[thechat] Trojan

George Dillon gdillon at georgedillon.com
Mon Apr 1 06:45:01 CST 2002


> Despite having Zone Alarm my computer caught a Backdoor Trojan last night.
> Nortons anti-virus picked it up but was unable to delete, quarantine or
> disinfect the files...

I recently had a false alert from NAV re. the backdoor trojan for a file
which I pretty sure was OK (it had been on my system for while, been checked
out before, Zonealarm did not show it attempting to make an Internet
connection but I HAD recently updated my NAV signatures).  I searched the
web and found that NAV has a (small) history of giving false alerts and
their own site advises that false alerts will usually be corrected with the
next definitions update.

However to be sure I installed AVG  - a freeware antivirus suite from
http://www.grisoft.com/ (and also available on many magazine cover disks)
which has fared well against commercial AV stuff in lab tests e.g. PCPlus
magazine which concluded a survey of 10 top antivirus programs March 2002
issue stating that AVG "performed flawlessly" (apart from the heuristics
throwing up a couple of false alarms) and though not the fastest in the test
neither was it the slowest, clearly winning the 'Best Value' Award and the
appraisal - "AVG is secure and performs well enough that we'd be fans if it
cost money".

AVG not only reported my suspect file to be OK but also found 3 suspicious
files (2 of them JS malware in my internet cache) missed by NAV.

RESULT:  I've not ditched NAV now, but I would advise getting a backup
scanner for a second opinion when you're not sure about NAV and for every
once in a while scanning your entire system in case NAV really DOES miss
something.

HTH


George Dillon




More information about the thechat mailing list