heads up to AVG users

[RB]

Don't know how much of a problem this is/was, but here's a heads up to AVG
users (yes, I am one). I previously used Norton. My Norton let Backdoor
and Downloader get in and loose on a prior episode, so I switched to AVG.

A friend talked me into downloading and trying Spy Sweeper. The free
download version isn't full featured. What it does is scan your system and
tell you of any problems it finds. It doesn't fix them.

Spy Sweeper told me I have Downloader Stubby, and exactly where it was.
When I sent AVG to that file to do a focused scan, no alert. No alert from
AVG on full systems scans, either.

I had some doubt about the Spy Sweeper finding, so went to Panda's online
scan. It too found the Downloader Stubby and disinfected it.

I am now wondering why AVG didn't catch this (yes, my AVG has latest
update). I'd like to report it to Grisoft, but it seems they don't want to
hear from the free version users.

I guess the lesson learned here is to periodically go to one of the online
A/V scanners and get a 2nd health opinion. I know I'm going to.

 

[optikl]

Don't know how much of a problem this is/was, but here's a heads up to AVG
users (yes, I am one). I previously used Norton. My Norton let Backdoor
and Downloader get in and loose on a prior episode, so I switched to AVG.

A friend talked me into downloading and trying Spy Sweeper. The free
download version isn't full featured. What it does is scan your system and
tell you of any problems it finds. It doesn't fix them.

Spy Sweeper told me I have Downloader Stubby, and exactly where it was.
When I sent AVG to that file to do a focused scan, no alert. No alert from
AVG on full systems scans, either.

I had some doubt about the Spy Sweeper finding, so went to Panda's online
scan. It too found the Downloader Stubby and disinfected it.

I am now wondering why AVG didn't catch this (yes, my AVG has latest
update). I'd like to report it to Grisoft, but it seems they don't want to
hear from the free version users.

I guess the lesson learned here is to periodically go to one of the online
A/V scanners and get a 2nd health opinion. I know I'm going to.

Why don't you get rid of AVG? It's not a good detector of a wide variety
of malware. Actually, Panda, Trend, McAfee, F-Secure, KAV (and others)
all do a much better job of detecting a wide range of crap. Throw away
the free *shit* and you'll rid yourself of the false advertising and
false sense of security (see above sig)that goes with it.

 

[Alastair Smeaton]

I am now wondering why AVG didn't catch this (yes, my AVG has latest
update). I'd like to report it to Grisoft, but it seems they don't want to
hear from the free version users.

I guess the lesson learned here is to periodically go to one of the online
A/V scanners and get a 2nd health opinion. I know I'm going to.

a lot of dangerous stuff out there may not necessarily be a virus, but
spyware - which raises the question - what should I expect an antivir
package todo for me

try lavasoft adaware and spyware blaster

also see links below for general good advice - a quick hunt for your
trojan on google takes you a long way......

good luck


PROTECTION:
And if you use Internet Explorer, see here:

So how did I get infected in the first place?
http://forums.net-integration.net/i...?showtopic=3051

 

[FromTheRafters]

Don't know how much of a problem this is/was, but here's a heads up to AVG
users (yes, I am one). I previously used Norton. My Norton let Backdoor
and Downloader get in and loose on a prior episode, so I switched to AVG.

Many people drop one AV and pick up another when something
gets through their defenses. Somehow, it never occurs to them that
they should share some of the blame themselves for their failing to
use the AV as a supplement to safe computing practices. AV is a
tool, not a solution.

[snip]

I guess the lesson learned here is to periodically go to one of the online
A/V scanners and get a 2nd health opinion. I know I'm going to.

You could have other local "on demand" scanners at your disposal too
just in case "online" isn't an option.

 

[Dg1261]

Why don't you get rid of AVG? It's not a good detector of a wide
variety of malware. Actually, Panda, Trend, McAfee, F-Secure,
KAV (and others) all do a much better job of detecting a wide
range of crap. Throw away the free *shit* and you'll rid yourself
of the false advertising and false sense of security (see above sig)
that goes with it.

Not that I'm defending AVG (I don't know enough about it to have an opinion
either way), but I think Alastair Smeaton raises a good point. What is
Downloader Stubby (virus or spyware?) and does it fall within the scope of what
AVG claims to protect against? I searched the sites you mention -- Trend,
McAfee, F-Secure, and KAV, as well as Norton, but none seemed to know anything
about "Downloader Stubby". Should we believe they would have performed any
better than AVG? Only Panda had info about Downloader Stubby, and said the
common name was "Downloader.L", so I returned to all the aforementioned sites
and did a search for "Downloader.L" . . . still no hits. You may not like AVG
(well, obviously, you don't), but I don't know that this example proves the
others you cite are better. The fact that RB found it with Spy Sweeper
suggests it might be spyware rather than virus or trojan, although
"Downloader.L" sounds more like it ought to be a trojan. Does anyone have
further info (maybe another name?) on what it was that RB encountered?

 

[Alastair Smeaton]

Not that I'm defending AVG (I don't know enough about it to have an opinion
either way), but I think Alastair Smeaton raises a good point. What is
Downloader Stubby (virus or spyware?) and does it fall within the scope of what
AVG claims to protect against? I searched the sites you mention -- Trend,
McAfee, F-Secure, and KAV, as well as Norton, but none seemed to know anything
about "Downloader Stubby". Should we believe they would have performed any
better than AVG? Only Panda had info about Downloader Stubby, and said the
common name was "Downloader.L", so I returned to all the aforementioned sites
and did a search for "Downloader.L" . . . still no hits. You may not like AVG
(well, obviously, you don't), but I don't know that this example proves the
others you cite are better. The fact that RB found it with Spy Sweeper
suggests it might be spyware rather than virus or trojan, although
"Downloader.L" sounds more like it ought to be a trojan. Does anyone have
further info (maybe another name?) on what it was that RB encountered?

a quick hunt thru google groups found a comment that avg found
downloader stubby, but could not "cure" it.

a lot of avs now seem to find these things, but then you need to goto
symantec or sophos or whatever sites and get detailed instructions on
removal - for downloader stubby this involves removing registry
entries and system files etc.

I think this is as much as we can expect from av software - a warning
- backed up with removal instructions and prevention tips - the last
being the most important

cheers - happy xmas !

 

[ss_spa]

I am now wondering why AVG didn't catch this (yes, my AVG has latest
update). I'd like to report it to Grisoft, but it seems they don't want to
hear from the free version users.

I guess the lesson learned here is to periodically go to one of the online
A/V scanners and get a 2nd health opinion. I know I'm going to.

And now you see the problem with this signature that AVG adds by
default to OE and who knows what else, and why it is a bad idea. If
AVG missed this particular problem child, what else is it missing?
Please take the time to uncheck that box in AVG.

tim

 

[Jim Walker]

I have AVG on one computer and Norton AV on another. Does AVG repair
the viruses that it finds? I just assumed that it would do that. I haven't
been through the experience of finding a virus with AVG yet?

 

[John Blaustein]

Jim,

You can go to www.eicar.org and download their test viruses and see how AVG
handles them.

The tests are here:
http://eicar.org/anti_virus_test_file.htm

John

 

[FromTheRafters]

Top posted, because I lost my mind for a second.

The EICAR test string doesn't help to check an AV program's
cleaning ability. You may need some real virus infected files to
do that.

 

[John Blaustein]

Top posted, because I lost my mind for a second.

The EICAR test string doesn't help to check an AV program's
cleaning ability. You may need some real virus infected files to
do that.

I did not know that. Sorry for the misinformation.

John

 

[Stuart Gray]

And now you see the problem with this signature that AVG adds by
default to OE and who knows what else, and why it is a bad idea. If
AVG missed this particular problem child, what else is it missing?
Please take the time to uncheck that box in AVG.

tim

Also take the time to update it latest is 12/26/2003