Computer Security & Viruses/Virus Conflict Question
QUESTION: I bought a Norton utilities upgrade online on the Norton website. I downloaded the file and ran a virus scan on it with 2 online multi virus scan engines. Both multi scan engines picked up Trojans. Phoned Norton about this and they assured me it was safe, and that I probably got a false positive reading. I am still afraid to run the file and would like to know if there is a way I can be absolutely sure that it does not contain a virus?
ANSWER: Norton is a highly reputable company so it it is highly unlikely that it would sell a product infected with a virus. By contrast, some of those online virus scan engines are scams, giving false virus reports in order to steal money from people by offering to remove the viruses they detect. You can read about some of these scams here (http://www.networkworld.com/community/node/36235
) and here (http://www.scambusters.org/fakeantivirus.html
I suggest that you buy Norton's Antivirus plus Internet Security and stop using online antivirus scanners. I use Norton on my Windows computer, I've used Norton Utilities, and its products have always been safe and effective.
---------- FOLLOW-UP ----------
QUESTION: I am presently using Norton Internet Security 2013 and have been using their products for a number of years. But what I have read is that not all Anti-Virus programs can detect every virus out there. Some can pick up viruses that others have missed. Both of the 2 online scanners that I use, use over 40 different anti-virus engines each. Just up-load a single file and they to the rest. They are designed to scan single files, not the whole computer.
The online multi-virus engines I use don't have anything to sell nor, do they give out any advice. I have used them many times, and most of the time the results come back clean. See below.
Perhaps the online multi-scanners that I used are not what they are cracked up to be. Maybe they are not that accurate. Could you please check them out and let me know what you think.
Thank you for alerting me to the existence of these scanners. I tested them on assorted malware programs I keep on hand for testing purposes. I was surprised by how many of the listed antivirus engines failed to detect well-known viruses and trojans. Some were understandable, as I submitted source code for some of them, and very few antivirus engines detected malicious source code. In the case of master boot sector virus source code, neither scan engine detected the two examples of master boot sector virus source code that I submitted. But what was astonishing was that several antivirus engines failed to detect executables of well-know but old malware (over 10 years since appearance in the wild).
However, Norton, F-Secure and McAfee detected all the executables I tried against them.
That said, I am concerned that some of the poorest performing antivirus engines might have been designed to make false detections of competitors' products. For example, if Norton (Symantec) ever had been offering its customers a download that was infected with malware, this would have been HUGE NEWS. I doubt that the people running these sites could have thoroughly investigated the companies providing these antivirus engines to make certain that they all have good ethical standards. So the fact that no such big news story has appeared suggests STRONGLY that Norton products continue to be safe.
If you wish, I could provide you with test examples of malware that are source code only. Your computer can't get infected by handling just source code. You would have to compile source code and then run it before it could take effect. The main reason I tested source code was to see how thorough these scanners could be. Existence of malware source code could be a sign of a breakin in progress, where the bad guy might have gotten control of your computer with something undetectable by your Internet security program, and then was in the process of installing other malware programs, and one of these was detectable. Or it could be a sign that another authorized user of your computer (or roommmate) was up to no good, collecting source code for malicious programs for later use.