Check your Virus Scanner !

Don't believe what people are telling and don't trust what magazines are writing about the "best" virus scanner !!
Test it on your own !
With the content of the file "Infected Files.zip" (inside AntiVirusChecker.zip) you can check the quality of your virus scanner.

Follow these steps and read the instructions to the end before you start !!

Create a new folder on your harddisk. (for example C:\Virus )
Unpack the content of the file "Infected Files.zip" into the new folder.
Configure your virus scanner to delete infected files.
- If your virus scanner has enabled "AutoProtect" it should not allow to copy any of the infected files to disk.
- If you have disabled "AutoProtect" tell your virus scanner afterwards to scan the new folder.
Now have a look into the new folder.
If there are any infected files unchanged in the folder, your computer is NOT fully protected !
Only the file "bszip.dll" should remain.
Note: Some files may have been repaired (e.g. Macroviruses removed from Word documents) so you should compare your folder with the origional files in the ZIP file! But the filesize may be the same! So you must binary compare the files or at least compare the file date. The best for this test is to tell your scanner not to repair but delete infected files.
Some virus scanners (e.g. F-Secure) come into trouble if you copy many infected files very rapidly to disk. If you copy the files one by one they detect them in AutoProtect mode but if you copy multiple files at once they detect only some of them !!
F-Secure is not able to delete an infection inside another file (e.g. attachment in email) and even if you tell it to delete the whole file (email) it tells you that this is not possible!
Additionally there are some other criteria to choose a virus scanner. E.g. Norton consumes much diskspace, makes your PC extremely slow and once installed you cannot turn it off anymore and the PC will not shutdown anymore!
Trendmicro Office Scan has a very bad habit: sometimes it scans the complete harddisk when the computer boots (before the logon screen appears). This may take up to 5 minutes in which you cannot use your computer!! You don't even get a message whats going on!
Some of the Scanners may also give false alarms!
Some scanners offer additional protection mechanisms. E.g. Kasperky's "Proactive protection" detects if a program tries to inject a DLL into other processes.

The password of the ZIP file is "this file contains malicious content".

NEVER rely on your virus scanner !
If the virus / worm is very new, it will not be detected.

Additionally you should install DiamondCS ProcessGuard, which also protects against very new parasites on your PC which are unknown up to now.

It prohibits that a worm can kill the running processes of your securtity software
that a keylogger can set a global hook to spy you
that a worm can manipulate the memory of another process and inject itself in this way into another program
that a driver (Rootkit) is installed

Note: The names of worms / viruses which are displayed by the virus scanner may differ.
(Example: The Trojan.Anserin also has the names W32.Agent.SJG and Torpig-K, depending on the scanner)
The only important thing is THAT the infection is detected !

File name in ZIP file	Infection	Norton 2006	Bitdefender 8	Kaspersky 6	AntiVir 7	Avast 4	Trendmicro OfficeScan 8	Norman Virus Control 5.8	Sophos 4	F-Secure 2006
Price:		40 $	Freeware	30 €	Freeware	Freeware	? (expensive)	55 $	60 €	40 €
A0007284.exe	Trojan.Flush.A	detected	detected	detected	detected	detected	detected	detected	detected	detected
alicia.scr	W32.Bugbear	detected	detected	detected	detected	detected	detected	detected	detected	detected
AntiTrojan.exe	Sober.Mail.2	FAIL	FAIL	FAIL	detected	FAIL	FAIL	FAIL	FAIL	FAIL
ants3set.exe	W32.Anset.Worm	detected	detected	detected	detected	detected	detected	detected	detected	detected
BadtransB Email.eml	W32.Badtrans.B	detected	detected	detected	detected	detected	detected	detected	detected	detected
Beagle.A.exe	W32.Beagle.A	detected	detected	detected	detected	detected	detected	detected	detected	detected
BlackBox-1.jar	Trojan.ByteVerify	detected	detected	detected	detected	detected	detected	detected	FAIL	FAIL
BlackBox-2.jar	Trojan.ByteVerify	detected	detected	detected	detected	detected	detected	FAIL	FAIL	FAIL
bndmod.exe	Adware.Livechat	detected	detected	detected	detected	detected	FAIL	detected	detected	FAIL
bszip.dll	no infection	no alarm	no alarm	no alarm	no alarm	no alarm	no alarm	no alarm	no alarm	false alarm
cd_htm.dll	Adware.Cydoor	detected	detected	------------ not tested ------------
Counters-1.jar	Downloader.Trojan	detected	detected	detected	detected	detected	detected	FAIL	FAIL	FAIL
Counters-2.jar	Trojan.ByteVerify	detected	detected	detected	detected	detected	detected	detected	FAIL	FAIL
Counters-3.jar	Trojan.ByteVerify	detected	detected	detected	detected	detected	detected	FAIL	FAIL	FAIL
Counters-4.jar	Trojan.ByteVerify	detected	detected	detected	detected	detected	detected	FAIL	FAIL	FAIL
cszjj.exe	Trojan Horse	detected	detected	detected	detected	detected	FAIL	detected	detected	detected
CV_deu.doc.pif	W32-Sircam.Worm	detected	detected	detected	detected	detected	detected	detected	detected	detected
details.pif	W32.Sobig.F	detected	detected	detected	detected	detected	detected	detected	detected	detected
DMSETUP.EXE	IRC Trojan	detected	detected	detected	detected	detected	FAIL	detected	detected	detected
doc_data-text.txt.pif	W32.Sober.K	detected	detected	detected	detected	detected	detected	detected	detected	detected
dreiue.exe	W32.Beagle.B	detected	detected	detected	detected	detected	detected	detected	detected	detected
foto.html	W32.Beagle.AQ	detected	detected	detected	detected	detected	detected	detected	detected	detected
foto1.exe	W32.Beagle.AQ	detected	detected	detected	detected	detected	detected	detected	detected	detected
fpreg4u2.rtf.pif	Torvel.B	detected	detected	detected	detected	detected	detected	detected	detected	detected
Funny.scr	W32.Sober	detected	detected	detected	detected	detected	detected	detected	detected	detected
Fw U realy Want this !.eml	W32.Yaha.F	detected	detected	detected	detected	detected	detected	detected	detected	detected
Geburt.xls.com	W32.Sircam.Worm	detected	detected	detected	detected	detected	detected	detected	detected	detected
Kunden Deutsche Bank!.eml	Html.Bankfraud.E	FAIL ^(1.)	detected	detected	detected	FAIL ^(1.)	FAIL ^(1.)	FAIL ^(1.)	FAIL ^(1.)	detected
hlmicro.exe	Adware.Winprotect	detected	detected	detected	FAIL	detected	FAIL	detected	detected	detected
hwiper.exe	Trojan.Qhosts	detected	detected	detected	detected	detected	FAIL	detected	detected	detected
IBM00001.exe	Trojan.Anserin	detected	detected	detected	detected	detected	FAIL	detected	detected	detected
Information.vbs	W32.Beagle.W	detected	detected	detected	detected	detected	FAIL	detected	detected	detected
instruction.pif	W32.Mydoom.M	detected	detected	detected	detected	detected	detected	detected	detected	detected
INV43.exe	W32.Galil.C	detected	detected	detected	detected	detected	detected	detected	detected	detected
kdll.dll	Trojan.Horse	detected	detected	detected	detected	detected	detected	detected	detected	detected
KERNEL32.EXE	W32.Badtrans.B	detected	detected	detected	detected	detected	detected	detected	detected	detected
Love-Letter-for-you.vbs	VBS.Loveletter.A	detected	detected	detected	detected	detected	detected	detected	detected	detected
Melissa.dot	W97M.Melissa.gen	detected	detected	detected	detected	detected	detected	detected	detected	detected
Melissa.vbs	Marco.src	detected	detected	detected	detected	FAIL	detected	FAIL	FAIL	detected
message.scr	W32.Netsky.P	detected	detected	detected	detected	detected	detected	detected	detected	detected
MoreInfo.pif	W32.Beagle.J	detected	detected	detected	detected	detected	detected	detected	detected	detected
MS-Q4932364791.exe	W32.Sober.D	detected	detected	detected	detected	detected	detected	detected	detected	detected
msgdog.dll	Spyware.Manan	detected	detected	detected	FAIL	FAIL	FAIL	detected	FAIL	detected
msupdate.cmd	Adware.Iefeats!dr	detected	detected	detected	detected	detected	detected	detected	detected	detected
MTX-Me_nude.AVI.pif	W95.MTX.dr	detected	detected	detected	detected	detected	detected	detected	detected	detected
MTX_.EXE	W95.MTX.dr	detected	detected	detected	detected	detected	detected	detected	detected	detected
Navidad.exe	W32.Navidad	detected	detected	detected	detected	detected	detected	detected	detected	detected
patch.exe	W32.Dumaru	detected	detected	detected	detected	detected	detected	detected	detected	detected
Pmessage-text.txt.pif	W32.Sober.F	detected	detected	detected	detected	detected	detected	detected	detected	detected
q451417.exe	W32.Swen.A	detected	detected	detected	detected	detected	detected	detected	detected	detected
Re here´s a nice Picture.eml	Torvel.B	detected	detected	detected	detected	detected	detected	FAIL	detected	detected
Read It NOW!!!.hta	Adware.Iefeats!dr	detected	detected	detected	detected	FAIL	detected	FAIL	detected	detected
readme.scr	W32.Mydoom.A	detected	detected	detected	detected	detected	detected	detected	detected	detected
resume.mdb.scr	W32.Yaha.F	detected	detected	detected	detected	detected	detected	detected	detected	detected
rundmc.exe	IRC.Trojan	detected	detected	------------ not tested ------------
Setup.exe	W32.Alcra.B	detected	detected	detected	detected	detected	detected	detected	detected	detected
Shell32.exe	Trojan.Servuftp.A	FAIL	detected	------------ not tested ------------
Ska.dll	Happy99.Worm	detected	detected	detected	detected	detected	detected	detected	detected	detected
Ska.exe	Happy99.Worm	detected	detected	detected	detected	detected	detected	detected	detected	detected
Sonar 4 Keygen.exe	W32.Fontra	detected	FAIL ^(2.)	FAIL ^(2.)	FAIL ^(2.)	FAIL ^(2.)	FAIL ^(2.)	FAIL ^(2.)	FAIL ^(2.)	FAIL ^(2.)
SVCHOST.EXE	W32.Welchia.B	detected	detected	detected	detected	detected	detected	detected	detected	detected
SVGViewer.exe	Trojan.Sefex	detected	detected	detected	detected	detected	detected	detected	detected	detected
system-su.6640.EML.scr	W32.Sober.I	detected	detected	detected	detected	detected	detected	detected	detected	detected
Systray.exe	Backdoor.Iroffer.A	FAIL	detected	------------ not tested ------------
TARGET.exe	W32.Klez.H	detected	detected	detected	detected	detected	detected	detected	detected	detected
Taxes.exe	Trojan.Tooso.L	detected	detected	detected	detected	detected	detected	detected	detected	detected
TUBEWARM.exe	Trojan.Sefex	detected	detected	detected	detected	detected	detected	detected	detected	detected
Untitled1.pif	W32.Sobig.A	detected	detected	detected	detected	detected	detected	detected	detected	detected
Vqx7223.exe	W32.ElKern.4926	detected	detected	detected	detected	detected	detected	detected	detected	detected
W97.Marker.gen.doc	W97M.Marker.gen	detected	detected	detected	detected	detected	detected	detected	detected	detected
web.exe	Adware.MainSearch	detected	detected	detected	detected	detected	FAIL	detected	FAIL	FAIL
Windows XP For FREE!.eml	Backdoor.Nibu.L	detected	detected	FAIL	detected	detected	detected	detected	detected	detected
Winkio.exe	W32.Klez.H	detected	detected	detected	detected	detected	detected	detected	detected	detected
Winzipped-Text_Data.txt.pif	W32.Sober.O	detected	detected	detected	detected	detected	detected	detected	detected	detected
Wsock32.dll	W95.MTX	detected	detected	detected	detected	detected	detected	detected	detected	detected
Your_money.hta	W32.Beagle.X	detected	detected	detected	detected	detected	detected	detected	detected	detected

Notes:

Html.Bankfraud.E is not an infected file. But it is a malicious email, which asks you to enter your bank account data into a webpage which imitates the look of the origional page. (Phishing)
These test results were valid at the day the ZIP file was created. (May 2006)
W32.Fontra was 5 days old at this time and not yet detected by all scanners.

ElmüSoft