barney said:
Antivirus programs are designed to intercept viruses.
I knew somebody would say this. However, I've never said that an
antivirus program should catch everything out there. That's simply
impossible. I was simply stating the facts of my experience. However,
go to this site:
http://www.grisoft.com/us/us_index.php
and you'll see that the top nine threats are *all* worms! I don't
understand why AVG would list worms as threats unless the program
deals with them.
Also, "a squared" is an anti-trojan program. They have replied to my
email alerting them to the fact that their program missed the
agobot.al worm on my friend's computer. They wanted the worm files,
but of course I was unable to provide them. Why would they want the
files unless they want to be able to create a signature file for the worm?
They can not be
expected to prevent any and all worms which gain access to a computer.
The particular infection of which you speak is conditional upon the
vulnerability of the OS setup. But having visited the site you quote for
your solution, you already knew that of course.
I believe the original infection came from an email. I've since
configured my friend's Outlook Express not to allow a preview frame
and reiterated to my friend never to "open" an email attachment unless
he knows what it is and expects it.
Please read my final remark in this reply which begins with "*sigh*
Here we go." I'm not a novice and was able to deal with the problem
singlehandedly. The reason that the situation occured (which by the
way, is *totally* irrelevant to this discussion, but since you seem to
require it I provide it) is described in that final remark of mine.
BTW, I'd be more concerned about the firewall that did not detect the
call out
That would be the built in XP Pro firewall, which of course does *not*
detect outgoing calls, but rather only incoming ones. Running it is
better than nothing I suppose, but I have since disabled it and
replaced it with Kerio 2.15.
and / or activity then I would about the performance aspect of
the antivirus protection you deem inefficient.
*sigh* Here we go.
I do NOT deem those antivirus programs as being inefficient. They
simply missed one and that's a fact. That's all I was saying in the
off chance that somebody else may have the infection as well. In fact,
read the reply by whayface. Whayface was able to benefit from my O.P.
because the link for an online scan that I provided allowed him/her to
detect a virus that F-Protect and AVG had missed.
Here is why my particular situation occured: My friend had just
bought a new computer. I went over and set it up, and it took hours to
migrate the files and settings in from his old one using a serial null
modem cable. When that was finally done, I did what I could to
configure his computer, but ran out of time since it was then late at
night. I warned him not to surf a lot until I could get back over to
his place (he lives about 30 miles away) and set up a proper firewall,
configure IE and OE, install AV protection, etc.
When I finally DID get back and was able to install and configure
Kerio, it alerted me to the callout from a program named
"explore.exe". I also noticed a distinct slowdown of his system, and
experiended two lockups. That's when I "updated signature files for
the following:
AVG
a squared
AdAware
Spybot S&D"
and ran them all. They found nothing but I was still suspicious about
the strange activity going on, so I ran the online scan and it found
the infection.
Criticism of programs is one of the functions of this group. You have
to be more open minded in that regard, but of course only when it is
*constructive* criticism, as mine was intended to be. I *never*, for
instance, recommended that those programs be uninstalled or said that
they "weren't worth a shit" and I still believe that they are
excellent programs that are definitely a Godsend to poor hippies like
me. 80)>
