Detection means crap, if it cant clean

Discussion in 'other anti-virus software' started by trjam, Jul 23, 2007.

Thread Status:
Not open for further replies.
  1. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    I have been preaching this for awhile. Your AV and mine, may be great at flagging malware, but if it cant clean it and all remnants, then you aint got squat. here
     
  2. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    Hi Jeff,
    i have noticed that nod32 and antivir have this problem.
    that is why i choose kaspersky because i know it can detect and clean.
    according to that chart seems that norton is better at cleaning than it used to be.
    the 2003 version couldnt get rid of trojans.
    im still surprised that microsoft was certifed for cleaning LOL
    lodore
     
  3. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    yeah, between Nortons detection and cleaning ability, it is starting to look real good. I am curious to see Esets new suite evaluated. I would say they are close to getting this. But I am leaning to looking at balancing the 2 criterias instead of the 1, when it comes to the future.
     
  4. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    nod32 version 3 promises better removal of malware.
    lets hope it delivers.
    lodore
     
  5. ASpace

    ASpace Guest

    The fact that some vendors are not present in the "Cleaning criteria" list does not mean they are bad at cleaning . It is up to the vendor to decide if they want to be tested against cleaning (AFAIK the cleaning test means extra tax) . I think it is not important at all because they will test it against limited selection of threats and also "prevention is always better than cure" ;)
     
  6. dave88

    dave88 Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    177
    Not sure how telling this "certification" really is??

    "Therefore the Anti-Virus Certification Criteria does not include requirements for handling malicious and non-malicious spyware, adware, foistware, backdoors, trojan horses, and other such non-replicating software. "
     
  7. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    hello HiTech_boy,
    that is true but wouldnt you agree that there is quite alot of posts in the nod32 offical forum about needing to manual clean malware that is found by nod32 on demand scanner?
    and i see that eset know of the problem hence the improved cleaning in the new features on the eset suite beta.
    antivir seems be even worse at cleaning.
    lodore
     
  8. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    Antivir is terrible at cleaning. That has been proven to me in private just as their "Guard" protection is really very weak. I realize some or a lot, will bash this post as another "one" of those sites. But I think it is what the future will hold, for any AV product to stay a float. If you can detect it and clean it, then you stand a chance of staying afloat. I still think Eset will get this, but Avira has publically admitted that their big time customers only care about detection and after today, I cant wear their Avatar with any pride. Not that it matters to all the fanboy haters, but it damn sure matters to me.
     
  9. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    Hi again Jeff,
    that is why im replacing antivir premium on my sister's laptop with kis7.0 when the license runs out in september.
    i will get a 3 user license for £30 and that is enough for all my familys computers.
    i hope eset do well with there suite and version 3 of nod32.
    i also hoppe drweb gets better.
    lodore
     
  10. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    I wonder why F-Secure IS was not on the list? Why would it differ much from KIS?
    If I were not so slow at start I would like it as well as KIS.

    PS
    Anyone know where to get another offer like the KIS from Systweak? Didn't we have fun with that?
    Best,
    Jerry
     
  11. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    taken care of Jerry, thanks to ankupan.
     
  12. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    Hi Jeff, that is great.
    Any idea why F-Secure is not on the "cleaning list?"

    Best,
    Jerry
     
  13. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    only certain products were tested, not that the rest had failed.
     
  14. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    Hi C.J.S..
    That is a good reason. Thanks.
    Regards,
    Jerry
     
  15. Carver

    Carver Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    1,827
    Location:
    USA
    My licence with Eset runs out July 2008, now Nod32 v3 was supposed to be out last december 18 2006. It is now july 23 2007! Right now I am using the AntiVir premium 6 month demo, so if AntiVira dosen't improve by the end of the 6 months it gets replaced.
     
  16. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    I am pretty much convinced that if one has a good AV, such as AntiVir, and a good AS and firewall, there is nothing that is going to penetrate it. I realize that it is possible, but not likely in my opinion. I would not feel vulnerable with AntiVir or ESET at all.

    On the other had if one can have a high detection AV that also cleans well, that is the best of both worlds.

    Best,
    Jerry
     
  17. InfinityAz

    InfinityAz Registered Member

    Joined:
    Jul 23, 2005
    Posts:
    828
    Location:
    Arizona
    Well said JerryM, on both cases. As the saying goes: "an ounce of prevention, is worth a pound of cure."
     
  18. SteveS335

    SteveS335 Registered Member

    Joined:
    Jan 16, 2007
    Posts:
    43
    On the other hand :-

    Cleaning means crap, if it can't be detected :D

    At least you know where to look with a better detection!

    Steve
     
  19. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    NOD cleans up fine for me, but isn't NOD listed as a certified product in the OP's link? Yes or no? By the way I'm glad Kaspersky works fine for you.
     
    Last edited: Jul 23, 2007
  20. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    IMO, detection should be more important than cleanup. There are several ways that cleanup can be achieved nowadays. Clear the sandbox, reboot if you have a partition virtualization program, revert to a snapshot/backup, reformat/reinstall or manually remove the bugger. I'm probably forgetting something.

    Good removal would be ok for those who don't frequent forums like Wilders. I personally would consider stability more important above removal capabilities. Actually in this order: stability,detection,features,removal and then gui. I'm a simple man though :cautious: . No jokes please :p

    Cheers
     
  21. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    If a malware infects a file, it can sometime mess up that file so much that the only possible *repair" is to have a back-up copy of that file.

    Now that disk imaging software is so cheap, effective, & user-friendly, what I want from an AV is really good detection. Ability to repair is nice to have, but is only a secondary consideration. I make periodic images onto my external drive, & hang on to them long enough that I can be 99.99999% certain of having clean stuff on hand, even if I have to dig back a bit.
     
  22. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    Agreed! GUI and it's ease of use may even come before removal. I, too, have other means of removal.
     
  23. FRug

    FRug Registered Member

    Joined:
    Feb 7, 2006
    Posts:
    309
    I seem to keep repeating myself on this topic. A machine that has been trojanized, infected or generally got its security breached and has been taken over cannot be trusted anymore. If you rely on cleaning and continue working with that heap of rubble, you will most likely run into issues pretty quickly again, or you may not notice changes that have been made to your system which cannot be detected because they are not malicious on their own, like reduced system security, patched windows binaries, or general modifications of your system settings that affect security or stability.

    When we´re talking about real virus infections, we have the same problem + corruption of files that cannot be reversed anymore. This also leads to a clean install as a mandatory requirement as soon as system files are affected.

    So once more:

    DO NOT RELY ON CLEANING OF INFECTED SYSTEMS

    If you do, don´t say i didn´t warn you.
     
  24. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,698
    Hello,

    For the average user, yes. The ability to clean is very important.

    But in general, if you can detect something, even if you cannot delete it, it might be enough. For example, an uber-nasty blah blah, which your AV detects but cannot delete.

    1. Take a piece of paper + soft-ball pen.
    2. Write down the paths to these infections (assuming they are true).
    3. Reboot with live CD (Windows or Linux).
    4. Delete offending files.

    So even if your AV-in-Windows-session wasn't capable of dealing with the threat, it pointed to the culprit, which can then be later dealt with by alternative means.

    Mrk
     
  25. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    Totally agreed! Here you have some disinfection rates tested by Av-test.org 04-2007. Even the best rated were far away
    100 % and one even below 50 % level. o_O

    Best regards,
    Firefighter!

    Btw, not a new issue I guess, the better heuristics, the worse cleaning, so... :mad: ...you buy a vacuum cleaner that doesn't clean but seals the windows and doors but every time you are going out/in, the dust and dirt brings in. :eek:

    I think that I have found even one more reason to stay on my solid rock isle far away from dust and dirt. :D
     
    Last edited: Jul 24, 2007
Loading...
Thread Status:
Not open for further replies.