Hi everybody
Ive been around thousand of threads on xda-dev and couldn't find any official one for Anti-Virus. That's the main reason why I'm starting this new thread and also because Anti-Virus on Pocket PC are growing more and more. Actually we are not safe but we don't care until we get infected and that will be too late, with most of the time the only solution a hard reset.
Let's discuss and compare in this thread the different Anti-Virus SW available on the market today, and bring out positive/negative points based on our experience. It will be benifit for everybody ...
I know everyone hates Norton/Symantec but I was on the beta testing team for Norton Smartphone Security Premier Edition since day one and it is very friendly and easy to use.
http://www.symantec.com/home_homeoffice/beta/overview.jsp?pvid=nssp1beta
Actually I was using Symanter antivirus for handheld on my QTEK 2020i WM2003SE and that's true it is user friendly and worked fine, with virus definitions updates very ofently.
I was unable to install it on my HTC Athena WM6
Do you know is there is any version coming for WM6 Pumpiron?
I checked you link and it's different from what I used to have on my old device.
Ill download this beta and try it.
I'll let you know what I think about it, if it slow down the machine etc ...
It did not on mine and when I uninstalled it, it was gone...no traces..part of the beta testing. I did uninstall from my desktop, not my PPC
I am curios, how does this effect your device speed and performance?
What is the CPU and memory usage (in reality, not what stated on the site)?
I have Symantec on my XP PC and it sucks big time (does the job for the most part, but very slow and heavy).
eTrust came pre-installed on my Jamin, but that is an even bigger atrocity!
Another question - do they have a list for PPC viruses on their site like they do for PC ones?
The only PPC virus I heard of was a harmless proof of concept that could make files display a pop-up message and did not reproduce.
If real viruses for WM systems are already out there (I know its a only matter of time) I would be interested in reading up on them to know what I am facing.
Also, anyone actually caught a virus on a WM machine and can share the experience?
Here are my first impressions:
1 - The Startup time of my Athen after a soft reset has increased by around 20 sec, this because Symantec is loading on the startup.
2 - I didn't noticed a slow down during normal utilization of the device, but it's really early before concluding on that point because I need to try different applications.
3 - When I first connected to the Internet via WiFi, even the connection were established, could not load the pages having an error "page not found"
but after 15sec everything is back to normal and connections to Internet was not a problem at all.
4 - I just suffered a Freeze but not sure it is due to Symantec, because i've been suffering frequent daily freezes on my Athena since I upgraded to WM6.
But the freeze came this time while using the Antivirus SW
5 - The package is composed by an AntiVirus, a Firewall, a Norton Secure Folders utility and a Norton Tools utility.
6 - Also note that after finish installing it, it force you to set a pin code that you will have to enter everytime you soft reset your device. I tried to disable it but it won't let you do it
I'll give more details about the package in a different post after some testing
levenum said:
I am curios, how does this effect your device Another question - do they have a list for PPC viruses on their site like they do for PC ones?
Click to expand...
Click to collapse
You can check the list from the SW installed on the PPC
Just applied live update over WiFi and basically there are 5 in the list:
EICAR-TEST-FILE
WinCE.Duts.A
Backdoor.Brador.A
Trojan.Redbrowser.A!jar
MSIL.Cxover.A
Definitions : 04/06/07 ver 2.0
As promised, here is my feedback on the tools provided in the package:
1 - Norton Antivirus
Very friendly and easy to use, from the menu u can access the options for the Antivirus, the Scans, the AntiSpam, Updates and Proxy config. You can also access the quanrantined files, the activity log and the virus definitions list. Manual scan and automatic scan can be performed.
2 - Norton Firewall
I didn't really understood how we use the Firewall function. Basically when you start it you have a tab showing the security level. It is have different security levels for World (the highest), Office, Home and Open Sapce Networks (the lowest). Also you can not modify them at all. You can access a second tab called Events by severity in last and a third tab "Event list" which show in details all the events that happened on your device, like soft reset, login success .... very weird as we can not reset this list, also we can not change any parameter in the Norton Firewall, everything is set by default
3 - Norton Secure Folders
from what I guessed, this utility allow you to choose folders on your device and set them as secure. I don't know what it does exactly but I think it should encrypt the data inside the folder so it's protected in case you have been attacked by a trojan who collects your data and send it to the pirate.
You click on menu->Add->then you choose from the list Device, Mircrodrive or Storage Card if you have one. Then you type the name of the folder you want to secure.
I did a test, I choosed Device, and kept the folder name blank and clicked on ok. It added the "secure folder" under device. if you try to remove it you will have this warning "Removing the secure folder will destroy all data in the folder. do you really want to remove it?"
4 - Norton Tools
It contains 2 utilities, GetUUID and Lock
GetUUID will display on the screen 2 series of digites
the first one don't know what it is and second one is your IMEI
I guess this info is needed when the final version is released and
you need to register the SW
Lock utility display the following message when u click on it
Encryption may take several minutes. Pls wait for the device to power off.
If you need to soft reset, pls wait until encryption is completed and the
device powers itself off.
I clicked on yes, so the device start encrypting something .... then the screen turned off. I turned it on using the power button and it displayed to me the password screen which I entered. then it displayed the message decrypting for about 30 sec, then I had my normal today screen ...
Im wondering if it does not encrypt/decrypt the secure folders you
already chosen using the "Norton Secure Folders" utility.
Ive wrote to Symantec asking them for a manual or user guide, hopefully they will reply.
I have rated this SW 3/5 on their site, mainly because it is not clear what all utilities does and because Firewall is set by default and noting can be changed.
Hope my feedback will be usefull, and I hope other users will bring to us their experiences with the different Anti-Virus SW they have used on their Pocket PCs.
Just as I suspected, no real viruses just a nice proof of concept that asks you if you want to try it:
WinCE.Duts.A
A back door that needs to be run and does not spread:
Backdoor.Brador.A plus it would be useless if you are on GPRS/EDGE/UMTS or behind a NUT router.
This one seems like it could actually be trouble, if:
a) you leave in Russia
b) you are stupid enough to believe you can get WAP pages through SMS and that it would be cheaper than GPRS
c) you can get it to work on PPC.
Trojan.Redbrowser.A!jar
This one though, I have to admit is rather clever - using .NET to run both on PC and PPC amd is fairly destructive:
MSIL.Cxover.A
It is still unclear, however how its spreads from PC to PC (presumably you have to download and install / run it).
Of course given the fact that many people save their docs on SD and not the default My documents folder and that they do not disable security completely on their WM 5 and up devices (which are becoming majority these days) the effectiveness of this worm is more than questionable.
Well I still think it is too early to actually by this kind of apps. Also I think that as with many other programs the same "heavy" approach that works on PCs with many resources will not work well on PPC (not the way they are today). A different solution to virus protection needs to be found to be useful.
But hey - thats just my opinion...
So from what ive read its still to early to be using a resource draining av on the ppc? If this is the case, how about Spybot S&D? Is spyware more of a threat than viruses? are they really that much different? I find that spybot updates more regularly(when i connnect wifi).
as with virus's i believe that have to be made to support ppc's
in which case maybe due to spyware makers lack of innovation
that market have yet to take off
WingChan: whether to use the software or not is a personal decision - my belief is: given the list of threats it is too early. Also I believe that the method used to protect against viruses on PC is not suitable for PPC because of the resource requirement. Something more efficient needs to be invented, perhaps taking advantage of difference in architecture between WM and desktop - like the fact that system files can not be corrupted but only hidden.
Note that BigDede preformed the test on HTC Advantage which has a 600+ MHz processor if I am not mistaken. I doubt the app would be as unnoticeable on my 200MHz Prophet.
But it is only a matter of time before someone writes a real and damaging virus for this platform as it becomes more and more common. So if you really value the info you have on there you might want to get protection already - although a good and frequent backup would be much better.
I haven't heard of spyware for Windows Mobile, only major one for BB - any one got any news on this?
There is a major difference between spyware and viruses:
Viruses try to cause as much damage as possible and their effects always become visible sooner or later, in many cases almost immediately after infection.
Spyware on the other hand, needs to hide and tries not to interfere in device operation as much as possible and show no sign of activity.
levenum said:
WingChan:
There is a major difference between spyware and viruses:
Viruses try to cause as much damage as possible and their effects always become visible sooner or later, in many cases almost immediately after infection.
Spyware on the other hand, needs to hide and tries not to interfere in device operation as much as possible and show no sign of activity.
Click to expand...
Click to collapse
Very good explanation of the differences between Viruses and Spywares.
I agree also that it is too early today to really worry about having protection, but I prefer to be ready instead of regretting and wishing I had some protection.
Very good remark as well regarding the frequent backup ...
Need Help
Hello Everyone,
I'm not a developer, but I found your thread on this subject via Google and was hoping I could ask a question...
I'm able to download the Norton Smartphone Security Premier Edition Beta version, but when I try to install it (which I assume must be done first to my laptop, followed by sync'ing my laptop with my 8525) a "Self-Extracting Archive" window comes up that says: "Warning, one or more files skipped". This occurs when the installation process reaches "Extracting: SUPPORT\START.ICO 100%".
Does anyone know what I'm doing wrong?
Many thanks for your time!
A. J.
ajbt said:
Hello Everyone,
I'm not a developer, but I found your thread on this subject via Google and was hoping I could ask a question...
I'm able to download the Norton Smartphone Security Premier Edition Beta version, but when I try to install it (which I assume must be done first to my laptop, followed by sync'ing my laptop with my 8525) a "Self-Extracting Archive" window comes up that says: "Warning, one or more files skipped". This occurs when the installation process reaches "Extracting: SUPPORT\START.ICO 100%".
Does anyone know what I'm doing wrong?
Many thanks for your time!
A. J.
Click to expand...
Click to collapse
Hi
Maybe this warning is not a big deal, have you tried to install it by double clicking on the start.exe file ???
G.S./BigDede,
Thanks for the reply. I really appreciate it.
If I understand your recommendation, I don't think that gets me where I need to be. However, it could always be user error on my part.
When I try to "Setup" the file I downloaded (called "NSSPB.exe") from Symantec, a window comes up that contains a button that says "Install". However, after I click on it, it gets to a point in the installation process that shows "Extracting: SUPPORT\START.ICO 100%", and the process simply stops and a small window comes up that says: "Warning, one or more files skipped".
In essence, it appears I have recieved the entire 4.04 MB of program files I downloaded, but something goes askew when I try to extract/install them.
I'm stumped...
Thanks again, A.J.
I'll extract the files and will zip them for you.
Send me via PM your email adress so I can send you the zip file
Cheers
I've got two questions...
1- Is it convenient to use an antivirus program for my phone??
2- (Maybe this is a stupid question...) If I download an .APK file to my computer to copy it to my SD... Can it infect with some kind of virus my computer?? Even if I don't open it.
Many thanks
The only place i would trust enough to download an apk from is XDA. Anywhere else, it's a risk. Not so much that your PC will become infected but you may end up with malware on your phone.
I wouldn't bother with an antivirus app on your phone, but instead use some common sense about where you source your apps and how you use your phone in general. Prevention is better than cure!
1) No. It's highly unlikely that you'll get a virus on Android. The risk is slightly greater if you pirate apps, but that's what you deserve for stealing from developers. Antivirus programs are ineffective, use a lot of resources, and typically either spam you with ads, want you to pay a subscription, and/or send your personal information back to China. I don't trust them.
2) No. Viruses will only harm the OS that they were made for. A virus made for Windows cannot harm your Android phone, and a virus made for Android cannot harm your computer.
Don't pirate apps or download apps from shady places, and don't download an app from the Market with a small number of downloads and reviews and you'll be fine.
Sent from my Evo + MIUI using Tapatalk!
quite true. Antivirus on mobile phone is just a wasting of ram.
I switched to linux on all my computers to "avoid" viruses and have peace of mind. With my complete rom backups, do I need to have another memory hogging app (anti-virus) running in the background of my phone and tablet? I'm just really curious why it would be needed...
There are quite a few Anti Virus apps available, but I haven't heard of any Viruses!
Once there is confirmed news of a Virus attack on Android, I will install an app
No, anti-virus in not needed on Android. It is Linux-based and keeps apps running in their own sandbox. Just be careful about what apps you give superuser permissions (if you have your device rooted).
One possible area of concern may be when you do hook up your device with a Windows PC over USB, your SD card may get infected and in turn infect other PCs. But Windows viruses have no influence on your Android system itself.
You don't need an anti-virus application on Android. There are no viruses for Android (as of yet) that will infect your system without you explicitly giving it permission to do so. If you do not have a rooted device, the potential damage that can be caused by a malicious application is quite limited (but it could still run your phone bill up, for example). There have been some web scripts in the past that allowed access to your phone's SD card, but these security holes have been fixed in the latest builds of Android.
The best course of action is to be smart about what you install. Always look at the permissions that an application requests before you install it. There are also several permission managers available on the market. These applications require root access, and will block other applications in the system from being able to request certain intents (i.e. starting the camera, or phone)
workdowg said:
I switched to linux on all my computers to "avoid" viruses and have peace of mind. With my complete rom backups, do I need to have another memory hogging app (anti-virus) running in the background of my phone and tablet? I'm just really curious why it would be needed...
Click to expand...
Click to collapse
That topic comes up a lot, and is hotly debated. Here's one article that discusses the issue, and gives some advice:
Avoiding Malicious Apps
I have installed one..but never found a virus...so I think we don`t need it
definitely not needed.
yeah there is definitely no need for anti-virus.
but be cautious of some apps that install apps ads in your notification bar. it gets annoying.
Thanks all! I was certain that was going to be the consensus. In my "windows years", about 20, I never got anything more than some adware. Just need to be observant and wary. Some things that are "free" cost more in the end.
Hi,
I was looking for a smali to java converter and came across this thread: http://forum.xda-developers.com/showthread.php?t=2430413. I tried to use the app attached there (seems to have worked well for many other users).
Norton Anti-virus on my machine immediately blocked and deleted the .exe file - said it has WS.Reputation.1 worm.
I don't have privileges to update above thread, hence posting here if someone can help verify and remove the file.
Regards,
Anil.
hello,
I scanned the file in question and everything seems to be ok to me. Out of 51 different virus scanning tools only 1 came back with anything. It came up with a file called
Suspicious.Insight
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: http://www.clamav.net/index.php?s=pua&lang=en
Click to expand...
Click to collapse
I think norton thought the file was something that it is not. You can see the scan results in the link below
https://www.virustotal.com/en/file/...c835f477dd5a7dcef5ffde62/analysis/1411291539/
Thanks Mark, much appreciated. Seems Norton is a bit over-zealous on this one.
Hi there, I just have a quick question, if anybody could help me with this I'd be ever so grateful!
I was given a laptop today by somebody on Portland's Craigslist he gave it to me out of the kindness of his heart, wanted nothing in return,and to me that's not very common so I'm shocked and I Hate that I am, but I'm a little weary of it as well. How can I tell if this wonderful person possibly put some kind of hidden program or files or whatever to spy on me in any way? Whether it be for creepy reasons, monetary gain, or just monitoring in general, where would I look for files, or programs that could be a threat? Is there anyway to actually have these programs running and i not know about it? How can I be sure that he has no ties, no connection, nothing to do with this laptop anymore? Even remotely.....?
I need to be sure that my kids are gonna be safe using this laptop, how can I tell if there is Any invasion to our privacy?
I appreciate Any and All help I can get, I do know a little bit about this stuff but not nearly enough to be comfortable using it,
Thank you in advance
Which operating system is installed? The easiest way to be sure is just to format the hard drive and reload Windows...if Windows 10 is installed you can reset it quite easily through settings but if it's older then you'll need a disk or the installation files. If there's any sort of spy software installed it probably won't be obvious or show up as a program anyways.
I recommend a clean install of Windows 10 too. If that's not possible install Malwarebytes and ESET NOD32 antivirus free trial. Update both and do a full deep scan using both programs.
If it has malware or antivirus software already installed, uninstall it and get fresh versions above software. He may have white listed any malware/spyware he installed so when it scans, it won't show up in the detected list.
Also, I recommend a good firewall too. Personally, the built in Windows firewall lacks, but I'm a control freak.