Are virusscanners really this bad? shocking results

Do, or did you, have two boot drives connected at the same time when trying to boot your primary. Windows doesn't like it. It's a common mistake during cloning.

 

i take it you don't use sandboxing or vm techniques to try out programs..

 

Results:

Files moved to the recycle bin:


Had to log in as an administrator to install the antivirus program. The program warned me after install and during its first startup that its definitions were out of date. When I attempted a manual update it told me it didn't need to because it was already up to date. Then during the manual scan it complained again that it wasn't up to date. So who knows? I don't.

First scan results. Default settings:


Multiple locked files, but no scores on a virus. Onward I go, this time I select every scan and threat option and perform another scan:


Two suspicious files:


I forgot to scroll the freakin' window over before I did the screen capture. Nice one!! So, you can't see the file names. Nevertheless, the first is in IE's temporary internet files, but IE wasn't used to download the file. Hasn't been used in weeks, in fact. The second file you can see the beginning of the file name which is enough to see that it doesn't even show up in the recycle bin. The file has a .tmp extension. I don't know what to make of it.

Anyway, pushing 6 hours with no decernable problems.

 

If you're asking me, the answer is no, obviously. My drive is cloned and I was bored when I came across this thread.

 

So does anyone know if this actually is a virus?

 

Frankly, if you're not up to it, and content with your own assumptions; then I'd say to each his own - was just dispensing friendly advice

- Jordan

P.S. Symantec's CEO said in an interview last year that he was going to buy a mac next because the PC had waayy too many viruses/malware - I don't think anything more needs to be said about his confidence level in Symantec's own security products

 

I removed the link to that file...I'm surprised we didn't see it earlier.

Please do not post direct links to infected files, as we don't want accidents happening. Rather, post the name or other information about the virus or obfuscate the web address so that you cannot just point and click to download (like www dot notebookreview dot com).

 

Good point and appreciate the tip Greg! I never clicked on the link, but what Greg said and did was to protect all of us just in case this is/was something malicious. If you play with fire, eventually you will get burned.

 

I think that is the single thing that prevented you from being infected.

Signs from being infected: the trojan fires up several connections to the internet, system becomes very slow, searching on the internet becomes influenced. like searching for antivirus will launch some obscure webpage.

Ok good to know. I thought naming it 'VIRUS!!!!!!.EXE' was enough but I can see where you are coming from.

Why do you say 'Acronis restarts my computer' ?

I would say you run Acronis from a bootable CD or DVD (right? at least thats the way i do it) and then when you're finished restoring the image, you close off. take the cd/dvd out and just reboot your system.

 

I also have Acronis, but once I loaded it onto my cp I only had to insert the cd/dvd once. That is when I had to reboot and restore from my secondary. Like PhilFlow said, it is a wonderful program and it has saved me a few times over the past two years. Once from my primary HDD completely dying and the other two times from viruses crashing my "C" drive. As for myself, I always have my back-ups stored on my secondary HDD and that saves me just in case my primary takes a dive again.