Slashdot Mirror

← Back to Stories (view on slashdot.org)

Test of 16 Anti-Virus Products Says None Rates "Very Good"

Posted by timothy on from the keeps-the-av-people-in-business-though dept.

An anonymous reader writes "AV-Comparative recently released the results of a malware removal test in which they evaluated 16 anti-virus software solutions. The test focused only on the malware removal/cleaning capabilities, therefore all the samples used were ones that the tested anti-virus products were able to detect. The main question was if the products were able to successfully remove malware from an already infected/compromised system. None of the products performed at a level of 'very good' in malware removal or removal of leftovers, based on those 10 samples."

3 of 344 comments (clear)

  1. No Joke by Das+Auge · · Score: 5, Interesting

    I've been working in the on-site support field for over a decade. I've seen the viruses get nastier and nastier.

    It used to be that the virus got a hold of the system, maybe did a little damage or had a little fun. Sometimes it was pretty funny. Such as screwing with the mouse.

    Then things started to get a little more serious. The virus would insinuate itself into the system folder and maybe IE. They stated doing tasks. Thus rose the botnets.

    Then it became big business for people. The spreading of spam and fake anti-virus (that wanted you to purchase the "full version" so that you'd get rid of the virus they said you had) was the order of the day. They started blocking access to the run box, the task manager, and sites that might be able to help you (online virus scanners). They started killing the AV programs. They also replaced the explorer.exe and iexplore.exe files. Hell, they even go after Firefox, Chorme, and Opera.

    They really get their hooks into in and don't want to let go because it means money. Big money. So I'm not surprised that AV programs are having a tough time getting rid of them. It hasn't been kiddies out for fun for a long time. Now it's all about professional programmers out to make an ill gotten buck.

    1. Re:No Joke by d3ac0n · · Score: 5, Interesting

      Ain't that the truth.

      The kicker? Most of the infections I deal with on a regular basis are coming from AD BANNERS. I have literally had people get a brand new machine, sit down at it, open IE8 and browse to one of the major sports news sites (ESPN, TSN, MLB, NFL, etc.) and get IMMEDIATELY infected by a banner ad!

      There are few things worse than giving someone a brand new machine, and before you've even been able to get back to your cube and sit down your BB is buzzing and you are being told to get back there because they have a virus! ARGH!

      Honestly, it's gotten so bad that with most of the fake AV viruses we just freaking wipe the stupid PC immediately. Format and re-image and done. It's faster and easier.

      --
      Official Heretic from the "Church of Global Warming". Proven right thanks to whistle blowers. AGW = Flat Earth Theory
  2. Re:Security... by TheLink · · Score: 4, Interesting

    Most popular operating systems can be analogous to a house with locks and a separate room for "maintenance personnel only" that's locked, and your personal room with a door and lock too (there may be similar rooms of other people with corresponding doors and locks).

    The trouble is when you invite a guest into your house, there is no guest room that _you_ can easily use, so you have to invite him into your personal room. The design of the house is such that you cannot usefully interact with the guest while the guest is in a different room from you.

    This means he has full access to your personal room. The geeks who don't understand the real world will say "Ah, but OS XYZ is secure because the "maintenance personnel only" room is locked and unaccessible". But who the fuck cares? You keep most of your stuff and valuables in your personal room! Insurance can take care of recreating the maintenance room stuff - not hard since the stuff in there is the same for every house of that model. They'll never be able recreate your personal documents.

    This is changing a bit with Vista and Windows 7, but it's still not good enough IMO. As for Linux, I don't see much help with what I'm talking about for the average desktop user yet. Apparmor is not "desktop ready" yet, and SELinux is barely even ready for average admins.

    This test of AV products is like inviting a crook/spy into your whole house, closing your eyes and letting him mess it up (plant bugs if he wants etc), and then get someone to try to clean everything up and restore stuff back to what it was.

    Yes it can be done in many cases. But it's foolish to expect the clean up to be 100% in all cases.

    If you really want to do that, you use a special house. Then you invite the crook into that special house. Then when he's done, you press a button and the house reverts back to its original state.

    --