Endpoint Protection

 View Only
  • 1.  Zlob.Trojan

    Posted Sep 19, 2007 09:59 AM
    SpyHunter tells me that I have Zlob.Trojan.  When I read the Security Response for Trojan.Zlob (I assume the transposition of the words is not relevant - or is it?) on the Symantec web site it effecitvely says to update the virus definitions, run a full system scan then delete all Trojan.Zlob files.  I use Symantec AntiVirus Corporate Edition (Program 9.1.0.825 and Scan Engine 4.2.0.7) and my virus definitions are constantly updated (current Version 9/18/07 rev. 7) and I run scheduled full scans every Sunday morning.  I don't see the point in following the Security Response process since I am constantly doing just that anyway so I can't imagine the outcome will be any different this time. 
     
    My question is why has Symantec never detected Zlob but SpyHunter does?  Which one is right?


  • 2.  RE: Zlob.Trojan

    Posted Sep 19, 2007 12:00 PM
    Hi SBD,

    It is a common practice to have threats be repackaged to hide from AV scanners. AV companies as a whole do their best to create the broadest detections while still avoiding False Positive detections. If we are not detecting what appears to be a threat, please submit the suspected files to us so we can investigate further.


  • 3.  RE: Zlob.Trojan

    Posted Sep 19, 2007 12:20 PM
    I'll try to get that done later tonight.
     
    So I gather SpyHunter is legitimate and not creating false positives just to sell their software?


  • 4.  RE: Zlob.Trojan

    Posted Sep 19, 2007 12:37 PM
    I can't comment on Spyhunter's practices ;)

    For us to say if this is or is not a threat, we need to have a sample of the code to investigate.