Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Top Anti-virus fail miserably in basic security test


  • Please log in to reply
5 replies to this topic

#1 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 12,704 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:05:14 PM

Posted 22 August 2015 - 05:50 PM

 

We install antivirus software on our PCs and laptops based on its reputation. For reputation we normally trust the reviews and ratings given for that particular antivirus software.

Redditor, man_on_the_train went a little further and devised his own tests to find out how the Antivirus softwares fare. He tested the most popular security software using Matousec’s SSTS, CLT and his own keylogger software.

Man_on_the_train found that almost all top names in antivirus softwares failed in his test save SpyShelter Firewall 10.0 which passed all his tests with a score of 99%. Incidentally, SpyShelter is not a full blown antivirus. Its more of a Firewall which doubles up as AV. Man_on_the_train found that only SpyShelter passed Matousec’s SSTS, CLT and his own keylogger software tests.

http://www.techworm.net/2015/08/top-anti-virus-avast-mcafee-norton-avira-kaspersky-bitdefender-security-tests.html



BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,126 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:14 AM

Posted 22 August 2015 - 06:10 PM

One reason for Redditor's conclusion is that each antivirus failed because...

It does not protect against executing malicious code through Task Scheduler.


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:08:14 AM

Posted 22 August 2015 - 06:20 PM

Some of the commenters recommended using just Malwarebytes instead of an AV :blink:

#4 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,785 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:05:14 PM

Posted 22 August 2015 - 08:42 PM

quiteman7....would AV programs ...

 

Untitledhh.png

 

....normally be expected to protect against executing malicious code through Task Scheduler ?


Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

 

Microsoft gives you Windows, Linux gives you the whole house...

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,126 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:14 AM

Posted 23 August 2015 - 06:05 AM

According to the testing, apparently not. Antivirus should be catching the malware before it gets a chance to use the Windows Task Scheduler unless you're dealing with zero-day malware.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 rp88

rp88

  • Members
  • 2,967 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:14 AM

Posted 25 August 2015 - 10:48 AM

As for zero day malware, best to block it before it can get as far as the stage where an antivirus would be involved. Using a script blocker and an antiexploit program should make drive-by infections impossible, then you only have to worry about infections coming from files you deliberately download and run. Antiviruses have almost never been able to protect againts zero-day attacks, because new malware won't be in their blacklists of dangerous programs, but blocking of scripts and an antiexploit program can act to make sure that infection by drive-by is impossible by blocking everything you do not allow (whitelisting rather than blacklisting). You still need an antivirus alongside your script blocker and anti-exploit program to offer a further back line of defence (the keep of your castle, the script blocker is the moat, the antiexploit program is the curtain wall) and to scan files you download before you open those.
Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users