If you scanner detects a virus

[StarBound]

I am having the following problem since the way back in 2000. I would open a CD and there would be a virus on. I inserted a cd, it did auto run, norton would go nuts warning of a virus and the next thing I knew even if I cancelled the run my pc would be infected and norton would add to the spreading.

Ok problem today. I have alot of backed up data. Once in a while I would get a virus warning from AVG saying there is a threat found and the name of the virus eg "winfast32". I make an effort to scan all my files before burning them but how can a file be ok on that perticular day and 2-8 years down the line the file has a certain viral property to it?

Can it be that at that time there was no cure for it? But I ran the file a few times and it never infected my system before.

Now for AVG specific question when I open folder on a CD and avg detects a threat does it mean I get the virus simply because windows loves to cache file info? If I decide to run a file that is infected will my pc get infected or will avg do something about the infected file first? What if avg cant heal the file because its on an read only format will my pc get infected when running the file?

[Stuart]

Now for AVG specific question when I open folder on a CD and avg detects a threat does it mean I get the virus simply because windows loves to cache file info? If I decide to run a file that is infected will my pc get infected or will avg do something about the infected file first? What if avg cant heal the file because its on an read only format will my pc get infected when running the file?

I think the more relevant question is, why on earth would you want to run a file on which a virus has been detected? 8O

[Prime]

I think what he's trying to say is that, when he puts a disk in, say with a whole lot of important documents, AVG tells him that the disk has a virus on it.

You can't edit the CD unless its rewritable and as far as i know, most antivirus's won't edit any cd's. what you could do is to block the file from starting up or put the disks in a non windoes machine such as linux and edit the cd's. delete the infected file or copy all the files onto something like a flash disk.

[Hman]

If you scanner detects a virus...

...you must e-mail it to everyone in your contact list.

[Hex_Rated]

If I decide to run a file that is infected will my pc get infected or will avg do something about the infected file first?

Don't run the file, delete it on site. The virus will get stored in memory when you run it and it propagates itself from there (if it copies itself), windows will cache it only if you run or open it and it could get stuck in your system restore files.

It needs to be executed (or opened in the case of a document with scripting or macros) to do what it was meant to do. As you put the CD in and AVG flags a threat, it hasn't executed the file yet or done anything (cached it), it's only picked up the signature of the virus by scanning the files. You could then try to salvage it (I don't know how you'd do this, you'd have to edit the file in a hex editor and remove the virus with a good knowledge of assembler and machine language) or move it to quarantine.

AVG doesn't clean the file if it flags a warning and you still try run it. At best it will offer you the choice of moving it to quarantine, which means if it's a CD, nothing will be done except the file being copied instead of moved to quarantine, or deleting the file.

[rustypup]

also be warned that AVG is still very prone to false positives...

[StarBound]

False positives? Does that mean avg detects viruses in files that doesnt have a virus?

As to the programs they are mainly exe flash vids like joe cartoon and other stuff. The one that bothered me was an adobe reader install although version 6 I was browsing through the cd and dont know if a virus would self spread because windows sees the file.

For a virus to spread must you open the file or can it spread with any file query such as asking for properties?

[Frozenfireside]

For a virus to spread must you open the file or can it spread with any file query such as asking for properties?

A virus can sperad with no interaction on your behalf. That's the beauty and annoyance of them. You really don't see it working until it's too late.

also be warned that AVG is still very prone to false positives...

I find norton worse and AVG 8 is no way as nervous as 7. I have a few dodge progs such as Brutus AET2 which used to get flagged as a virus.

If you scanner detects a virus...

...you must e-mail it to everyone in your contact list.

He He

[rustypup]

False positives? Does that mean avg detects viruses in files that doesnt have a virus?

correct.

For a virus to spread must you open the file or can it spread with any file query such as asking for properties?

sort of ... yes, it has to be executed, but it doesn't necessarily require any interaction on your part... it just has to trick your OS into executing it...

a simple one is to have autorun.bat reference something which looks like an icon file, but is, in fact, a viral executable. windows explorer, when mounting the disc, (without even browsing the disc), will automatically attempt to load the 'icon' to display it under the explorer options, thereby running the code....

@Frozenfireside: ... norton's FPs have always struck me as suspect... my theory is they get some form of kickback on support calls whenever one of these 'glitches' scribbles a windows box...

[Frozenfireside]

What I find amazing is the number of people who honestly believe that Norton is the best and even if you show them accurate stats and stuff, they will not use anything else.

I am the IT geek. I know more then you when it comes to this stuff. Why are you not listening?

[StarBound]

Nortons ability to spread a virus closed my interests and when I lost most of my drive on an uninstall it sealed the deal

I had AVG since either version 6 or 7. It just works for me. Bit defender on the other hand is the worst piece of $h17 I have ever worked with. They should build in an achievement function in case you figure out how to work it.

Ok you mention no interaction like a bat, inf or ini file but what about just hovering over the file with your cursor? Or even clicking properties? Does that spread the viral love?

[Stuart]

I had AVG since either version 6 or 7. It just works for me. Bit defender on the other hand is the worst piece of $h17 I have ever worked with. They should build in an achievement function in case you figure out how to work it.

Lol? Admittedly, BitDefender may not be the most effective in the ever-expanding universe of antivirus apps, but it hardly takes a rocket scientist to figure out how it works! What's so difficult about it?

[i_r_baboon]

Probably a false positive, get the exact name of the virus and google it.

I use these two free programs that work very well so get them and scan your PC and those CD's, as I said they are free but you pay for active protection in both programs.

I've never been a fan of Norton or AVG 8 although I <3 AVG 7.5 pitty it's discontinued..

Malwarebyte's Anti-Malware
http://www.malwarebytes.org/mbam.php

a-squared Free
http://www.emsisoft.com/en/software/free/

Also look at online scans...

Edit: Don't forget to update them, only a few megs..

[StarBound]

My problem with bit defender is whenever I need to make a eft it hangs the pc on the banking site. We needed a AV for the business pc. Imagine the panic on the payday with 100+ payments to be made and the AV crashes the pc. I tried disabling the phishing feature but the program just crashs.

[Stuart]

Sounds like fun. I haven't used BitDefender since Tribble was a kitten, which is a LOOOOONNNNNG time ago, but I never experienced any such issues when I WAS using it.

[i_r_baboon]

BitDefender has fallen off track for a very long time now, if you want the best then use Avira AntiVir... Here are independent tests, tests you can trust, well sort of..

Anti-Malware
http://ssupdater.com/modules/Forums/ind ... topic=3037

Anti-Virus
http://ssupdater.com/modules/Forums/ind ... topic=2502

[Furion]

Interesting thread here. I personally use avast anti virus as i find it unobtrusive and efficient. Also its not a huge resource hog as the other products mentioned here. And you get a years free updates

Norton is just rubbish. Slows everything down. One day a while ago a friend of mine encountered an infection on his pc that took and infected every exe on his machine. And the worst part for him? It even ate norton's exe and changed registry keys in norton's properties to corrupt it completely. Now how the hell can an av company with that much experience get taken out with such impunity?

and people continue to buy it?
i'd rather deal with a few false positives than deal with that.

*edit* when i saw what had happened and he told me norton got eaten...i laughed so hard for so long i just lay doubled over spasming from trying to breathe. Boy it was funny. Yes. I felt bad. Much later.

[i_r_baboon]

Yeah Norton fell off long ago but lots of people that don't know much about viruses and av products pick Norton because it's a name they have heard over and over..

Try that Avira, I have tried it and it's very low on resources but expect false positives. Those links to the tests that I posted are independent, you won't really find many forums that does those tests other than websites which as you know arn't really credible..

Also the new Kaspersky 2009 is doing very well, they should have scores for it soon in the next test. I use those 2 free programs I mentioned earlier for casual scanning every now and then

[StarBound]

Norton would scan and spread the virus and after you exit it wont start up. Has anyone else used a AV that did something similar?

Ok try this if your pc is indeed infected with a virus how do you get rid of it? I imagine if you install a virus scanner then it would automaticly become infected. And the days of dos boots and dos based single solution scanners and removers are gone. So how would I go about if my pc did get infected?

[Prime]

Norton would scan and spread the virus and after you exit it wont start up. Has anyone else used a AV that did something similar?

Ok try this if your pc is indeed infected with a virus how do you get rid of it? I imagine if you install a virus scanner then it would automaticly become infected. And the days of dos boots and dos based single solution scanners and removers are gone. So how would I go about if my pc did get infected?

in the 7 years i used norton, i never had a single hassle. We alomost never had viruses get onto our machine. I have seen more virus's with Trend Micro PCcillin. Maybe norton has deteriorated in recent years but i know it used to be bloody Excellent

And Norton never once spread a Virus single that we did get!

[Frozenfireside]

Norton would scan and spread the virus and after you exit it wont start up. Has anyone else used a AV that did something similar?

Ok try this if your pc is indeed infected with a virus how do you get rid of it? I imagine if you install a virus scanner then it would automaticly become infected. And the days of dos boots and dos based single solution scanners and removers are gone. So how would I go about if my pc did get infected?

in the 7 years i used norton, i never had a single hassle. We alomost never had viruses get onto our machine. I have seen more virus's with Trend Micro PCcillin. Maybe norton has deteriorated in recent years but i know it used to be bloody Excellent

And Norton never once spread a Virus single that we did get!

Ok apart from the spreading of viruses, which I think is a biproduct of not being able to cure the virus in the first place, you are the first person I have ever heard of who has been happy with norton.

I have used Norton 'top-of-the-range' products and they are so bad.
Annoying, ineffective and resource heavy.
Norton 2005 was a personal 'most hated'.

[Furion]

Booting into safe mode and running a scan then can help as it sometimes prevents the virus from loading in the first place. Thats if you're infected already. Or. Trying a system restore back to time when you know the system was clean then running a scan then...

[Prime]

I just found norton did wat it had to do. I will say out right, that on an effectiveness level, its very hard to compare scanners. We used norton four 7? years. And we've used pccilin for about 6 months. And its not reasonable to try make a comparison between the two when they have been running in seperate environments. On a general view of the way in which each one functioned though, norton ran updates and scans in the background. Trend does not do this, it insists on opening a window.

And hey, our p3 handled norton fine. Couldn't be that heavy

[Furion]

Ah but which norton version are you referering to? Different releases behave differently and consume resources differently. I find that stand alone virus utilities aren't bad on resource consumption at all. But full internet security packages which include firewalls and anti spam etc are terribly resource greedy.

[StarBound]

Sorry guys but the thread is derailing a bit. It not a thread to say how good or bad norton is. I just want to know in general what would happen if you AV finds a virus and that virus is a) on a read only format, b) uncureable or c) already on your pc.

How do you removed a virus if you pc has already been infected? Full format and repartitioning of the harddrive?