Why I don't believe antivirus reports

j79zlr

Glaanies script monkey
Political Access
Joined
16 Feb 2003
Messages
2,725
Norton AV is always among the top when AV comparison tests are done, yet I see it constantly miss viruses and computer with NAV updated and installed massively infected. Well, my boss just asked me, hey this looks like a virus, I siad it sure did. It was a small 146k attachment named message.zip. I said to save it to your hard drive and scan it without opening it. He did. NAV say all clean. So I extract the zip to find message.zip.cmd. I knew it was a virus, but NAV said it was clean.

I decided to send it to virusscan.jotti.org and here are the results:

AntiVir Found Worm/Stration.C
ArcaVir Found Heur.Win32
Avast Found nothing
AVG Antivirus Found I-Worm/Stration
BitDefender Found Win32.Worm.Stration.AH@mm
ClamAV Found Worm.Stration.EK
Dr.Web Found Win32.HLLM.Limar
F-Prot Antivirus Found W32/Warezov.CK
Fortinet Found nothing
Kaspersky Anti-Virus Found Email-Worm.Win32.Warezov.bi
NOD32 Found nothing
Norman Virus Control Found W32/Stration.OZ
UNA Found nothing
VirusBuster Found Trojan.Opnis.Gen!Pac2
VBA32 Found Email-Worm.Win32.Warezov.bi

NOD32, AVAST!, UNA, Fortinet and Norton [on my bosses PC] missed it, everyone else found it, including AVG, which seems to always get blasted in those comparison tests.

The morale of the story is, don't use Norton AV. Yet the powers that be here, still think that you need Norton and not someone else, I just don't understand it. Although it probably explains why Microsoft is so popular, they might have a terrible track record, but you still recognize the name.
 
wow, nod32 missed it, that's a surprise

thanx for sharing the experience..
 
Was NAV set to scan within archives for manual scan as by default I think it is turned off so you have to go into options and enable it.

Not sure what comparison you used in saying NAV was at the top but this one shows NAV at 22nd. I now use Kaspersky 6 and it uses less resources then the other AV I was using did (NOD32) plus is top notch protection.
 
Namesake holds a lot of wieght to the uninformed, witness Bose. still it is deistressing that the others missed it.
 
Was NAV set to scan within archives for manual scan as by default I think it is turned off so you have to go into options and enable it.

Not sure what comparison you used in saying NAV was at the top but this one shows NAV at 22nd. I now use Kaspersky 6 and it uses less resources then the other AV I was using did (NOD32) plus is top notch protection.

I scanned the archive and then extracted it and scanned the contents, came up clean both times.

Scan within compressed files is checked by default, at least it is here and noone changed it.
 
I am also surprised that NOD32 missed it, shocker there.

That being said, I have had very good results with Sophos lately.
 
I am not surprised....

And I would like to also add that the Bloodhound hoax is a pain int he fundament - one that I guess you only get with NOD? Educate me if my knowledge of bloodhound is lacking....
 
Let's not get too hasty in condemning/recommending virus-scanners on the strength of the results from just one particular virus. With a different virus, the results could well be entirely different or reversed. Let common sense prevail. If a particular AV program is *consistently* bad (or good), that means something. The results above, however, mean very little by way of helping someone decide which to use.

As for NAV, companies use it despite it's poor performance (in terms of detection as well as use of resources) because Symantec ploughs a lot of money into corporate support and keeping a high profile in the business world.
 
Norton would have to pay me to use their chunk of junk, resource hog, pc crashing, poor excuse for a program. Noton produces more trash than anything. And that is just from the stand point of trying uninstall their garbage.

As far as Antivirus reports and such; it is all based on who pays the reporting org more money. The highest bidder gets the top spot. I use AVG free and haven't had any probs with it yet. It is a very good antivirus and I recomend it to everyone ..
 
If you want something that is really efficient, try BitDefender. It has more stop points than most software that I have tested.

It even prevented a .vbs script from running which sole job is to clean out system restore
 
Most people running nod32 turn of heuristic scanning which takes out 80% of nods ability to protect.

Turn on heuristsics (check for potential bad things) and run the file by it again and see what happens.
 
Funny about the big names.

I used Mcafee for 5 years because it was available free to me under my companies liscence. It would miss a virus or two a year. I switched to AVG a few years ago because Mcafee changed their interface to something I did not like. AVG has never let a virus through. (I periodically cross check with on line scanners.)

Brag about your brand names and test scores all you want. I now where I'm staying.
 
I have used AVG for quite some time now. It has not let anything through for me either. My boss at work has Symantec's System works and has fudged up on catching viruses. I had to go in and manually clean one out last week. It sucks and he just updated his license 2 months ago.
 
Norton antivirus has been a bad place to visit now for a long time (four years at least) even worse is their uninstall routines which have never worked correctly causing many users untold hear pulling. Symantec have recently acknowledged this and are working to get themselves back into the top ten, problem is they have spent all the profits on promoting the product and very little on the software development side and as most must know it comes free with just about everything to do with computers.

The virus/maleware detection market in now huge but strangely if you walk into PC World here in the UK as a normal punter and ask about virus detection software they only have two or three products but say if you by this bit of kit then Norton or Mcafee are free. Most other products are completely unknown to them bar none or they don’t make a big enough margin to stock them. In the end it’s the PC Worlds (of this world) type retailers who will lose out as punters go elsewhere (online).

I used Norton for many years, it once was a good product but now I think most free Virus checkers are better. I myself use Kaspersky 6 and Spyware Doctor along with HijackThis. They’re not perfect but are amongst the best available at doing what I want from them, detecting Virus and Trojans etc but I have to say that the odd one still gets through as it would seem is the case here.

:yowch: :eek:
 
The only Norton product I've found invaluable (and actually does the job) is Ghost 2003 for keeping a backup image of my system drive. Everything else is beaten by the competition in ease of use, impact on system resources, and probably reliability too.

My ISP provides it's members with Norton Internet Security entirely free with no subscription renewals required. That's the only reason I gave it a try. Big mistake. I'd rather pay and have something better -- that's how good Norton is.

Currently using the ZoneAlarm Security Suite. Doesn't intrude. Get's the job done without bringing my PC to it's knees. Quite happy to stick with it unless Zonelabs do something really stupid with it in future versions.
 
I cannot believe everybody missed the cardinal mistake.

Never open unknown attachments before verifying the sender.

(I agree with the views expressed in this thread)
 
There was no mistake, my boss knew it was a virus and so did I.
Noone was infected, I was just posting a real life story of NAV missing an obvious virus.
 
I cannot believe everybody missed the cardinal mistake.

Never open unknown attachments before verifying the sender.

(I agree with the views expressed in this thread)

Unfortunately, people do this all the time, even people you think should know better.
 
Yes this whole Norton AntVirus thing is a joke to me. I use to trust Norton AV for years and since I recently saw a "Best AntiVirus" list over @ CyberNews I noticed that yet again Norton AV was a joke. Since then I noticed that Kaspersky was one of the better ones with a great Heuristics code to catch viruses. I will from now on continue to use Kaspersky and recommend it to fellow people. Norton AV is bloated anyways.
 

Members online

No members online now.

Latest profile posts

Also Hi EP and people. I found this place again while looking through a oooollllllldddd backup. I have filled over 10TB and was looking at my collection of antiques. Any bids on the 500Mhz Win 95 fix?
Any of the SP crew still out there?
Xie wrote on Electronic Punk's profile.
Impressed you have kept this alive this long EP! So many sites have come and gone. :(

Just did some crude math and I apparently joined almost 18yrs ago, how is that possible???
hello peeps... is been some time since i last came here.
Electronic Punk wrote on Sazar's profile.
Rest in peace my friend, been trying to find you and finally did in the worst way imaginable.

Forum statistics

Threads
62,015
Messages
673,494
Members
5,621
Latest member
naeemsafi
Back