2004
    Posts:
    1,530
    Location:
    St. Louis, MO
    darn you bet me to it... you got quick typing fingers there Randy_Bell.
     
  7. Mr2cents

    Mr2cents Registered Member

    Joined:
    Sep 18, 2004
    Posts:
    497
    Hi Firecat. Your correct. Trend micro detects it. See screenshot. ;)
     

    Attached Files:

  8. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    8,251
    Location:
    The land of no identity :D
    I thought it would because some of my friends have PCC (2000-2004) and they told me they have some sort of 'trojan simulator' and they gave it to me, and eScan did not find it. Of course, I know KAV/eScan will do much better than PCC in real world...
     
  9. Randy_Bell

    Randy_Bell Registered Member

    Joined:
    May 24, 2002
    Posts:
    3,004
    Location:
    Santa Clara, CA
    In fact, Trend was one of the first to add it for detection, shortly after Magnus released it to the public {seems like couple years ago now}; I have no idea why Trend chose to do this, hehe .. ;)
     
  10. Randy_Bell

    Randy_Bell Registered Member

    Joined:
    May 24, 2002
    Posts:
    3,004
    Location:
    Santa Clara, CA
    There is absolutely no comparison, KAV is *FAR* FAR better in real world detection of trojan and trojan-related code. ;)
     
  11. SIMONxi

    SIMONxi Guest

    The problem with Kav's trojan abilities is that, as good as they are, they still come up short when compared to TDS-3. McAfee, NOD32, and F-Prot are all superior in dealing with viruses.

    Malware detection and removal is not an area anyone wants to be compromising in.
     
  12. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,024
    Location:
    Christchurch, UK
    Evidence of this?
    Personal observations again? When making general statements like this it is much better for forum members if you can support your blanket statements with some reliable evidence. Otherwise it is simply anecdotal.
     
  13. Mr2cents

    Mr2cents Registered Member

    Joined:
    Sep 18, 2004
    Posts:
    497
    I'm totally confused by all this. I've got kav 5.0 and it doesn't detect this trojan stimulator. This is proved in the screenshots that I've provided. However, Jmschwartz on page one of this thread has a screenshot of "kav for windows workstations" that detects this trojan simulator. It's also detected by kav on Jotti virusscan.

    Do I need the pro version to detect this? o_O Another poster on page one stated that his kav version didn't detect it either. Some have stated that it doesn't matter if your antivirus detects it or not. If it's no big deal, then why has kav chosen to detect this in some versions, and not in others? :rolleyes: This seems to be a contradiction to me. If one version detects it, shouldn't they all? :rolleyes:

    Bitdefender and Nod32 also catch it.
     
  14. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    163,052
    Location:
    Texas
    AntiVir PE also catches it.
     
  15. hollywoodpc

    hollywoodpc Registered Member

    Joined:
    Feb 14, 2005
    Posts:
    1,325
    Hi Mr . No need to say this but , a layered approach is best REGARDLESS of your AV program . Good luck in your quest
     
  16. Mr2cents

    Mr2cents Registered Member

    Joined:
    Sep 18, 2004
    Posts:
    497
    Hi ronjor. I noticed that Antivir PE caught it when I uploaded the file on Jotti. And so did kav, this is what has me confused. One kav detects it, another version doesn't. :rolleyes:
     
  17. Mr2cents

    Mr2cents Registered Member

    Joined:
    Sep 18, 2004
    Posts:
    497
    Hi hollywoodpc. I agree with you 100%. That's the reason I keep Boclean.
     
  18. happin-in

    happin-in Guest

  19. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    163,052
    Location:
    Texas
    I understand. Adding, I have no answer. :)
     
  20. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    Don't let it confuse you Mr2cents, it not the different version's that detect's it, it's which sig-bases, in Jmschwartz's case (& Jotti) he most likely is using the supersecure"x-bases (available in Pro & workstation), these are meant for networkadministrators link . :)
     
    Last edited: Feb 27, 2005
  21. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    8,251
    Location:
    The land of no identity :D
    Admitted maybe Xbases detects it, but does ext bases detect it?
     
  22. Mr2cents

    Mr2cents Registered Member

    Joined:
    Sep 18, 2004
    Posts:
    497
    I have kav configured to update "from Internet Extended Databases". Kav does not detect it :mad: Here's a screenshot. Maybe I have it configured incorrectly? Anyone know? :rolleyes:
     

    Attached Files:

    Last edited: Feb 27, 2005
  23. Mem

    Mem Guest

    Maybe go back to my comment on page 1 - extended does not catch it in KAV Personal but if you use x-bases (super secure) in KAV Personal it does catch it. :)
     
  24. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    8,251
    Location:
    The land of no identity :D
    I see. For many people, Simulators are the only way to test whether an AV is working. If KAV 5.0 does not detect this with ext bases of standard bases then many people will be mis-led...
     
  25. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    Not really Firecat, if you want to test if your AV is working properly you go to Eicar.org and see if it's working, a much more established way of doing it. Try and see if Kav will let you open any of the four files. :)
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.