NEW! Rootkit 'detection' test

Selection effect. Those rootkits that CAN be removed by automated means have usually being removed that way already, so what is left are the ones that need manual removal....

It's like noticing that everyone alive has ancestors who managed to have offspring..... It's a miracle!!!

 

Sorry for off-topic, but where can I download SAS 4 for tests? No clue on their website.

 

Register and log into their support forum. Category is Superantispyware 4.0 Pre-Release. Download from sticky thread.

 

Thank you!

 

thanks for the SAS sticky & on rootkits if I get anymore paranoid from the hazards from the net I might as well shut it off. You just can't keep everything off your computer...

 

I fail to see how Kaspersky is that much better than NOD32 Antivirus because of these results with rootkits, especially when on real malware Kaspersky's score of 4.5/6 puts it in 5th place, and the best in this test, Rootkit Unhooker, is free.

 

yes 4.5/6 for that, but what did nod32 get?

Drweb scored 5/6 and is also free via cureit

 

Does CureIt! include the same anti-rootkit drivers as the installed version?

 

IMO it doesn't matter what ESET NOD32 Antivirus got because it is an Antivirus and I use Antivirus to look for viruses (surprise, surprise!), not rootkits.

Following your logic I could rely on Kaspersky solely and still have 1 rootkit on my system.

Following my logic I could use NOD32 Antivirus which is smaller and scans faster, while using Rootkit Unhooker (5.5/6) which is a FREE application from the OS developer and have one less rootkit.

 

I suppose you also install anti-trojan, anti-worm, anti-adware, anti-spyware, and anti-script scanners on your computer.

 

Forgive me if I do not properly acknowledge your attempt at being humorous, but Rootkit Unhooker is a single 94Kb file which is NOT installable.

For me, the inconvenience of running this tiny utility is preferable to the possibility of leaving the rootkit which Kaspersky cannot detect on my system.

 

That's a very wise decision. So I suppose you also run all those other tools on your PC.

And oh, let's not forget to add an anti-keylogger to the list, btw.

 

Sir, as I have no compelling desire to have a high post count, the only comment I will make regarding your statement is that this thread is about the results of a rootkit test; when another thread opens regarding "other tools" and anti-keyloggers I will be happy to comment further.

 

Hmm, I do like nod but drweb say an antivirus that can't defend against rootkits is a useless expensive toy.

it is no excuse to say you can use something
else.

 

If "antivirus" softwares only detected viruses, they wont get far these days seeing as most, (if not all) "antivirus" softwares can be considered as anti-malware software, detecting trojans, worms, dialers, keyloggers, spyware, adware etc.

Why would you be looking for a product which only detects viruses and not the others if all competitors will do far more?
Most people look for products which are "jack of all trades, master of all"... all-rounders rather than specify on one thing... and other products can match that one thing its specifying in

(I'm not saying NOD only detects viruses by the way!)

Of course, everyone has different opinions and have different POV (Points of views) as to what we expect/want from products

 

drweb is of course free to try to position their product as best by highlighting its strengths and emphasizing the weaknesses of the competition.

However, it is undeniable that a virus and a rootkit are two fundamentally different things, and the name of ESET's product is NOD32 Antivirus.

Apparently I was deluded in thinking there was a logical reason why:
1. Bitdefender has Bitdefender Antivirus and Bitdefender Total Security.
2. Norton has Norton Antivirus and Norton 360.
3. F-Secure has F-Secure Antivirus and F-Secure Client Security, etc.

Case in Point:
Comodo released a firewall product called Comodo Firewall Pro.
In version 2.4, this product was what its name indicated it to be, a firewall.
In version 3.0, Comodo added HIPS features to their firewall product.
This version is still called Comodo Firewall Pro, however, it is no longer a firewall, but a HIPS product.

Now I would like to take the liberty to replace drweb with Comodo in your comment to highlight its inherent fallacy:

 

Built on the award-winning ThreatSense® engine, ESET NOD32 Antivirus proactively detects and disables more viruses, trojans, worms, adware, phishing, rootkits and other Internet threats than any program available.

I dont know but that blue portion sounds mighty bold.

 

My point is that I expect my AV product, first and foremost, to be excellent at viruses; whatever other abilities it may have to detect other forms of malware are bonuses; nice bonuses yes, but still bonuses.

It might sound appealing at first to have an omnipotent product, but generally things don't work out best that way, such as was the case with the battleship.

In any case, 4.5/6 is a 75% success rate, and when I was in school 75% was a C grade, and for myself and my peers, a C grade on a report card meant some form of future punishment.

Basically, I don't consider a C grade an indication of doing "far" more.

 

Actually I was rewarded for that letter.

 

You see rootkit and expect that means that they are saying they are better at detecting "more...rootkits and other Internet threats than any program available".

We refer to that as selective quoting.

I don't use selective quoting, so I see that they are saying when you take all malware as a whole, they are the best.
Of course, this is all marketing hype, so getting into semantics over this quote is quite silly.

 

We refer to this as, "The Gospel" from where I come from and expect it to be reality.

 

It looks like this whole thread has turned into a personal oneuppance

 

Congratulations!

 

I thought my position was clear, in that just like how I expect my firewall to be good at firewalling and anything extra is a bonus, I expect my AV to be good at antivirus and anything else is a bonus.
I have no particular affection for NOD32; when my subscription runs out, I may very well switch to Kaspersky or Dr. Web.

Some like all-in-one products, some don't.

Some judge their AVs on rootkit detection, some don't.

 

i dont understand the dribble you are saying,

an antivirus is supposed to only scan for viruses?

as Jeff said, it mentions it in the product description to scan for other threats including rootkits.

what would you say about eset security suite, same AV with firewall and spam, is this not supposed to scan for rootkits or other threats either, its certainly not got 'antivirus' in the title.

bitdefender total security is the antivirus + backup / tuneup utilties etc (hence a more TOTAL security package), same for norton 360.

F-secure client security is the same as the home version, but lighter and aimed at buisiness users, so it has Cisco support, and a central mangagment, the antivirus is the same!