M
Mike Oxbig
Should I use the live once care or avg/zone alarm
D
David H. Lipman
From: "Mike Oxbig" <[email protected]>
| Should I use the live once care or avg/zone alarm
No. Get anti virus from a well known anti virus vendor. Microsoft's so-called anti virus
solution has one of the WORST catch rates in the anti virus industry.
| Should I use the live once care or avg/zone alarm
No. Get anti virus from a well known anti virus vendor. Microsoft's so-called anti virus
solution has one of the WORST catch rates in the anti virus industry.
E
Eric
Yeah, leave it to Microsoft....Always in a hurry to put things out and then
in no hurry to help the people who buy it. I'm surprised that people
actually put up with this....
in no hurry to help the people who buy it. I'm surprised that people
actually put up with this....
J
Jane C
Zone Alarm is not compatible with Vista.
For antivirus there are several options, including Avast, AVG, NOD32.
For antivirus there are several options, including Avast, AVG, NOD32.
G
Guest
Mike Oxbig said:
Microsoft's Windows Live OneCare is just as effective as most other
solutions, is cheaper and actually offers more, in that scheduled system
tuneups and backups are part of their service. The cost is about $50 for 3
computers per year, which is much cheaper than ZoneAlarm, the service I had
before.
Yes, Live OneCare anti-virus failed to pass the latest testing but that has
been fixed since the test. What folks don't tell you is that anti-virus
software only passes with 100% detection. Anything less and it's called a
failure. OneCare detected 99%.
It's highly unlikely that I will catch even 1% of viruses out there.
Actually, since I started computing in about 1984 I have caught ONLY 1 virus
and that was a non-destructive Word virus picked up off of a church floppy
disk in about 1990. Spyware has been a much bigger problem.
Anyway, judge for yourself. Live OneCare offers a free 90 day trial. If
you don't like it, toss it.
D
David H. Lipman
From: "Eric" <[email protected]>
| Yeah, leave it to Microsoft....Always in a hurry to put things out and then
| in no hurry to help the people who buy it. I'm surprised that people
| actually put up with this....
|
Me too !
| Yeah, leave it to Microsoft....Always in a hurry to put things out and then
| in no hurry to help the people who buy it. I'm surprised that people
| actually put up with this....
|
Me too !
D
David H. Lipman
From: "Ed Stoddard" <[email protected]>
|
| "Mike Oxbig" wrote:
|| Microsoft's Windows Live OneCare is just as effective as most other
| solutions, is cheaper and actually offers more, in that scheduled system
| tuneups and backups are part of their service. The cost is about $50 for 3
| computers per year, which is much cheaper than ZoneAlarm, the service I had
| before.
|
| Yes, Live OneCare anti-virus failed to pass the latest testing but that has
| been fixed since the test. What folks don't tell you is that anti-virus
| software only passes with 100% detection. Anything less and it's called a
| failure. OneCare detected 99%.
|
| It's highly unlikely that I will catch even 1% of viruses out there.
| Actually, since I started computing in about 1984 I have caught ONLY 1 virus
| and that was a non-destructive Word virus picked up off of a church floppy
| disk in about 1990. Spyware has been a much bigger problem.
|
| Anyway, judge for yourself. Live OneCare offers a free 90 day trial. If
| you don't like it, toss it.
You said "been fixed since the test". Hardly !
You can't "fix" it like a bug. Microsoft is super slow to create signatures and its
signature base is small. I know, I have been submitting samples on a daily basis to
Microsoft for quite some time now. Probably ~1300 in the last 30 days alone.
I know, lets test a Zhelatin worm. This is a new sample, the kind someone would see Today
or Tomorrow...
Complete scanning result of "love.exe", processed in VirusTotal at 02/17/2007 03:42:31
(CET).
[ file data ]
* name: love.exe
* size: 39769
* md5.: 31a30ac157cba999429c722a4ae49a02
* sha1: 0493e90989af866984a6f4f870c2526ed8b138c3
[ scan result ]
AntiVir 7.3.1.37/20070216 found [TR/Small.DBY.AC]
Authentium 4.93.8/20070216 found nothing
Avast 4.7.936.0/20070216 found nothing
AVG 386/20070216 found nothing
BitDefender 7.2/20070217 found [Trojan.Peed.Gen]
CAT-QuickHeal 9.00/20070216 found [(Suspicious) - DNAScan]
ClamAV devel-20060426/20070217 found nothing
DrWeb 4.33/20070216 found [Trojan.Packed.25]
eSafe 7.0.14.0/20070216 found [Win32.Polipos.sus]
eTrust-Vet 30.4.3405/20070216 found [Win32/Difisim.AC]
Ewido 4.0/20070216 found nothing
F-Prot 4.2.1.29/20070216 found nothing
F-Secure 6.70.13030.0/20070216 found [Email-Worm.Win32.Zhelatin.ae]
Fortinet 2.85.0.0/20070216 found [W32/Zhelatin.AD@mm]
Ikarus T3.1.0.31/20070216 found [Email-Worm.Win32.Zhelatin.ae]
Kaspersky 4.0.2.24/20070217 found [Email-Worm.Win32.Zhelatin.ae]
McAfee 4965/20070216 found nothing
Microsoft 1.2204/20070217 found nothing
NOD32v2 2066/20070216 found [Win32/Nuwar.gen]
Norman 5.80.02/20070216 found nothing
Panda 9.0.0.4/20070216 found nothing
Prevx1 V2/20070217 found nothing
Sophos 4.14.0/20070216 found nothing
Sunbelt 2.2.907.0/20070217 found [VIPRE.Suspicious]
Symantec 10/20070217 found nothing
TheHacker 6.1.6.059/20070216 found nothing
UNA 1.83/20070216 found nothing
VBA32 3.11.2/20070216 found nothing
VirusBuster 4.3.19:9/20070216 found [Trojan.DL.Tibs.Gen!Pac.43]
[ notes ]
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed
suspicious through heuristics.
Ok, now how about a ZLob Trojan component...
Complete scanning result of "pmmon.exe", processed in VirusTotal at 02/17/2007 03:44:10
(CET).
[ file data ]
* name: pmmon.exe
* size: 5955
* md5.: ec36318064792afb9f52fcc558c9ee22
* sha1: 5538070402dbfb40a19665497800b535617ec05c
[ scan result ]
AntiVir 7.3.1.37/20070216 found [Worm/IRCBot.5955]
Authentium 4.93.8/20070216 found nothing
Avast 4.7.936.0/20070216 found [Win32:Zlob-SI]
AVG 386/20070216 found nothing
BitDefender 7.2/20070217 found [Backdoor.IRCBot.AP]
CAT-QuickHeal 9.00/20070216 found [Backdoor.IRCBot.ap]
ClamAV devel-20060426/20070217 found [Worm.Stration.QR-1]
DrWeb 4.33/20070216 found nothing
eSafe 7.0.14.0/20070216 found [suspicious Trojan/Worm]
eTrust-Vet 30.4.3405/20070216 found nothing
Ewido 4.0/20070216 found nothing
F-Prot 4.2.1.29/20070216 found nothing
F-Secure 6.70.13030.0/20070216 found nothing
Fortinet 2.85.0.0/20070216 found [W32/ZLOB.CGA!tr]
Ikarus T3.1.0.31/20070216 found [Backdoor.Win32.IRCBot.BV]
Kaspersky 4.0.2.24/20070217 found nothing
McAfee 4965/20070216 found nothing
Microsoft 1.2204/20070217 found nothing
NOD32v2 2066/20070216 found nothing
Norman 5.80.02/20070216 found [W32/Suspicious_M.gen]
Panda 9.0.0.4/20070216 found [Adware/VideoActiveXObject]
Prevx1 V2/20070217 found [Malicious]
Sophos 4.14.0/20070216 found [Troj/Zlobmi-Gen]
Sunbelt 2.2.907.0/20070217 found [Backdoor.IRCBot.AP]
Symantec 10/20070217 found nothing
TheHacker 6.1.6.059/20070216 found nothing
UNA 1.83/20070216 found [Backdoor.IRCBot.55A6]
VBA32 3.11.2/20070216 found [MalwareScope.Downloader.Zlob.1]
VirusBuster 4.3.19:9/20070216 found [novirus
acked/MEW]
[ notes ]
packers: MEW
packers: MEW
packers: MEW
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=a08073014294
Now for a JavaScript...
Complete scanning result of "42a0fccf5d6c5bfecceca768115690e9_v3[1].js", processed in
VirusTotal at 02/17/2007 04:03:23 (CET).
[ file data ]
* name: 42a0fccf5d6c5bfecceca768115690e9_v3[1].js
* size: 13774
* md5.: caf2649511ccf41a7311bc7c2964a127
* sha1: 5acda4033e33bbc7866c311670527a8d0e6c38f0
[ scan result ]
AntiVir 7.3.1.37/20070216 found [JS/Small.AF]
Authentium 4.93.8/20070216 found [JS/Windu.A@dl]
Avast 4.7.936.0/20070216 found [VBS:Malware]
AVG 386/20070216 found nothing
BitDefender 7.2/20070217 found [Trojan.Downloader.Js.Small.AF]
CAT-QuickHeal 9.00/20070216 found nothing
ClamAV devel-20060426/20070217 found [Trojan.Downloader.JS.Small.AQ-3]
DrWeb 4.33/20070216 found [Trojan.DownLoader.1694]
eSafe 7.0.14.0/20070216 found nothing
eTrust-Vet 30.4.3405/20070216 found nothing
Ewido 4.0/20070216 found [Downloader.Small.af]
F-Prot 4.2.1.29/20070216 found [JS/Windu.A@dl]
F-Secure 6.70.13030.0/20070216 found [JS/Windu.A@dl]
Fortinet 2.85.0.0/20070216 found [JS/Small.AF!tr]
Ikarus T3.1.0.31/20070216 found nothing
Kaspersky 4.0.2.24/20070217 found [Trojan-Downloader.JS.Small.af]
McAfee 4965/20070216 found [potentially unwanted program Downloader-UI]
Microsoft 1.2204/20070217 found nothing
NOD32v2 2066/20070216 found nothing
Norman 5.80.02/20070216 found nothing
Panda 9.0.0.4/20070216 found nothing
Prevx1 V2/20070217 found nothing
Sophos 4.14.0/20070216 found nothing
Sunbelt 2.2.907.0/20070217 found nothing
Symantec 10/20070217 found nothing
TheHacker 6.1.6.059/20070216 found [Trojan/Downloader.UI]
UNA 1.83/20070216 found nothing
VBA32 3.11.2/20070216 found nothing
VirusBuster 4.3.19:9/20070216 found nothing
Now for a Password Stealing Maran Trojan (submitted to Microsoft October 2006 ! )
Complete scanning result of "smss.exe", processed in VirusTotal at 02/17/2007 03:53:20
(CET).
[ file data ]
* name: smss.exe
* size: 34816
* md5.: e48cf1490364f90579b16bd07b0f2221
* sha1: 271023bfa4771904fbc78a70f6f816bfc23d8a86
[ scan result ]
AntiVir 7.3.1.37/20070216 found [TR/PSW.Maran.BP.4]
Authentium 4.93.8/20070216 found [W32/Dialer.DAM]
Avast 4.7.936.0/20070216 found [Win32:Lineage-406]
AVG 386/20070216 found [PSW.Generic2.ZMJ]
BitDefender 7.2/20070217 found nothing
CAT-QuickHeal 9.00/20070216 found [TrojanPSW.Maran.bp]
ClamAV devel-20060426/20070217 found nothing
DrWeb 4.33/20070216 found nothing
eSafe 7.0.14.0/20070216 found [Win32.Maran.bp]
eTrust-Vet 30.4.3405/20070216 found nothing
Ewido 4.0/20070216 found [Trojan.Maran.bp]
F-Prot 4.2.1.29/20070216 found [W32/Dialer.DAM]
F-Secure 6.70.13030.0/20070216 found [Trojan-PSW.Win32.Maran.bp]
Fortinet 2.85.0.0/20070216 found [W32/Maran.BP!tr.pws]
Ikarus T3.1.0.31/20070216 found [Trojan-PWS.Win32.Maran.bp]
Kaspersky 4.0.2.24/20070217 found [Trojan-PSW.Win32.Maran.bp]
McAfee 4965/20070216 found [PWS-Maran]
Microsoft 1.2204/20070217 found nothing
NOD32v2 2066/20070216 found nothing
Norman 5.80.02/20070216 found nothing
Panda 9.0.0.4/20070216 found [Suspicious file]
Prevx1 V2/20070217 found [Spyware.Bandler.K]
Sophos 4.14.0/20070216 found nothing
Sunbelt 2.2.907.0/20070217 found [Trojan-PSW.Win32.Maran.bp]
Symantec 10/20070217 found [Trojan Horse]
TheHacker 6.1.6.059/20070216 found [Trojan/PSW.Maran.bp]
UNA 1.83/20070216 found [Trojan.PSW.Win32.Maran.6809]
VBA32 3.11.2/20070216 found [Trojan-PSW.Win32.Maran.bp]
VirusBuster 4.3.19:9/20070216 found [Trojan.PWS.Maran.CE]
[ notes ]
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=546c67405147
Now for a banload Trojan (also submitted to MS October '06)
Complete scanning result of "cartao8374454.scr", processed in VirusTotal at 02/17/2007 04:04:39
(CET).
[ file data ]
* name: cartao8374454.scr
* size: 339467
* md5.: 72ef7aba38310f7027a1cc5d394e884a
* sha1: 62489a228bfc2264cf2692505bc8b7e89b4d8fd9
[ scan result ]
AntiVir 7.3.1.37/20070216 found [TR/Dldr.Banload.bnc]
Authentium 4.93.8/20070216 found [W32/Downloader.AHOD]
Avast 4.7.936.0/20070216 found [Win32:Banload-AHO]
AVG 386/20070216 found [Downloader.Generic2.TAR]
BitDefender 7.2/20070217 found nothing
CAT-QuickHeal 9.00/20070216 found [TrojanDownloader.Banload.bnc]
ClamAV devel-20060426/20070217 found nothing
DrWeb 4.33/20070216 found nothing
eSafe 7.0.14.0/20070216 found [Win32.Banload.bnc]
eTrust-Vet 30.4.3405/20070216 found nothing
Ewido 4.0/20070216 found [Downloader.Banload.bnc]
F-Prot 4.2.1.29/20070216 found [W32/Downloader.AHOD]
F-Secure 6.70.13030.0/20070216 found [Trojan-Downloader.Win32.Banload.bnc]
Fortinet 2.85.0.0/20070216 found [W32/Banload.BNC!tr.dldr]
Ikarus T3.1.0.31/20070216 found [Trojan-Downloader.Win32.Banload.bnc]
Kaspersky 4.0.2.24/20070217 found [Trojan-Downloader.Win32.Banload.bnc]
McAfee 4965/20070216 found [Generic.do]
Microsoft 1.2204/20070217 found nothing
NOD32v2 2066/20070216 found [Win32/TrojanDownloader.Banload.BNC]
Norman 5.80.02/20070216 found [W32/Banload.HUV]
Panda 9.0.0.4/20070216 found [Trj/Nabload.ACN]
Prevx1 V2/20070217 found nothing
Sophos 4.14.0/20070216 found nothing
Sunbelt 2.2.907.0/20070217 found [Trojan-Downloader.Win32.Banload.bnc]
Symantec 10/20070217 found nothing
TheHacker 6.1.6.059/20070216 found [Trojan/Downloader.Banload.bnc]
UNA 1.83/20070216 found [TrojanDownloader.Win32.Banload.255A]
VBA32 3.11.2/20070216 found [Trojan-Downloader.Win32.Banload.bnc]
VirusBuster 4.3.19:9/20070216 found nothing
[ notes ]
packers: PECRYPT
Here is an admittedly tough Java ByteVerify {submitted to MS June '06}...
Complete scanning result of "BaaaaBaa.class", processed in VirusTotal at 02/17/2007 04:13:16
(CET).
[ file data ]
* name: BaaaaBaa.class
* size: 1960
* md5.: 1f83bb4384e0188ebc7cfb49a09ece04
* sha1: cc87e30046602176cf6dcf2117cc6d1954a55d23
[ scan result ]
AntiVir 7.3.1.37/20070216 found [TR/Java.Downloader.Gen]
Authentium 4.93.8/20070216 found nothing
Avast 4.7.936.0/20070216 found nothing
AVG 386/20070216 found nothing
BitDefender 7.2/20070217 found [Java.Trojan.Exploit.Bytverify]
CAT-QuickHeal 9.00/20070216 found nothing
ClamAV devel-20060426/20070217 found nothing
DrWeb 4.33/20070216 found nothing
eSafe 7.0.14.0/20070216 found [Win32.ByteVerify]
eTrust-Vet 30.4.3405/20070216 found [Java/ByteVerify!exploit]
Ewido 4.0/20070216 found [Downloader.Small]
F-Prot 4.2.1.29/20070216 found nothing
F-Secure 6.70.13030.0/20070216 found nothing
Fortinet 2.85.0.0/20070216 found [JAV/BYTVerify.A!tr]
Ikarus T3.1.0.31/20070216 found [Java.Trojan.Exploit.Bytverify]
Kaspersky 4.0.2.24/20070217 found nothing
McAfee 4965/20070216 found nothing
Microsoft 1.2204/20070217 found nothing
NOD32v2 2066/20070216 found [a variant of Java/ClassLoader]
Norman 5.80.02/20070216 found nothing
Panda 9.0.0.4/20070216 found nothing
Prevx1 V2/20070217 found nothing
Sophos 4.14.0/20070216 found [Troj/ClsLdr-H]
Sunbelt 2.2.907.0/20070217 found [Exploit.Java ByteVerify]
Symantec 10/20070217 found [Trojan.ByteVerify]
TheHacker 6.1.6.059/20070216 found nothing
UNA 1.83/20070216 found nothing
VBA32 3.11.2/20070216 found nothing
VirusBuster 4.3.19:9/20070216 found [Trojan.JS.DL.Small.GCN]
I could place place 100 various samples in a folder that can go back several months and test
Microsoft's so-caled solution. Each AV vendor will catch and miss many of the samples.
However, every time I test a batch enmasses, Microsoft consistently catches the least amout.
Often in the 40 ~ 60% range whiles the traditionally anti virus companies can catch 80 ~
93%.
The problem with the OneCare is a False Sense of security its high rate of False Negatives
produces.
Thus OneCare is NOT ready for prime-time.
BTW: I could have tested some real nasties I have like Gromozon, Haxdoor, Goldun and some
HTML Exploits.
Now I will say say Microsoft does VERY well with some MS Office Exploits (like the below
CME-476), SDBots and IRCBots.
Complete scanning result of "hp_laptops.doc", processed in VirusTotal at 02/17/2007 04:03:05
(CET).
[ file data ]
* name: hp_laptops.doc
* size: 53248
* md5.: a6069169d719cfbf8c0d873c527ba382
* sha1: 904c283007b5b6b310494630328ee2be2cf96b2f
[ scan result ]
AntiVir 7.3.1.37/20070216 found [W2000M/Kukudro.B]
Authentium 4.93.8/20070216 found [W97M/Kukudro.B (exact) (trojan)]
Avast 4.7.936.0/20070216 found [MW97:Kukudrp-A]
AVG 386/20070216 found [W97M/Kukudro]
BitDefender 7.2/20070217 found nothing
CAT-QuickHeal 9.00/20070216 found [W97M.Lafool.j]
ClamAV devel-20060426/20070217 found [Trojan.Dropper.MSWord.MyNo-2]
DrWeb 4.33/20070216 found [W97M.DownLoader]
eSafe 7.0.14.0/20070216 found [MSWord.Lafool.j]
eTrust-Vet 30.4.3405/20070216 found [W97M/Kukudro.B:trojan]
Ewido 4.0/20070216 found [Dropper.Lafool.j]
F-Prot 4.2.1.29/20070216 found [W97M/Kukudro.B]
F-Secure 6.70.13030.0/20070216 found [W97M/Kukudro.B]
Fortinet 2.85.0.0/20070216 found [WM/Kukudro.B]
Ikarus T3.1.0.31/20070216 found [Virus.Word.Macro]
Kaspersky 4.0.2.24/20070217 found [Trojan-Dropper.MSWord.Lafool.j]
McAfee 4965/20070216 found [W97M/Kukudro.b!CME-476]
Microsoft 1.2204/20070217 found [W97M/Kukudro.B!CME-476]
NOD32v2 2066/20070216 found [W97M/TrojanDropper.Kukudro.B]
Norman 5.80.02/20070216 found [W97M/Kukudro.B]
Panda 9.0.0.4/20070216 found [W97M/Kukudro.B!CME-476]
Prevx1 V2/20070217 found nothing
Sophos 4.14.0/20070216 found [WM97/Kukudro-B]
Sunbelt 2.2.907.0/20070217 found [Trojan-Dropper.MSWord.Lafool.j]
Symantec 10/20070217 found [W97M.Kukudro.A]
TheHacker 6.1.6.059/20070216 found [W97M/Kukudro.gen]
UNA 1.83/20070216 found nothing
VBA32 3.11.2/20070216 found [Trojan-Dropper.MSWord.Lafool.j]
VirusBuster 4.3.19:9/20070216 found [WORD.97.Kukudro.Gen.5]
|
| "Mike Oxbig" wrote:
|| Microsoft's Windows Live OneCare is just as effective as most other
| solutions, is cheaper and actually offers more, in that scheduled system
| tuneups and backups are part of their service. The cost is about $50 for 3
| computers per year, which is much cheaper than ZoneAlarm, the service I had
| before.
|
| Yes, Live OneCare anti-virus failed to pass the latest testing but that has
| been fixed since the test. What folks don't tell you is that anti-virus
| software only passes with 100% detection. Anything less and it's called a
| failure. OneCare detected 99%.
|
| It's highly unlikely that I will catch even 1% of viruses out there.
| Actually, since I started computing in about 1984 I have caught ONLY 1 virus
| and that was a non-destructive Word virus picked up off of a church floppy
| disk in about 1990. Spyware has been a much bigger problem.
|
| Anyway, judge for yourself. Live OneCare offers a free 90 day trial. If
| you don't like it, toss it.
You said "been fixed since the test". Hardly !
You can't "fix" it like a bug. Microsoft is super slow to create signatures and its
signature base is small. I know, I have been submitting samples on a daily basis to
Microsoft for quite some time now. Probably ~1300 in the last 30 days alone.
I know, lets test a Zhelatin worm. This is a new sample, the kind someone would see Today
or Tomorrow...
Complete scanning result of "love.exe", processed in VirusTotal at 02/17/2007 03:42:31
(CET).
[ file data ]
* name: love.exe
* size: 39769
* md5.: 31a30ac157cba999429c722a4ae49a02
* sha1: 0493e90989af866984a6f4f870c2526ed8b138c3
[ scan result ]
AntiVir 7.3.1.37/20070216 found [TR/Small.DBY.AC]
Authentium 4.93.8/20070216 found nothing
Avast 4.7.936.0/20070216 found nothing
AVG 386/20070216 found nothing
BitDefender 7.2/20070217 found [Trojan.Peed.Gen]
CAT-QuickHeal 9.00/20070216 found [(Suspicious) - DNAScan]
ClamAV devel-20060426/20070217 found nothing
DrWeb 4.33/20070216 found [Trojan.Packed.25]
eSafe 7.0.14.0/20070216 found [Win32.Polipos.sus]
eTrust-Vet 30.4.3405/20070216 found [Win32/Difisim.AC]
Ewido 4.0/20070216 found nothing
F-Prot 4.2.1.29/20070216 found nothing
F-Secure 6.70.13030.0/20070216 found [Email-Worm.Win32.Zhelatin.ae]
Fortinet 2.85.0.0/20070216 found [W32/Zhelatin.AD@mm]
Ikarus T3.1.0.31/20070216 found [Email-Worm.Win32.Zhelatin.ae]
Kaspersky 4.0.2.24/20070217 found [Email-Worm.Win32.Zhelatin.ae]
McAfee 4965/20070216 found nothing
Microsoft 1.2204/20070217 found nothing
NOD32v2 2066/20070216 found [Win32/Nuwar.gen]
Norman 5.80.02/20070216 found nothing
Panda 9.0.0.4/20070216 found nothing
Prevx1 V2/20070217 found nothing
Sophos 4.14.0/20070216 found nothing
Sunbelt 2.2.907.0/20070217 found [VIPRE.Suspicious]
Symantec 10/20070217 found nothing
TheHacker 6.1.6.059/20070216 found nothing
UNA 1.83/20070216 found nothing
VBA32 3.11.2/20070216 found nothing
VirusBuster 4.3.19:9/20070216 found [Trojan.DL.Tibs.Gen!Pac.43]
[ notes ]
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed
suspicious through heuristics.
Ok, now how about a ZLob Trojan component...
Complete scanning result of "pmmon.exe", processed in VirusTotal at 02/17/2007 03:44:10
(CET).
[ file data ]
* name: pmmon.exe
* size: 5955
* md5.: ec36318064792afb9f52fcc558c9ee22
* sha1: 5538070402dbfb40a19665497800b535617ec05c
[ scan result ]
AntiVir 7.3.1.37/20070216 found [Worm/IRCBot.5955]
Authentium 4.93.8/20070216 found nothing
Avast 4.7.936.0/20070216 found [Win32:Zlob-SI]
AVG 386/20070216 found nothing
BitDefender 7.2/20070217 found [Backdoor.IRCBot.AP]
CAT-QuickHeal 9.00/20070216 found [Backdoor.IRCBot.ap]
ClamAV devel-20060426/20070217 found [Worm.Stration.QR-1]
DrWeb 4.33/20070216 found nothing
eSafe 7.0.14.0/20070216 found [suspicious Trojan/Worm]
eTrust-Vet 30.4.3405/20070216 found nothing
Ewido 4.0/20070216 found nothing
F-Prot 4.2.1.29/20070216 found nothing
F-Secure 6.70.13030.0/20070216 found nothing
Fortinet 2.85.0.0/20070216 found [W32/ZLOB.CGA!tr]
Ikarus T3.1.0.31/20070216 found [Backdoor.Win32.IRCBot.BV]
Kaspersky 4.0.2.24/20070217 found nothing
McAfee 4965/20070216 found nothing
Microsoft 1.2204/20070217 found nothing
NOD32v2 2066/20070216 found nothing
Norman 5.80.02/20070216 found [W32/Suspicious_M.gen]
Panda 9.0.0.4/20070216 found [Adware/VideoActiveXObject]
Prevx1 V2/20070217 found [Malicious]
Sophos 4.14.0/20070216 found [Troj/Zlobmi-Gen]
Sunbelt 2.2.907.0/20070217 found [Backdoor.IRCBot.AP]
Symantec 10/20070217 found nothing
TheHacker 6.1.6.059/20070216 found nothing
UNA 1.83/20070216 found [Backdoor.IRCBot.55A6]
VBA32 3.11.2/20070216 found [MalwareScope.Downloader.Zlob.1]
VirusBuster 4.3.19:9/20070216 found [novirus
acked/MEW][ notes ]
packers: MEW
packers: MEW
packers: MEW
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=a08073014294
Now for a JavaScript...
Complete scanning result of "42a0fccf5d6c5bfecceca768115690e9_v3[1].js", processed in
VirusTotal at 02/17/2007 04:03:23 (CET).
[ file data ]
* name: 42a0fccf5d6c5bfecceca768115690e9_v3[1].js
* size: 13774
* md5.: caf2649511ccf41a7311bc7c2964a127
* sha1: 5acda4033e33bbc7866c311670527a8d0e6c38f0
[ scan result ]
AntiVir 7.3.1.37/20070216 found [JS/Small.AF]
Authentium 4.93.8/20070216 found [JS/Windu.A@dl]
Avast 4.7.936.0/20070216 found [VBS:Malware]
AVG 386/20070216 found nothing
BitDefender 7.2/20070217 found [Trojan.Downloader.Js.Small.AF]
CAT-QuickHeal 9.00/20070216 found nothing
ClamAV devel-20060426/20070217 found [Trojan.Downloader.JS.Small.AQ-3]
DrWeb 4.33/20070216 found [Trojan.DownLoader.1694]
eSafe 7.0.14.0/20070216 found nothing
eTrust-Vet 30.4.3405/20070216 found nothing
Ewido 4.0/20070216 found [Downloader.Small.af]
F-Prot 4.2.1.29/20070216 found [JS/Windu.A@dl]
F-Secure 6.70.13030.0/20070216 found [JS/Windu.A@dl]
Fortinet 2.85.0.0/20070216 found [JS/Small.AF!tr]
Ikarus T3.1.0.31/20070216 found nothing
Kaspersky 4.0.2.24/20070217 found [Trojan-Downloader.JS.Small.af]
McAfee 4965/20070216 found [potentially unwanted program Downloader-UI]
Microsoft 1.2204/20070217 found nothing
NOD32v2 2066/20070216 found nothing
Norman 5.80.02/20070216 found nothing
Panda 9.0.0.4/20070216 found nothing
Prevx1 V2/20070217 found nothing
Sophos 4.14.0/20070216 found nothing
Sunbelt 2.2.907.0/20070217 found nothing
Symantec 10/20070217 found nothing
TheHacker 6.1.6.059/20070216 found [Trojan/Downloader.UI]
UNA 1.83/20070216 found nothing
VBA32 3.11.2/20070216 found nothing
VirusBuster 4.3.19:9/20070216 found nothing
Now for a Password Stealing Maran Trojan (submitted to Microsoft October 2006 ! )
Complete scanning result of "smss.exe", processed in VirusTotal at 02/17/2007 03:53:20
(CET).
[ file data ]
* name: smss.exe
* size: 34816
* md5.: e48cf1490364f90579b16bd07b0f2221
* sha1: 271023bfa4771904fbc78a70f6f816bfc23d8a86
[ scan result ]
AntiVir 7.3.1.37/20070216 found [TR/PSW.Maran.BP.4]
Authentium 4.93.8/20070216 found [W32/Dialer.DAM]
Avast 4.7.936.0/20070216 found [Win32:Lineage-406]
AVG 386/20070216 found [PSW.Generic2.ZMJ]
BitDefender 7.2/20070217 found nothing
CAT-QuickHeal 9.00/20070216 found [TrojanPSW.Maran.bp]
ClamAV devel-20060426/20070217 found nothing
DrWeb 4.33/20070216 found nothing
eSafe 7.0.14.0/20070216 found [Win32.Maran.bp]
eTrust-Vet 30.4.3405/20070216 found nothing
Ewido 4.0/20070216 found [Trojan.Maran.bp]
F-Prot 4.2.1.29/20070216 found [W32/Dialer.DAM]
F-Secure 6.70.13030.0/20070216 found [Trojan-PSW.Win32.Maran.bp]
Fortinet 2.85.0.0/20070216 found [W32/Maran.BP!tr.pws]
Ikarus T3.1.0.31/20070216 found [Trojan-PWS.Win32.Maran.bp]
Kaspersky 4.0.2.24/20070217 found [Trojan-PSW.Win32.Maran.bp]
McAfee 4965/20070216 found [PWS-Maran]
Microsoft 1.2204/20070217 found nothing
NOD32v2 2066/20070216 found nothing
Norman 5.80.02/20070216 found nothing
Panda 9.0.0.4/20070216 found [Suspicious file]
Prevx1 V2/20070217 found [Spyware.Bandler.K]
Sophos 4.14.0/20070216 found nothing
Sunbelt 2.2.907.0/20070217 found [Trojan-PSW.Win32.Maran.bp]
Symantec 10/20070217 found [Trojan Horse]
TheHacker 6.1.6.059/20070216 found [Trojan/PSW.Maran.bp]
UNA 1.83/20070216 found [Trojan.PSW.Win32.Maran.6809]
VBA32 3.11.2/20070216 found [Trojan-PSW.Win32.Maran.bp]
VirusBuster 4.3.19:9/20070216 found [Trojan.PWS.Maran.CE]
[ notes ]
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=546c67405147
Now for a banload Trojan (also submitted to MS October '06)
Complete scanning result of "cartao8374454.scr", processed in VirusTotal at 02/17/2007 04:04:39
(CET).
[ file data ]
* name: cartao8374454.scr
* size: 339467
* md5.: 72ef7aba38310f7027a1cc5d394e884a
* sha1: 62489a228bfc2264cf2692505bc8b7e89b4d8fd9
[ scan result ]
AntiVir 7.3.1.37/20070216 found [TR/Dldr.Banload.bnc]
Authentium 4.93.8/20070216 found [W32/Downloader.AHOD]
Avast 4.7.936.0/20070216 found [Win32:Banload-AHO]
AVG 386/20070216 found [Downloader.Generic2.TAR]
BitDefender 7.2/20070217 found nothing
CAT-QuickHeal 9.00/20070216 found [TrojanDownloader.Banload.bnc]
ClamAV devel-20060426/20070217 found nothing
DrWeb 4.33/20070216 found nothing
eSafe 7.0.14.0/20070216 found [Win32.Banload.bnc]
eTrust-Vet 30.4.3405/20070216 found nothing
Ewido 4.0/20070216 found [Downloader.Banload.bnc]
F-Prot 4.2.1.29/20070216 found [W32/Downloader.AHOD]
F-Secure 6.70.13030.0/20070216 found [Trojan-Downloader.Win32.Banload.bnc]
Fortinet 2.85.0.0/20070216 found [W32/Banload.BNC!tr.dldr]
Ikarus T3.1.0.31/20070216 found [Trojan-Downloader.Win32.Banload.bnc]
Kaspersky 4.0.2.24/20070217 found [Trojan-Downloader.Win32.Banload.bnc]
McAfee 4965/20070216 found [Generic.do]
Microsoft 1.2204/20070217 found nothing
NOD32v2 2066/20070216 found [Win32/TrojanDownloader.Banload.BNC]
Norman 5.80.02/20070216 found [W32/Banload.HUV]
Panda 9.0.0.4/20070216 found [Trj/Nabload.ACN]
Prevx1 V2/20070217 found nothing
Sophos 4.14.0/20070216 found nothing
Sunbelt 2.2.907.0/20070217 found [Trojan-Downloader.Win32.Banload.bnc]
Symantec 10/20070217 found nothing
TheHacker 6.1.6.059/20070216 found [Trojan/Downloader.Banload.bnc]
UNA 1.83/20070216 found [TrojanDownloader.Win32.Banload.255A]
VBA32 3.11.2/20070216 found [Trojan-Downloader.Win32.Banload.bnc]
VirusBuster 4.3.19:9/20070216 found nothing
[ notes ]
packers: PECRYPT
Here is an admittedly tough Java ByteVerify {submitted to MS June '06}...
Complete scanning result of "BaaaaBaa.class", processed in VirusTotal at 02/17/2007 04:13:16
(CET).
[ file data ]
* name: BaaaaBaa.class
* size: 1960
* md5.: 1f83bb4384e0188ebc7cfb49a09ece04
* sha1: cc87e30046602176cf6dcf2117cc6d1954a55d23
[ scan result ]
AntiVir 7.3.1.37/20070216 found [TR/Java.Downloader.Gen]
Authentium 4.93.8/20070216 found nothing
Avast 4.7.936.0/20070216 found nothing
AVG 386/20070216 found nothing
BitDefender 7.2/20070217 found [Java.Trojan.Exploit.Bytverify]
CAT-QuickHeal 9.00/20070216 found nothing
ClamAV devel-20060426/20070217 found nothing
DrWeb 4.33/20070216 found nothing
eSafe 7.0.14.0/20070216 found [Win32.ByteVerify]
eTrust-Vet 30.4.3405/20070216 found [Java/ByteVerify!exploit]
Ewido 4.0/20070216 found [Downloader.Small]
F-Prot 4.2.1.29/20070216 found nothing
F-Secure 6.70.13030.0/20070216 found nothing
Fortinet 2.85.0.0/20070216 found [JAV/BYTVerify.A!tr]
Ikarus T3.1.0.31/20070216 found [Java.Trojan.Exploit.Bytverify]
Kaspersky 4.0.2.24/20070217 found nothing
McAfee 4965/20070216 found nothing
Microsoft 1.2204/20070217 found nothing
NOD32v2 2066/20070216 found [a variant of Java/ClassLoader]
Norman 5.80.02/20070216 found nothing
Panda 9.0.0.4/20070216 found nothing
Prevx1 V2/20070217 found nothing
Sophos 4.14.0/20070216 found [Troj/ClsLdr-H]
Sunbelt 2.2.907.0/20070217 found [Exploit.Java ByteVerify]
Symantec 10/20070217 found [Trojan.ByteVerify]
TheHacker 6.1.6.059/20070216 found nothing
UNA 1.83/20070216 found nothing
VBA32 3.11.2/20070216 found nothing
VirusBuster 4.3.19:9/20070216 found [Trojan.JS.DL.Small.GCN]
I could place place 100 various samples in a folder that can go back several months and test
Microsoft's so-caled solution. Each AV vendor will catch and miss many of the samples.
However, every time I test a batch enmasses, Microsoft consistently catches the least amout.
Often in the 40 ~ 60% range whiles the traditionally anti virus companies can catch 80 ~
93%.
The problem with the OneCare is a False Sense of security its high rate of False Negatives
produces.
Thus OneCare is NOT ready for prime-time.
BTW: I could have tested some real nasties I have like Gromozon, Haxdoor, Goldun and some
HTML Exploits.
Now I will say say Microsoft does VERY well with some MS Office Exploits (like the below
CME-476), SDBots and IRCBots.
Complete scanning result of "hp_laptops.doc", processed in VirusTotal at 02/17/2007 04:03:05
(CET).
[ file data ]
* name: hp_laptops.doc
* size: 53248
* md5.: a6069169d719cfbf8c0d873c527ba382
* sha1: 904c283007b5b6b310494630328ee2be2cf96b2f
[ scan result ]
AntiVir 7.3.1.37/20070216 found [W2000M/Kukudro.B]
Authentium 4.93.8/20070216 found [W97M/Kukudro.B (exact) (trojan)]
Avast 4.7.936.0/20070216 found [MW97:Kukudrp-A]
AVG 386/20070216 found [W97M/Kukudro]
BitDefender 7.2/20070217 found nothing
CAT-QuickHeal 9.00/20070216 found [W97M.Lafool.j]
ClamAV devel-20060426/20070217 found [Trojan.Dropper.MSWord.MyNo-2]
DrWeb 4.33/20070216 found [W97M.DownLoader]
eSafe 7.0.14.0/20070216 found [MSWord.Lafool.j]
eTrust-Vet 30.4.3405/20070216 found [W97M/Kukudro.B:trojan]
Ewido 4.0/20070216 found [Dropper.Lafool.j]
F-Prot 4.2.1.29/20070216 found [W97M/Kukudro.B]
F-Secure 6.70.13030.0/20070216 found [W97M/Kukudro.B]
Fortinet 2.85.0.0/20070216 found [WM/Kukudro.B]
Ikarus T3.1.0.31/20070216 found [Virus.Word.Macro]
Kaspersky 4.0.2.24/20070217 found [Trojan-Dropper.MSWord.Lafool.j]
McAfee 4965/20070216 found [W97M/Kukudro.b!CME-476]
Microsoft 1.2204/20070217 found [W97M/Kukudro.B!CME-476]
NOD32v2 2066/20070216 found [W97M/TrojanDropper.Kukudro.B]
Norman 5.80.02/20070216 found [W97M/Kukudro.B]
Panda 9.0.0.4/20070216 found [W97M/Kukudro.B!CME-476]
Prevx1 V2/20070217 found nothing
Sophos 4.14.0/20070216 found [WM97/Kukudro-B]
Sunbelt 2.2.907.0/20070217 found [Trojan-Dropper.MSWord.Lafool.j]
Symantec 10/20070217 found [W97M.Kukudro.A]
TheHacker 6.1.6.059/20070216 found [W97M/Kukudro.gen]
UNA 1.83/20070216 found nothing
VBA32 3.11.2/20070216 found [Trojan-Dropper.MSWord.Lafool.j]
VirusBuster 4.3.19:9/20070216 found [WORD.97.Kukudro.Gen.5]
D
David H. Lipman
From: "David H. Lipman" <[email protected]>
One more spammed Trojan just for phun becuase it is very widely detected, sans Microsoft....
STATUS: FINISHEDComplete scanning result of "install_flash_player.exe", received in
VirusTotal at 02.17.2007, 03:19:41 (CET).
Antivirus Version Update Result
AntiVir 7.3.1.37 02.16.2007 TR/Dldr.FirstJob.A.1
Authentium 4.93.8 02.16.2007 W32/Downloader.BCFE
Avast 4.7.936.0 02.16.2007 Win32:Small-ECA
AVG 386 02.16.2007 Downloader.Generic3.QAA
BitDefender 7.2 02.17.2007 Trojan.DownLoader.Small.D
CAT-QuickHeal 9.00 02.16.2007 no virus found
ClamAV devel-20060426 02.17.2007 no virus found
DrWeb 4.33 02.16.2007 Trojan.DownLoader.18663
eSafe 7.0.14.0 02.16.2007 Win32.Small.dge
eTrust-Vet 30.4.3405 02.16.2007 Win32/SillyDl.CID
Ewido 4.0 02.16.2007 Downloader.Small.dge
Fortinet 2.85.0.0 02.16.2007 W32/Dloader.DGE!tr.dldr
F-Prot 4.2.1.29 02.16.2007 W32/Downloader.BCFE
F-Secure 6.70.13030.0 02.16.2007 Trojan-Downloader.Win32.Small.dge
Ikarus T3.1.0.31 02.16.2007 Trojan-Downloader.Win32.Small.dge
Kaspersky 4.0.2.24 02.17.2007 Trojan-Downloader.Win32.Small.dge
McAfee 4965 02.16.2007 Generic Downloader.az
Microsoft 1.2204 02.17.2007 no virus found
NOD32v2 2066 02.16.2007 Win32/TrojanDownloader.Small.NSF
Norman 5.80.02 02.16.2007 W32/DLoader.CANC
Panda 9.0.0.4 02.16.2007 Trj/Downloader.MWA
Prevx1 V2 02.17.2007 no virus found
Sophos 4.14.0 02.16.2007 Troj/Small-DTL
Sunbelt 2.2.907.0 02.17.2007 no virus found
Symantec 10 02.17.2007 Downloader
TheHacker 6.1.6.059 02.16.2007 Trojan/Downloader.Small.dge
UNA 1.83 02.16.2007 TrojanDownloader.Win32.Small.DED2
VBA32 3.11.2 02.16.2007 Trojan-Downloader.Win32.Small.dge
VirusBuster 4.3.19:9 02.16.2007 Trojan.DL.Small.GHT
Aditional Information
File size: 9480 bytes
MD5: 036fb510dcd9f9b28bf0f2c8c588ee21
SHA1: bbfd49128bff95f75119d05dfee40032bc1b9459
One more spammed Trojan just for phun becuase it is very widely detected, sans Microsoft....
STATUS: FINISHEDComplete scanning result of "install_flash_player.exe", received in
VirusTotal at 02.17.2007, 03:19:41 (CET).
Antivirus Version Update Result
AntiVir 7.3.1.37 02.16.2007 TR/Dldr.FirstJob.A.1
Authentium 4.93.8 02.16.2007 W32/Downloader.BCFE
Avast 4.7.936.0 02.16.2007 Win32:Small-ECA
AVG 386 02.16.2007 Downloader.Generic3.QAA
BitDefender 7.2 02.17.2007 Trojan.DownLoader.Small.D
CAT-QuickHeal 9.00 02.16.2007 no virus found
ClamAV devel-20060426 02.17.2007 no virus found
DrWeb 4.33 02.16.2007 Trojan.DownLoader.18663
eSafe 7.0.14.0 02.16.2007 Win32.Small.dge
eTrust-Vet 30.4.3405 02.16.2007 Win32/SillyDl.CID
Ewido 4.0 02.16.2007 Downloader.Small.dge
Fortinet 2.85.0.0 02.16.2007 W32/Dloader.DGE!tr.dldr
F-Prot 4.2.1.29 02.16.2007 W32/Downloader.BCFE
F-Secure 6.70.13030.0 02.16.2007 Trojan-Downloader.Win32.Small.dge
Ikarus T3.1.0.31 02.16.2007 Trojan-Downloader.Win32.Small.dge
Kaspersky 4.0.2.24 02.17.2007 Trojan-Downloader.Win32.Small.dge
McAfee 4965 02.16.2007 Generic Downloader.az
Microsoft 1.2204 02.17.2007 no virus found
NOD32v2 2066 02.16.2007 Win32/TrojanDownloader.Small.NSF
Norman 5.80.02 02.16.2007 W32/DLoader.CANC
Panda 9.0.0.4 02.16.2007 Trj/Downloader.MWA
Prevx1 V2 02.17.2007 no virus found
Sophos 4.14.0 02.16.2007 Troj/Small-DTL
Sunbelt 2.2.907.0 02.17.2007 no virus found
Symantec 10 02.17.2007 Downloader
TheHacker 6.1.6.059 02.16.2007 Trojan/Downloader.Small.dge
UNA 1.83 02.16.2007 TrojanDownloader.Win32.Small.DED2
VBA32 3.11.2 02.16.2007 Trojan-Downloader.Win32.Small.dge
VirusBuster 4.3.19:9 02.16.2007 Trojan.DL.Small.GHT
Aditional Information
File size: 9480 bytes
MD5: 036fb510dcd9f9b28bf0f2c8c588ee21
SHA1: bbfd49128bff95f75119d05dfee40032bc1b9459
G
Guest
Mike,
I have been running One Care live since it came out; for XP and Vista. For
what it's worth; I have not gotten any viruses evry on my always on PC. Your
choice!
Iplant
I have been running One Care live since it came out; for XP and Vista. For
what it's worth; I have not gotten any viruses evry on my always on PC. Your
choice!
Iplant
D
David H. Lipman
From: "Iplant" <[email protected]>
| Mike,
|
| I have been running One Care live since it came out; for XP and Vista. For
| what it's worth; I have not gotten any viruses evry on my always on PC. Your
| choice!
|
| Iplant
Since its catch rate is so low.... How do you know something did NOT get past it ?
| Mike,
|
| I have been running One Care live since it came out; for XP and Vista. For
| what it's worth; I have not gotten any viruses evry on my always on PC. Your
| choice!
|
| Iplant
Since its catch rate is so low.... How do you know something did NOT get past it ?
G
Guest
David,
I am not unaware of the reports about Windows One Care. SO just to prove it
to myself; I have downloaded used a quite a few other Virus and spyware
companies...including one I have been doing beta testing for these last few
months. None of these other programs have turned up any virus on my PC at
all. I will admit however that some minor low TAC ratings have turned up in
the spyware scans from other companies...but hey; that has always happened!
SO I am happily installing Windows One Care on each and every computer that
I service along with a suplemental AD-Ware instalation. Of course I am
looking at the total package that One Care provides.
You might be meticilous with your computer. However I find that most of my
customers don't even know what spyware is; let alone how to tune up their pc
or they can't be bothered to run a virus scan. This is a great product for
the everyday user and until it proves otherwise; why use anything else?
Iplant
I am not unaware of the reports about Windows One Care. SO just to prove it
to myself; I have downloaded used a quite a few other Virus and spyware
companies...including one I have been doing beta testing for these last few
months. None of these other programs have turned up any virus on my PC at
all. I will admit however that some minor low TAC ratings have turned up in
the spyware scans from other companies...but hey; that has always happened!
SO I am happily installing Windows One Care on each and every computer that
I service along with a suplemental AD-Ware instalation. Of course I am
looking at the total package that One Care provides.
You might be meticilous with your computer. However I find that most of my
customers don't even know what spyware is; let alone how to tune up their pc
or they can't be bothered to run a virus scan. This is a great product for
the everyday user and until it proves otherwise; why use anything else?
Iplant
D
David H. Lipman
From: "Iplant" <[email protected]>
| David,
|
| I am not unaware of the reports about Windows One Care. SO just to prove it
| to myself; I have downloaded used a quite a few other Virus and spyware
| companies...including one I have been doing beta testing for these last few
| months. None of these other programs have turned up any virus on my PC at
| all. I will admit however that some minor low TAC ratings have turned up in
| the spyware scans from other companies...but hey; that has always happened!
|
| SO I am happily installing Windows One Care on each and every computer that
| I service along with a suplemental AD-Ware instalation. Of course I am
| looking at the total package that One Care provides.
|
| You might be meticilous with your computer. However I find that most of my
| customers don't even know what spyware is; let alone how to tune up their pc
| or they can't be bothered to run a virus scan. This is a great product for
| the everyday user and until it proves otherwise; why use anything else?
|
| Iplant
You may ptractice Safe Hex but all your "customers" don't. Those additional added utilities
should have been built into the OS from stock and and should NOT be included with anti
virus/FireWall application. One should not base their need for security software for tweak
and Tune Up utilities.
Posted just this morning...
Subject "Trojan DND Changer not found by ONECARE"
News Group: microsoft.public.security.virus
" I knew that I had a virus. But OneCare would not locate it. I had to use
another virus program to find all 6 of them.
I am paying good money for this protection. If OneCare can not do the job
it will be time to find one that can! "
BTW: The name should have been "Trojan DNS Changer"
Even the FREE offerings of; AntiVir, AVG and Avast are suggested over OneCare !
| David,
|
| I am not unaware of the reports about Windows One Care. SO just to prove it
| to myself; I have downloaded used a quite a few other Virus and spyware
| companies...including one I have been doing beta testing for these last few
| months. None of these other programs have turned up any virus on my PC at
| all. I will admit however that some minor low TAC ratings have turned up in
| the spyware scans from other companies...but hey; that has always happened!
|
| SO I am happily installing Windows One Care on each and every computer that
| I service along with a suplemental AD-Ware instalation. Of course I am
| looking at the total package that One Care provides.
|
| You might be meticilous with your computer. However I find that most of my
| customers don't even know what spyware is; let alone how to tune up their pc
| or they can't be bothered to run a virus scan. This is a great product for
| the everyday user and until it proves otherwise; why use anything else?
|
| Iplant
You may ptractice Safe Hex but all your "customers" don't. Those additional added utilities
should have been built into the OS from stock and and should NOT be included with anti
virus/FireWall application. One should not base their need for security software for tweak
and Tune Up utilities.
Posted just this morning...
Subject "Trojan DND Changer not found by ONECARE"
News Group: microsoft.public.security.virus
" I knew that I had a virus. But OneCare would not locate it. I had to use
another virus program to find all 6 of them.
I am paying good money for this protection. If OneCare can not do the job
it will be time to find one that can! "
BTW: The name should have been "Trojan DNS Changer"
Even the FREE offerings of; AntiVir, AVG and Avast are suggested over OneCare !