[pchelpers] antispyware and antivirus response times to new spyware - part 2

(resending; testing the Freelists filter by sending (updated) second 
part only)

As mentioned above, SUPERAntiSpyware was one of the first or the first
antispyware program to be able to detect AntiVirGear. I was pleasantly 
surprised that the former best one, CounterSpy, was also able to deal 
with it on the 13th. (It's still the only non-freeware program i 
recommend because the others are worse for several reasons.) I did not 
test BOClean because that would have required trying to infect my 
computer because that program "only" has real-time protection. In other 
words, it would have protected me from infection if it knew about or was 
able to use heuristics to detect AntiVirGear, but it cannot scan and 
therefore cannot detect a dormant installer package of malware only 
lying around.

But someone on 
http://forum.spywareterminator.com/Default.aspx?g=posts&t=3065 says 
BOClean already detected it at least as early as the others.

Spyware Terminator still cannot detect AntiVirGear despite being told
about it by me at 0:12 UTC (London time) on the 14th and probably by
others before.

I told Spy Sweeper about AntiVirGear at 11:28 UTC on the 14th, but it
also does not yet detect it, but that may be because its update
function does not work in the free version even when my firewall and all
other security programs are disabled. And they're famous for not
providing a download link for definition updates on their website and
famous for bad and slow support.

I didn't bother to try if Microsoft's bureaucracy is interested in
malware submissions. I also figured they've got their tentacles in
enough places to already know about AntiVirGear anyhow, and the fact
that Windows Defender also still does not detect it is simply
sign of typical MS sloppiness and lethargy. Spybot and Ad-aware are
royal pains because Spybot doesn't have the option of scanning only one
folder and Ad-aware reserves that feature for the pay version. They
therefore require full system scans, which also take ages, and they
don't detect AntiVirGear yet. I'll try again tomorrow and during the
next few days, and i wouldn't be surprised if they beat Defender.

The other programs listed all performed worse: Spyware Doctor, Spy
Sweeper, and SpyCatcher Express also still fail to detect AntiVirGear. I
will retry the first two later today. They require reinstallation
because they refuse being disabled and conflict with each other and/or
the other antispyware programs even when these have been disabled...
SpyCatcher causes more than 90% CPU usage and slows the computer to a
crawl almost every time it's started...

Interestingly, the following antivirus programs also already detect this
new spyware, but AntiVir is not one of them this time:

Avast   
BitDefender     
F-Secure Anti-Virus     
Fortinet        
Kaspersky Anti-Virus    
VBA32   

Shortened scan result from
http://virusscan.jotti.org/

Scan taken on 16 Sep 2007 17:47:07 (GMT)

Edit: AntiVir was already able to detect the infection on the 13th but 
it still doesn't detect the installer before trying to run it.


-- 
-------list-services-below-----------
Regards, John Durham (list moderator) <http://modecideas.com/contact.html?sig>
Freelists login at http://www.freelists.org/cgi-bin/lsg2.cgi
List archives at http://www.freelists.org/archives/pchelpers
PC-HELPERS list subscribe/unsub at http://modecideas.com/discuss.htm?sig
Latest news live feeds at http://modecideas.com/indexhomenews.htm?sig
Good advice is like good paint- it only works if applied.

Other related posts: