Are virusscanners really this bad? shocking results

Discussion in 'Security and Anti-Virus Software' started by Phil, Sep 18, 2007.

Thread Status:
Not open for further replies.
  1. Phil

    Phil Retired

    Reputations:
    4,415
    Messages:
    17,039
    Likes Received:
    0
    Trophy Points:
    455
    Seeing is believing.

    Do you have experience with their whole security suite? Sofar I've only tested their Antvirus product.

    Edit: I see the Internet security suite only adds 'built-in personal firewall and antispam filter' so it's not that interesting to me.
     
  2. AKAJohnDoe

    AKAJohnDoe Mime with Tourette's

    Reputations:
    1,163
    Messages:
    3,017
    Likes Received:
    0
    Trophy Points:
    105
    LOL! With a title of Are virusscanners really this bad? shocking results it has all the hallmarks of a supermarket tabloid. I keep waiting for the page three girl to show up.
     
  3. j0rdy

    j0rdy Notebook Consultant

    Reputations:
    4
    Messages:
    206
    Likes Received:
    0
    Trophy Points:
    30

    I've only bought the whole suite in the past, plus at a literal couple dollars more - who wouldn't?


    If you can, I WOULd just buy the Kaspersky Internet Security OEM from nicx.com :) - it's a good deal at under $30 I think :)


    - Jordan


    P.S. You can choose not to install certain aspects of the entire suite if you like - down to even the included modules :p

    Install the whole thing and see what's useful to you and not :)
     
  4. Tranquility

    Tranquility Notebook Consultant

    Reputations:
    80
    Messages:
    227
    Likes Received:
    0
    Trophy Points:
    30
    In all fairness I find the results pretty shocking too. Perhaps I'm a little niave, but I would expect antivirus software to stop viruses rather than failing and having the viruses turn around disable them. :D Pretty shocking. I probably am niave, but I'm surprised nonetheless.
     
  5. Phil

    Phil Retired

    Reputations:
    4,415
    Messages:
    17,039
    Likes Received:
    0
    Trophy Points:
    455
    I agree with you on that on. I wrote that to get attention. And I meant every letter of it.

    I was personally shocked by how easily easily Norton, Avast, NOD32 were disabled by the virus. Not only were they disabled, their installation also got messed up, preventing them from ever running again.

    In my subjective opinion that is really bad performance for security software.

    I believe many people would be shocked if they knew this.
     
  6. kmwalkley

    kmwalkley Notebook Consultant

    Reputations:
    8
    Messages:
    108
    Likes Received:
    0
    Trophy Points:
    30
    PhilFlow, I have not heard anything back from US-CERT yet on this virus, but it could take a bit. Have you really found anything that prevents this thing from corrupting your system yet?
     
  7. Phil

    Phil Retired

    Reputations:
    4,415
    Messages:
    17,039
    Likes Received:
    0
    Trophy Points:
    455
    Absolutely.

    First: Most important recommendation came from swarmer: if you run a possibly suspicious file, or if you're doing anything possibly dangerous, do it from a limited user account. The basic useraccount setting in XP is administrator account, which is very dangerous for this.

    I ran this file from a limited user account with a free virus scanner installed and not much happened (once with Avast, another time with Antivirus PE).

    Second: jordy and some other people recommended Kaspersky. I ran the infected file in administrator account with Kapsersky installed. Kapsersky effectively blocked 7 out of 8 attacks. One action of the malicious file slipped through. This was however not a critical one, it seemed.

    Based on this little test, Kaspersky came out best for two reasons.
    - The system kept running at the same pace, without any problems.
    - The installation of Kaspersky itself kept working 100% perfect.

    None of the other scanners i tested did those two things. Someone told me that McAfee Enterpise is also able to block the virus, I don't know if this is true, I only tested McAfee AV that failed.

    Also I gave an honorable mention to Spywareterminator. Not for cleaning the system nor for preventing infection. The only thing I liked was that it was actually aware of bad things happening and telling me with several alerts. In this way (are you reading John ;) ) it did better than the other spyware apps i tested that had no clue of anything going on.

    Another thing I learned is the immense value of keeping images. I use Acronis True Image and it lets me restore my whole system within 15 minutes. With this new experience I will make images much more often.

    And what's funny for me, since I am no big fan of Vista, I was always complaining about the huge amount of clicks that are necessary in Vista to install stuff, and change settings. I now understand why this is, and I will appreciate Vista more.

    I may be able to run another test. If anyone has some suggestion on what application to test I might give it a go. I am considering ZoneAlarm Anti-Spyware or Spyware blaster.
     
  8. lsmech

    lsmech Newbie

    Reputations:
    0
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    5
    To the person who said its a virut:

    Did it infect .exe files?

    I had a virut infection on one of my machines very recently. I was using nod32 on that comp and nod32 itself got infected. So I just wanted to know if its the same thing and if kaspersky AV stopped it then i could start feeling comfortable again having installed escan instead of nod32 because escan has the kaspersky AV engine.

    Can someone run the test on escan and post back here on how escan fared against this virus?

    I posted on nod32's forum abt the virus that i got.

    Code:
    http://www.wilderssecurity.com/showthread.php?p=1078713 
     
  9. Phil

    Phil Retired

    Reputations:
    4,415
    Messages:
    17,039
    Likes Received:
    0
    Trophy Points:
    455
    yes, it did.

    (ps. i think win32/Virut.A was the name or something like that)

    This sounds very similar.
    If escan is as good as Kaspersky then you are safe for this one i think.

    On top of that, Kaspersky lets you install a password, i think it would be even safer.
    Maybe someone else will, i won't be doing this because I am not so interested in escan.
    But you could do it too, if you just make an image of your harddrive you can start testing yourself.
     
  10. kmwalkley

    kmwalkley Notebook Consultant

    Reputations:
    8
    Messages:
    108
    Likes Received:
    0
    Trophy Points:
    30
    Like PhilFlow had stated, Acronis True Image is a great program and saves you from losing all of your important data. I have used it for a couple of years now and it has saved me a few times.
     
Loading...
Similar Threads - virusscanners really shocking
  1. vahdyx
    Replies:
    3
    Views:
    550
Thread Status:
Not open for further replies.

Share This Page