Sunday, May 20, 2007

Use the right antivirus!

I would like to share a painful experience with the Antivirus applications we trust!

Few days ago my home PC got infected with a worm (IM-Worm.Win32.Sohanad.t) that attacks the Windows OS, disables all important tools including:
Task manager, regedit, msconfig, ..even the command prompt!

It creates its copies in most drives, primarily in removable ones and creates autorun.inf to auto run itself, creates a copy of itself (exe file) for each folder in the removable drive!

So, you may ask, didn’t I have an updated antivirus? Yes, I had and that’s the point of my email. I had Norton Antivirus 2005 with the latest definitions updated. Unfortunately even after manual updates and manual scans on the infected exe files it couldn’t find any threats!

More bad news! I tried all of the following top most antivirus and anti-malware applications but they couldn’t detect the virus:

PC Cillin 2004 with updates, Adware Professional with updates, Spyware Doctor, SpyBot Search & Destroy!

So I did some googling to learn which are the current ‘top 10’ antivirus applications. I found ‘Kaspersky 6’ to be the top most one in several ‘good’ web sites. I never heard of it! Interestingly Norton, Trend Micro, McCafe are not in ‘top 5’.

I downloaded and updated Kaspersky and it could detect and clean the virus very well! I installed it in my office PC and it got 2 spywares which our default Network antivirus couldn’t find! Don’t know how long the spyware was in my PC!

Summary: I suggest all to recheck the ‘top 5’ list of antiviruses to get ‘true’ protection from latest viruses/malwares. I found Kaspersky good for my case.


Doctor@WardRound said...

This is excatly what happened with me as well. All the essential services were disabled by the virus, and i had norton internet security 2005 running, completely updated daily. All be removable disks got infected. The system became unstable day by day, until a frined of mine referred to me the Kaspersky AV. Never heard of it, i was hesitant to use it. But strangely it removed all viruses! I agree with you, we need to re-think what are the top most antivirus out there. I am planning to buy Kaspersky.

Venom@Ward said...

Hi again, I was here to share another story. one of my friends called me up and was telling me the same story that his task manager was disabled and he was having CPU activity. From my experience, I had a clue that he might as well be infected with Sohanad.t/Imaut.N worm. Inspite of the fact that he was running a fully functional trial of NAV2007, the worm was not detected. Upon my advice, he installed KAspersky 6.0, and the problem was solved. This left me thinking, what was wrong with giants like Norton and McAfee? Their website shows that all definitions after April/May 2006 can remove this worm. Then why not removed in the first place? Any ideas?

Kaisar said...

Hi! Sorry to hear about your and your friend's experience. I was as shocked as you are when I also found that my updated Norton doesn't do anything when my system gets destroyed. I also have the same question as yours and not sure what is wrong with Norton!

At the moment, we can call or send emails to them and notify them about the problem with their product.


Anonymous said...
This comment has been removed by a blog administrator.
Anonymous said...

Sorry for the random swearing, but symantec/norton users make me so angry!

Anonymous said...

Antispyware solution from Search-and-destroy.
I have tried so many different types of scans to help keep my PC running at its best and one thing that I discovered is that they all tend to find the same types of bugs. The main difference between them all is the price that you pay. Recently I discovered Search-and-destroy Antispyware at and I really like it a lot. Antispyware solution from Search-and-destroy is one of the best scans I have ever used and I’m sure that you will be very happy with it as well. Go ahead and give it a try, you will be glad you did!