Detection vs. Removal

Duis mollis, est non commodo luctus, nisi erat porttitor ligula, eget lacinia odio sem nec elit. Sed posuere consectetur est at lobortis. Vestibulum id ligula porta felis euismod semper. Donec ullamcorper nulla non metus auctor fringilla. Aenean lacinia bibendum nulla sed consectetur. Cras justo odio, dapibus ac facilisis in, egestas eget quam. Cras mattis consectetur purus sit amet fermentum. Morbi leo risus, porta ac consectetur ac, vestibulum at eros. Sed posuere consectetur est at lobortis. Etiam porta sem malesuada magna mollis euismod. Cum sociis natoque penatibus et magnis dis parturient montes, nascetur ridiculus mus. Duis mollis, est non commodo luctus, nisi erat porttitor ligula, eget lacinia odio sem nec elit. Cras justo odio, dapibus ac facilisis in, egestas eget quam. Aenean eu leo quam. Pellentesque ornare sem lacinia quam venenatis vestibulum. Curabitur blandit tempus porttitor. Sed posuere consectetur est at lobortis.

I had Kaspersky for many years. I never had a problem removing anything it detected. There was the annoying performance loss.

Message Edited by ModdTaco on 10-10-2008 05:57 PM

1 Like

+1 Taco…I have tried several versions of KAV. It s a great av but it always slowed your pc down. Especially browsing. I even tried KAV 2009 and it was still slow. Updates were only at 10/KB/sec. Updates took minutres  instead of seconds. NOD32 was the best for updating. It updated as quick as you could blink.

Yay.. I got a +1!

 

Ya I loved NOD32 but my licence expired. So thats when I decided to give Norton a try.

I’ve been going to av-comparatives for some time. I’ve never seen that they test how good an AV is at removal.  I know they test detection. Where are their removal tests located at.

These days most vendors are good. Only some are a bit better. Kaspersky is good, NOD32 was good and is doing a bit less these days. Symantec has grown. Esepcially in detection.

I for one think that removal is more important . Besides that I think IDS or ways of pre detection will be more important


Dieselman743 wrote:
If you go to AV Comparitives you will see who is the best of the best. Avira is the best of course in detection and removal. Norton scores a 99% effectiness.

What is effectivness? Detection, Removal, or both? 


Dieselman743 wrote:
+1 Taco..........I have tried several versions of KAV. It s a great av but it always slowed your pc down. Especially browsing. I even tried KAV 2009 and it was still slow. Updates were only at 10/KB/sec. Updates took minutres  instead of seconds. NOD32 was the best for updating. It updated as quick as you could blink.

And Kaspersky said that Kaspersky 2009 was 7 times faster than previous editions....just imagine.


Stu wrote:

These days most vendors are good. Only some are a bit better. Kaspersky is good, NOD32 was good and is doing a bit less these days. Symantec has grown. Esepcially in detection.

I for one think that removal is more important . Besides that I think IDS or ways of pre detection will be more important


Exactly. It is nice knowing that there is malware on your system, but it is best if you knew that your antivirus will actually remove them. I tried Windows Live OneCare, for a day, on a badly infected system, and it caused several rundll errors on startrup, left the annoying desktop background unchanged, and several extra processes still showed up in Task Manager.

 

Microsoft said that soon every AV will be catching up with them. Not unless they accuire Symantec. 


Stu wrote:

These days most vendors are good. Only some are a bit better. Kaspersky is good, NOD32 was good and is doing a bit less these days. Symantec has grown. Esepcially in detection.

I for one think that removal is more important . Besides that I think IDS or ways of pre detection will be more important


Well that is a good point. Nowadays antiviruses are becoming less popular, while their Internet Security and Total Security counterparts are becoming more popular. Internet Security suites include a firewall, which significantly helps block malware. Total Security suites include Backup tools, which allows for data recovery. 


edd3800 wrote:
I've been going to av-comparatives for some time. I've never seen that they test how good an AV is at removal.  I know they test detection. Where are their removal tests located at.

I wish they tested removal; there is an review of NOD32 on youtube and after it "disinfected" the system, there were still popups, taskbar icons, etc. 

 

The same person also reviewed Norton 2009, and after it nuked the malware the computer looked normal! No taskbar icons, no popups, homepage restored, etc. He ran a HiJackThis scan and found 1 suspicious file. Uploaded to VirusTotal. 4/32 antiviruses reported it as malicious. 

 

The point is, removal is not emphasized enough, even with all the proactive technoligies, such as whitelisting, blacklisting, 2-way firewalls, etc., removal is still an important issue. 

Sometimes AV companies emphasize Detection way too much. Take Kaspersky for example. They brag about detection being really high. According the PCmag, Kaspersky’s detection is high, but removal is not top-tier. However, Norton’s detection was comparable or better than Kaspersky, and completly removed 40% of malware.

1 Like

You mean Matt from Remove-Malware.com. He is awesome.

 

 http://remove-malware.com/

All these comments prove that behaviour blockers are getting more and more important. That’s the main reason why AntiBot was intergrated into NIS 2009

Yes but NIS still fails alot of HIPS tests. Threatfire picks up the slack very easily.


Dieselman743 wrote:
Yes but NIS still fails alot of HIPS tests.

Yes but I have not seen any HIPS tests.

There are hundresds of HIPS tests out there. Just try System Shutdown Simulator for one. Also check out this site.

 

http://zeroday-software.110mb.com/

 

 http://www.testmypcsecurity.com/securitytests/all_tests.html#AllTests

If you go to AV Comparitives you will see who is the best of the best. Avira is the best of course in detection and removal. Norton scores a 99% effectiness.