Anti-Virus Protection Getting Worse?Heuristics in particular seeing detection drops... ( old news - 10:04AM Monday Dec 24 2007) tags: security · softwareThe same week Kaspersky anti-virus declared that Windows Explorer was a virus that needed to be quarantined, an upcoming report by a German computer magazine suggests that anti-virus effectiveness is down. According to analysis of the report by Heise Security, anti-virus programs are in particular getting worse at identifying and neutralizing new threats: For real protection, however, in view of the flood of new malware, the way these programs cope with new and completely unfamiliar attacks is more important. And that's where almost all of the products performed significantly worse than just a year ago. The typical recognition rates of their heuristics fell from approximately 40-50 per cent in the last test - at the beginning of 2007 - to a pitiful 20-30 per cent. Only NOD32, with 68 per cent, still delivered a good result, while BitDefender, with 41%, could be called satisfactory. Only some of that drop is because of more sophisticated attacks, the report states. Programs are also struggling to detect simple variants of existing viruses.
Related:- Wesley Clark: P2P a National Security Threat
- Hushmail Privacy Limits Revealed
- Verizon Security Service Doesn't Detect Partner Spyware?
- Vista SP1 May Be Available Tomorrow
- Microsoft: Many Users LIKE Spyware
- DNS Fix Knocks Zone Alarm Users Offline
- Update Your Browser, Dummy
- New Firefox Extension Thwarts MITM Attacks
|
page: 1 · 2  |
 
ztmike
1kwikgt
Premium
join:2001-08-02 | AVG I'm using AVG free edition
Is there something better out there thats free? | |
|  | 
backfeed
Some Feedback from
join:2002-12-16
Peru, IN | Re: AVG I Like AVG...Works for me!!... | |
| | | | | ltjordan
join:2001-12-02
Hyattsville, MD
| Re: AVG I can also vouch for Anti-Vir. I've been using it for years on my computer and on the computers of friends and family members. But in the end, it doesn't matter how good or bad, cheap or expensive, your anti-virus software is, it really all depends on the user. Just be careful of what programs you open on your computer and what websites you visit. | |
| | cbiggers
join:2000-08-10
San Luis Obispo, CA
clubs: 
| said by ztmike  :I'm using AVG free edition Is there something better out there thats free? AVG is all around very good for a free product. However, the best way to protect yourself from a virus is still the same as it was 10 years ago. Avoid the situation in the first place. Don't open unfamiliar emails, use SBL's in your email, and use DNS blocking/filtering like the Netcraft toolbar or OpenDNS. Don't go looking for cracks on shady websites. Then for the random time you DO encounter a virus, chances are it's something mundane your anti virus or spyware program will pick up. It's really that simple. | |
| | | 
tc1uscg
join:2005-03-09
Saint Clair Shores, MI
 ·Comcast
·WOW Internet and C..
 ·VoiceEclipse
edit:
December 24th, @02:44PM
| Re: AVG said by cbiggers :said by ztmike :I'm using AVG free edition Is there something better out there thats free? AVG is all around very good for a free product. However, the best way to protect yourself from a virus is still the same as it was 10 years ago. Avoid the situation in the first place. Don't open unfamiliar emails, use SBL's in your email, and use DNS blocking/filtering like the Netcraft toolbar or OpenDNS. Don't go looking for cracks on shady websites. Then for the random time you DO encounter a virus, chances are it's something mundane your anti virus or spyware program will pick up. It's really that simple. I agree. I hardly use/turn on my PC anymore..  That's a sure way to stay safe.  Now, to be realistic, the majority of users don't have a clue to what your talking about. They come home with a new PC. Almost unable to hook it up and not willing to pay some moron in a white shirt and tie to do it for 100 bucks, they start surfing away. When I get called about a PC running slow from family or a friend, first thing I due is run CLEANUP!. I want to see just what I'm walking into. It amazes me how a PC that's 3 months old can have over a gig of junk from a normal user. So, there will be people willing to shell out 30 or 60 bucks for a suite and feel they are safe and most do a good job keeping them safe if set up correctly. Nothing wrong with that. But, if Symantec, Zonelabs (owned by someone else who will no doubt screw it up) and Mcrappies are failing the grade. Maybe it's time to shut the box of chips down and take the family out to a movie instead of surfing porn.  | |
| | | | NgtFlyer
join:2000-07-09
Marietta, GA
·Speakeasy
| Re: AVG This is a big reason why laptops are outselling desktops these days. No cables other than the power cord to connect up. Many of these same people buy a router and become an instant member of what is known as the "Linksys community network".. or the Default community network..  | |
| | | | | bjbrock
join:2002-10-28
Mcalester, OK
| Re: AVG I've had AVG find viruses Avast, Nortons and McAfee's all have missed.
When repairing customers PC's, the first thing I do is uninstall their current AV and install AVG. If it's a business machine I make them pay for it. AVG has found viruses left behind by most other AV's. Avast is probably the worst. | |
| | | | 
Bluethunder
Thunder PC
join:1999-12-05
Duncan, SC
 ·PHONE POWER
·ViaTalk
·AT&T Southeast
·Charter Pipeline
edit:
December 25th, @11:29AM
| Re: AVG said by bjbrock :I've had AVG find viruses Avast, Nortons and McAfee's all have missed. When repairing customers PC's, the first thing I do is uninstall their current AV and install AVG. If it's a business machine I make them pay for it. AVG has found viruses left behind by most other AV's. Avast is probably the worst. Odd ... I have had the exact opposite experience. I never uninstall their current AV and replace it with Avast without their permission, unless it is another free AV (especially AVG). I will, however, use Avast's boot time scan to clean up what others have missed, even if I leave their current one on the system. Besides the poor detection rate, the lack of a boot time scanner (BIG negative) or the ability to disinfect nested archives keeps me away from AVG. The lack of a boot time scanner alone makes AVG useless in cleaning many strains. There are some viruses that simply cannot be cleaned from within the windows environment.
AVG is actually the worst in most tests (such as this: »wiki.castlecops.com/AntiVirus_Comparison ). I have yet to use AntiVir, so can't vouch for it, but it appears in that test to be the best of the three. My main reason for excluding it is it's lack of a boot scanner. For me and my clients, I will stick with what I know works, and stay away from what I have seen has problems (and lacks needed functionality to fully clean the system).
»www.consumersearch.com/www/softw···iew.html
»www.jhoodsoft.org/av.html | |
| | | | | 
eedwfe
@sbcglobal.net | Re: AVG Avast can't even do autoscheduling. (I wouldn't use any antivirus that can't do that) | |
| | | | | | 
BinaryXtreme
join:2004-04-20
Sparks, NV | Re: AVG I've been using AVG for years now and love it. | |
| | | | | | | | | | hammerz
Premium
join:2000-10-16
Taiwan
| Many of the latest reviews give BitDefender the edge these days...and they have a free version. I'm actually using a trial of the paid version right now while I try to make up my mind which way to go. I think I like BDAV very much! And the paid version can be found for less than US$25. It has added protection (real time scanning of files and internet access) that the free version lacks. AVG was pretty far down on the list...like 9th out of 10 top choices, but it was still very good. Another thing I think I'm liking about BDAV is that is has a SUPER small CPU and resource footprint-- which is the reason I just dumped Zonealarm Security Suite. I now use a combination of my router's firewall, Windows Defender, BitDefender, Advanced Windows Protection Pro and Secunia PSI. Oh, yeah, and OpenDNS and Calling ID Link Advisor.
--
Hammerz | |
| 
TK Junk Mail
Go ahead, make my day
Premium
join:2002-03-03
Margate City, NJ
clubs:
·Comcast
edit:
December 24th, @10:29AM
|  Good article on WHY getting harder to fight malware
For the first time in the history of the Internet we are seeing the establishment of a "virtual" mafia of organized criminals taking advantage of the anonymous nature of the Internet. The unsettling reality is that in today's world the rate of infected users is occurring faster and in greater volume than traditional security companies can detect and respond to. According to the recent quarterly report provided by PandaLabs, the predominant category of malware detected is Trojans (over 75 percent). Trojans are comprised of password stealers, worms, banker Trojans, and various other forms of malicious code. 
The study focused on two very real populations: 1.5 million consumers; and another study against 2,000+ companies. The end result was an astonishing rate of infection - and even though both groups believed they were protected - consumers experienced a 22 percent active infection rate and even more astonishing, 72 percent of those on the corporate side were infected. The malware landscape has changed so quickly that many consumers and companies alike are only just now realizing that the security measures of the past are no longer effective against the new and emerging breed of highly sophisticated malware. Research indicates that the percentage of networks that are infected is much larger than perceived, and certainly far greater than acceptable.
And another good article on this here:
»www.f-secure.com/2007/2/
--
Internet News
My BLOG
My Web Page
| |
| | pepperxn
join:2001-02-21
| Re: Good article on WHY getting harder to fight malware And once the security companies come up with something that is (more) effective, the malware criminal organizations will then just attack the company's site. This has happened with antispam sites.
Maybe we'll see security companies teaming up to help each other. Could we see this resulting in mergers?
If the security software gets too complex, most people wouldn't know what to do. So they could possibly click the wrong choice, which could harm their PC. | |
| | 
wruckman
Ruckman.net
join:2007-10-25
Northwood, OH
·RoadRunner Cable
| Free vs pay The problem is that everyone expects perfect protection for free and that just doesn't happen. These people are in business. They need to make money off their products. Free is fine for a little protection. But you don't need any virus protection if you just use a little common computing sense. But unfortunately it isn't as common as common would imply. Most people are just ignorant of their usage habbits. They treat them the same as their sexual habits. No wonder why there are so many STDs for computers these days. Using sheep skin instead of latex it would seem.
--
William Ruckman
»ruckman.net | |
| | BF69
join:2004-07-28
Camden, TN
| Re: Free vs pay said by wruckman :The problem is that everyone expects perfect protection for free and that just doesn't happen. No shit. What's with this welfare attitude? People spend hundreds if not over $1000 on a computer and are too cheap to spend $40 or $50 for protection? | |
| | | 
sbrook
Premium,Mod
join:2001-12-14
H0H 0H0
·Rogers Hi-Speed
Host:
Rogers
Bell Canada
| Re: Free vs pay I've used pay and free ones. To be honest, there's so little between them apart from promotion.
The two big guys advertise and promote their products big time. It's costly. They also distribute through stores .. costly, and they maintain a well published web library of threats. These are things you don't get from freebies.
I use one of the lesser "big guys" ... CA and am now on their 3rd incarnation. Originally free, it started charging, then changed to eTrust EZ Antivirus. I liked it because it had a small footprint, but with eTrust, it grew to be significant... not as polluting to my system as Norton or McAfee, but not what it was. Then they added it to a suite and it started on the trip to just being bloatware. Then they changed to CA Security Suite when it headed to real annoying bloatware with imposing overlay windows. The AV itself has a small footprint, but started interfering with email programs. I'll dump it as soon as my current subscription dies.
I don't see a lot of difference between the freebies and the pay ones. Why spend $40 or $50 + annual charges for bloatware and a huge operating footprint when you can get the same kind of protection for free? | |
| | | | | 
JoeG4
join:2001-12-16
945941 | Re: Free vs pay Windows explorer a virus? Kaspersky sounds really damn accurate to me! 
(I kid, I kid!) | |
| 
Morac
join:2001-08-30
Riverside, NJ
·Comcast
| Sometimes I wonder why we even use AV products I've basically used Norton for the last 10+ years (yes I'm masochistic ) and in that time frame the only virus Norton reported was Second Life (false positive obviously). Other than that there have been no viruses on my machine, mainly because I don't download and run every program and mail attachment out there.
Actually the only program I've experience on my machine that displays virus like tendencies is Norton itself when it slows down my machine or causes other program that access the Internet to hang.
Add to this the new study that says AV programs don't work all that well and I sometimes I wonder why I bother at all since all it takes is one virus to slip through.
I will mention that I don't run any AV program on an old machine of mine, but then I only use it maybe an hour a month (to upgrade Windows). It runs really fast.
--
The Comcast Disney Avatar has been retired. | |
| | | | |
Morac
join:2001-08-30
Riverside, NJ
·Comcast
| Re: Sometimes I wonder why we even use AV products Well I do think some people need AV software. For example the guy who came to me for help because his machine wasn't working after he installed an AV program. The reason it stopped working was because nearly every file on his system was infected with multiple virii. One of the virii changed the Windows registry so that it ran the virii any time an .exe or .com file was executed. The AV program wiped the virus which basically made the computer unusable.
I asked the guy how he managed to get so many virii on his machine and he said he downloads pirated software from bitTorrent and other file sharing networks. This is a person who needed a AV program (though installed it to late).
For the average user, they most likely would never need a AV program. I think of AV programs like buying insurance. Chances are you'll never use it, but it's nice to know it's there. Of course with AV programs, if they don't work then you're not really insured are you.
--
The Comcast Disney Avatar has been retired. | |
| | | 
corey389
join:2001-06-17
Newport, RI
| Re: avast Home(FREE) here why do some people say i never had *NO* infections - EVER i seen avast, nod32, Kaspersky and the worst norton and mcafee all miss virus you can not trust any single av out there but some are better than others if you are going to put your full trust in to a av i say that is just stupid if you secure windows you could even get away with no av and if you had windows secured windows right you would not have to perform weekly spyware scans spyware should not even have a chance to install | |
| | | 
dadkins
Living on a Blu Planet
Premium,MVM
join:2003-09-26
Hercules, CA
·Comcast
| Re: avast Home(FREE) here Re-read my post friend! I stated that I double and triple check my machine regularly.
I don't trust anything! Period!
Spyware is also a non-issue here - I run my various scanners for entertainment - all that is ever found. by any scanner, is cookies!
Cookies are irrelevant!
So yeah, I can say that I have never been infected... YMMV. 
--
Think outside the Fox... Opera | |
| | | | 
JokerCPoC
join:2005-11-21
Yermo, CA
·Verizon west (ex G..
·RoadRunner Cable
edit:
December 24th, @02:00PM
| Re: avast Home(FREE) here said by dadkins :Re-read my post friend! I stated that I double and triple check my machine regularly. I don't trust anything! Period! Spyware is also a non-issue here - I run my various scanners for entertainment - all that is ever found. by any scanner, is cookies! Cookies are irrelevant! So yeah, I can say that I have never been infected... YMMV. I get rid of tracking cookies as they tend drag My cpus performance down, Otherwise I'm like You, I don't get infected, Of course I don't go to porn sites as I'm My income is very low. And Yes I use Avast under XP x64, With AVG one has to pay for that software, Free is better when It works.
--
(25.92GHz crunching for SETI with the PC Perspective Killer Frogs) | |
| | | | | 
tcp1
Premium
join:2000-04-17
Herndon, VA
 ·T-Mobile US
·Sprint Mobile Broa..
·ViaTalk
 ·Bandwidth.com
·Vonage
·Cox HSI
edit:
December 24th, @02:13PM
| Re: avast Home(FREE) here said by JokerCPoC :I get rid of tracking cookies as they tend drag My cpus performance down, Otherwise I'm like You, I don't get infected, Of course I don't go to porn sites as I'm My income is very low. And Yes I use Avast under XP x64, With AVG one has to pay for that software, Free is better when It works. Not to say tracking cookies are good, but how exactly do they slow your CPU down?
The browser looks up a cookie by the corresponding domain name in an index. This is hopefully an almost instantaneous search (unless MS and Mozilla are idiots), probably in a binary tree, at most converging to almost an O(logN) operation. Often the index itself, which is only a few KB, is in memory for this search. The cookie itself is a small text file with a few name value pairs; if anything, a fraction of a fraction of a percent of your page load and rendering time.
Again, tracking cookies aren't "good" (yet they aren't as insidious as most folks believe) - but unless you're running a pentium 133 or something, they're not "slowing down your CPU."
I guess my problem is all the "urban myths" which pervade this topic.. | |
| | | | | | 
root9
join:2005-04-08
Kitchener, ON
·Bell Sympatico
| Re: avast Home(FREE) here Whole puter is slowed when anti-virus or security has to check memory, text file of cookie [which can take a long time due to code in the cookie] and any related files referenced with page being accessed
Then we have cookies who reference other cookies to boot
Some pages use up to 60 cookies
Try using opera browser or mozilla with privacy plugins and watch your speeds drop
Using IE is just outright foolish
Some cookies are malformed and may even lock up your browser if they don't get their information from your OS | |
| | | | |
dadkins
Living on a Blu Planet
Premium,MVM
join:2003-09-26
Hercules, CA | Thank you Joker! | |
| | | | |
dadkins
Living on a Blu Planet
Premium,MVM
join:2003-09-26
Hercules, CA
·Comcast
| Re: avast Home(FREE) here said by lilhurricane :Confirmed. ..and thanks SWGP Daddy-O Anytime lil, anytime!
--
Think outside the Fox... Opera | |
| |
tcp1
Premium
join:2000-04-17
Herndon, VA
·T-Mobile US
·Sprint Mobile Broa..
·ViaTalk
·Bandwidth.com
·Vonage
·Cox HSI
| Exactly, Dadkins - because it's not as easy to get an infection as so many people like to believe.
If you're relatively recently patched as far as your OS and browser is concerned, and you don't go running completely unknown renegade EXE files and installing ActiveX controls, your chances, believe it or not, are actually pretty damn slim.
Viruses don't come with shareware, freeware, mp3s, or even most porn sites. "Warez" do not generally contain viruses.
Most infections nowadays are of the spam zombie variety, and come from people running a long-unpatched OS. Generally speaking, if those folks aren't updating their OS, they're not running a current AV either, so it really doesn't matter. | |
| | |
dadkins
Living on a Blu Planet
Premium,MVM
join:2003-09-26
Hercules, CA | Re: avast Home(FREE) here Thank you tcp1!
Exactly! | |
| 
DotMac
Shill H8r
Premium
join:2007-10-26
Huntington Beach, CA
edit:
December 24th, @11:48AM
| No anti-virus software can protect a system from an idiot Even basic precautions on the part of a user can avoid a majority of these problems with AVware picking up the last bit.
The problem isn't AV software getting worse, or malware creators getting better. The problem will always be the idiot in front of the screen who will open every friggin' app that comes from a Sexy Teen Near You or run every keygen they come across.
People are dumb and even HAL9000 can't save them from themselves.
said by UAC :
Open hot sexy picture from polish girl who love anal? Cancel or Allow?
said by Problem :
By all means, ALLOW!
--
"When fascism comes it will be wrapped in a flag and carrying a cross." -Ron Paul
»www.ronpaul2008.com/
| |
| |
See 7 replies to this post | |
pat_lc2000
join:2006-02-04
Ottawa, ON | Virus I have had one virus since I got my new laptop about 2 years ago now. So I guess I do things right. | |
| 
puffedmom
join:2007-03-03
Erie, PA
·RoadRunner Cable
edit:
December 24th, @12:19PM
| I use no AV=No Virus for me I do everything Possible on my computer and don't get anything...I just don't see how people get all of this junk on theres if they only surf the internet and look at buying stuff and go on you tube etc...I just use NOD32 on my parents computer and they have not gotten one virus in 1 1/2 year...I format my hd every month or 2 so I don't have to worry about it | |
| |
root9
join:2005-04-08
Kitchener, ON
·Bell Sympatico
| Re: I use no AV=No Virus for me If you don't use AV then you don't know if you have any, do you? :P
If you use Microcrap [microsoft] and I tested your system I bet I'd find all kinds of virii and error code. Doesn't matter if you format your box / HD every month or not. MS OS comes with spy code pre-installed. One week [even one day] on net and you are infected. ROLF | |
| 
jgkolt
Premium
join:2004-02-21
Lakewood, OH
clubs: | how about this Go run as a limited user to limit your admin install time, install a mac, scan regularly
--
3 free for you/3 free for me: Free Stock Trades : PM Me | |
| 
Hambone
Hambone
join:2007-08-11
North Hollywood, CA | NOD32 - 68% I luv NOD32. It's effective and it does not load down your confuser like the others do. The major brands will be copying the Eset ingenuity, so expect general improvements in the future.
Merry Christmas everyone! | |
| | 
aaron8301
I can't get myself to go away.
join:2005-01-03
Clarkston, WA
·CableOne
| Re: NOD32 - 68% said by Hambone : it does not load down your confuser... I like that term! ;D | |
| jbailo
join:2004-03-07
Kent, WA | Best Virus Protection Overall
Upgrade to Linux. | |
| |
tcp1
Premium
join:2000-04-17
Herndon, VA | Re: Best Virus Protection Overall Oh for christ's sake, can we have one thread here without someone digging up this tired old joke?
"Install Firefox / Linux / Get A Mac. Problem Solved." is not clever, funny, practical, nor correct. | |
| | | 
page_fault
Premium
join:2003-11-12
Markham, ON
·Bell Sympatico
| Re: Best Virus Protection Overall said by tcp1 :Oh for christ's sake, can we have one thread here without someone digging up this tired old joke? "Install Firefox / Linux / Get A Mac. Problem Solved." is not clever, funny, practical, nor correct. Macs are no longer a secure platform. Popularity == more exploits.
»www.pcworld.com/article/id,14089···cle.html | |
| | CWO333
join:2005-02-24
Chicago, IL
| Once everyone "upgrades" to Linux, all the problems will also upgrade to Linux. I can almost use the term, "Make something idiot-proof and the world will create a bigger idiot." and apply this in the same way. Make an operating system or program that seems a lot more secure and the world will create a lot more or a lot bigger security problems. | |
| | | Lazlow
join:2006-08-07
Saint Louis, MO
edit:
December 25th, @01:51AM
| Re: Best Virus Protection Overall Last I heard there were only a hand full of viri for Linux in existence and none in the wild. The structure of Linux is such that a virus could only effect the user space of the account that caught the virus(assuming the users was not being a total idiot and running as root). Isolating the viri like this limits the amount of damage that it can do and greatly simplifies its removal.
Oh and for those that say nobody is really using Linux, you should look at the servers that are running out on the net (can you say Google). So the people who write viri are very interested in Linux, just not successful so far. | |
| | | |
root9
join:2005-04-08
Kitchener, ON
·Bell Sympatico
| Re: Best Virus Protection Overall I have a Unix/Linux system that's been active and on net for over 15 yrs and it hasn't crashed, got infected or been nuked. Even with major attacks against it
Moved it from box to box, upgraded it to present standards, tried to kill it and it still keeps running great.
Look and learn:
»en.wikipedia.org/wiki/Virus_statistics
go figure, ROFL | |
| 
N O Y B
St. John 3.16
join:2005-12-15
Forest Grove, OR
 ·Verizon FIOS
·Comcast
| A Couple Points1) All you who insist you have never had a virus or just one, two, etc. do not really know this to be fact. All you really know is how many viruses have been detected. You could be infected right now and not know. Furthermore you all know the cliche, "you get what you pay for". Depending freeware anti-virus products and claiming no infections is not very credible.
2) What would go a long ways to improve security / protection would be for Comcast and the other cable broadband ISPs to provide a router/NAT like most DSL and Fiber based services do, instead of the default being to connect customers computers directly. Sure, if you are here reading this you do not need that hand holding, but you are a very small minority. The vast majoring of cable HIS subscribers are connected directly with either no 'firewall' or at best the Windows default software firewall and they have not even an inkling of a clue. I commend Verizon Online FiOS for providing a router/NAT with 'good' default configuration.
Been running McAfee VirusScan Enterprise Workstation for years in both large corporate environment and personal use. Can not recall the last time a virus was detected. Usually happens though when someone in the corporate environment gets infected and starts spreading it around.
--
Be a Good Netizen - Read, Know & Honor Your ISP Terms of Service
Comcast: »www.comcast.net/terms/index.jsp
Verizon: »onlinehelp.verizon.net/consumer/···0707.pdf | |
| | |
|
|
