Poll

OT posts splitted

who removed my posts from this thread
0 (0%)
https://forums.comodo.com/empty-t28058.0.html
0 (0%)

Total Members Voted: 0

Author Topic: Eighty percent of new malware defeats antivirus????!!!!  (Read 41733 times)

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14651
    • Video Blog
Eighty percent of new malware defeats antivirus????!!!!
« on: July 23, 2006, 07:10:11 PM »
http://www.zdnet.com.au/news/security/soa/Eighty_percent_of_new_malware_defeats_antivirus/0,2000061744,39263949,00.htm

Interesting reading.

The point that is being raised in this news article is that people use AV mostly and anti spyware is yet to penetrate the market.

One of the major reasons why Anti-Spyware products come as a seperate product is because vendors are looking for ways to charge extra for this. At Comodo we decided to turn our AV engine to also catch spyware hence we called it CAVS (Comodo Anti Virus/Spyware). Hence I believe our strategy is right and our strategy will help fight malware better, cos majority of people still think just AV will be enough and don't bother with Anti spyware.

Read the article and let me know your thoughts please.

Thanks
Melih
« Last Edit: November 25, 2007, 11:24:58 AM by Melih »

Offline kail

  • Randomly Appearing
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11361
  • The future is much like the present, only longer.
    • COMODO's free software!
Re: Eighty percent of new malware defeats antivirus????!!!!
« Reply #1 on: July 23, 2006, 09:42:47 PM »
Based on that article, I think we should keep CAVS very quiet & not tell any more people about it.

Hmm.. I believe there's a slight flaw in that thinking.  ::)

Seriously, I think your strategy is correct & certainly is best for the user.

But, the article does make a valid point. The more popular any product becomes, then there more likely it will be that virus/trojan/malware writers test their latest thing against that product. That is, as the article indicates, indeed a worrying trend.
My System Details: W10Px64 with CIS 10 Beta, Firefox & Becky!
Forum Policy.
____
The problem is not the problems, the problem is people's attitude towards those problems.

Offline Laurence

  • Comodo Member
  • **
  • Posts: 40
Re: Eighty percent of new malware defeats antivirus????!!!!
« Reply #2 on: July 23, 2006, 09:55:50 PM »
Hi Melih,

It certainly sounds to be a wise course of action alright, to integrate antispyware and antivirus together; and scanning in such a way, so as 1) first and foremost, as much as possible, prevent same from entering one's system, 2) should it enter, catch same before it does harm, and 3) preferably clean/disinfect/eradicate it once found; barring that, at least quarantine suspicious files.

And from what I read on rootkits it sounds like they remain a real problem and growing concern. I am hopeful that CAVS, combined with a successful firewall (such as CPF), eventually proves itself to be up to the task of protecting those who use computers and traverse the Internet, providing end users with that warm and fuzzy feeling which can come from truly knowing that one is being protected by the best.

So, continue to press on, making our CAVS (and other Comodo products of course) the very best there is, and then we won't have to be numbered among that 80 %. ;-)

Laurence

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14651
    • Video Blog
Re: Eighty percent of new malware defeats antivirus????!!!!
« Reply #3 on: July 23, 2006, 10:04:23 PM »
Based on that article, I think we should keep CAVS very quiet & not tell any more people about it.

Hmm.. I believe there's a slight flaw in that thinking.  ::)

Seriously, I think your strategy is correct & certainly is best for the user.

But, the article does make a valid point. The more popular any product becomes, then there more likely it will be that virus/trojan/malware writers test their latest thing against that product. That is, as the article indicates, indeed a worrying trend.


Yes worrying indeed!
Blacklisting technologies that work on signatures and algorithms that detect behaviour are always there to be broken. This is why at Comodo we supplement all these technologies with safelisting approaches which is not susceptible to what the author has described.

Melih

Offline pandlouk

  • I love Comodo
  • Comodo's Hero
  • *****
  • Posts: 2240
  • Retired Mod
Re: Eighty percent of new malware defeats antivirus????!!!!
« Reply #4 on: July 23, 2006, 10:25:23 PM »
That article has some truth but it makes me wonder why he don't give any information about the programs he used and/or at least a catalog of the malware that he used for the test. It sure lacks of credibility since it just throw some percentuals and nothing more (not a number of the malware, not types of malware, etc.)

ps. This information is not new. It reminds me of blaster ( I think it was him), 2 years ago,  that the first thing he did when infected a system was to disable the AV engine of the most known antivirus (norton,mcafee,etc.) and the second was to mutate his signature. It gave a great headache at the AV companies for more than 8 months.

Offline campart

  • Newbie
  • *
  • Posts: 9
Re: Eighty percent of new malware defeats antivirus????!!!!
« Reply #5 on: July 24, 2006, 04:05:58 AM »
80% sounds very high...like possible exageration. I have been using Spyware Blaster up until now. Can I safely switch this off with CAVS in use? I noticed that on my previous PC I had Spyware Blaster and Spybot both loaded. Spybot had fewer updates and since its scans never detected any intruders I assumed that Blaster stopped everything from even getting to me. I should add that I use ThunderBird and Firefox so I don't have the usual MS security holes.
CPF and CAVS both working perfectly for me. Thank you Melih (and team).

Thank you mOngOd for your comments, I will keep Spyware Blaster up and running while CAVS evolves.
« Last Edit: July 30, 2006, 06:22:23 PM by campart »

Offline ~Daniel~

  • I used to be indecisive, but now I'm not so sure.
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 906
Re: Eighty percent of new malware defeats antivirus????!!!!
« Reply #6 on: July 26, 2006, 09:31:21 PM »
I has Spyware Blaster and Spyware Guardian (both by the same company) loaded.  Spyware Guardian interferred with CAVS installing correctly (as it silently stops things), so I had to uninstall it.

I think Spyware Blaster is a wonderful companion product to keep installed as it is more about "training" IE / Firefox with regards to Ads, Restricted Sites, and ActiveX install control.... I only foresee CAVS possibly depricating Spyware Blaster's ActiveX controls... but there are 2 other function that Spyware Blaster can still perform for you (until COMODO makes new products that incorporate those functions).
OS: Win 10 Enterprise x64 build 1809
Comodo: CIS 11.X (latest version)
Backup/Imaging: Macrium Reflect Home v7.X
Win10 Phone: N/A
Personal Website: Comodo SSL (via CloudFlare)

Offline DoomScythe

  • Comodo's Hero
  • *****
  • Posts: 396
Re: Eighty percent of new malware defeats antivirus????!!!!
« Reply #7 on: July 31, 2006, 12:23:19 PM »
I think it is possible for this (80% new malware defeats antivirus) to happen, considering most anti-virus softwares are using the blacklist approach. I think this will continue to be a trend until some geniuses came up with a new method on which the AV software could work on. Playing catchup is always on the losing side.

Erm Melih, I don't get you when you said you were using the whitelist approach. Do you refer to the CPF or CAVS? I certainly think that it is the CPF, right? No way you could create a whitelist for the CAVS.......


Yours truly,
DoomScythe

Offline TheFireKnight

  • Comodo Family Member
  • ***
  • Posts: 89
    • Custom-Built Extreme Performance PCs - Coming soon
Re: Eighty percent of new malware defeats antivirus????!!!!
« Reply #8 on: July 31, 2006, 01:33:05 PM »
I used to use Kerio PF to help in catching some rootkits when they tried to connect to the internet. Mostly it was because I could see all the information of what comes in and goes out.

Guess what? I've had MUCH greater success with CPF when it come to doing the same thing.

Sure a good firewall like CPF doesn't get rid of the rootkits, and generally I haven't really seen any AV/AS program being able to remove them, but at least I can sure tell when one is installed.

Removal usually turns out to be a manually done job.... but oh well....

Hopefully CAVS will collaborate with CPF enough to have a better chance of removing these nuisances.

Besides that, you'd need a program that does thread tracing to be able to catch many/all rootkits (thread tracing=very time consuming - maybe do-able when AMD releases their 4x4 initiative).

Edward
_/|__|\_  This is Kitty. Copy and paste Kitty into your
(=*-*=)  signature to help him gain world domination!
("")_("")  And win the battle against all bunnies!

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14651
    • Video Blog
Re: Eighty percent of new malware defeats antivirus????!!!!
« Reply #9 on: July 31, 2006, 02:21:12 PM »
I think it is possible for this (80% new malware defeats antivirus) to happen, considering most anti-virus softwares are using the blacklist approach. I think this will continue to be a trend until some geniuses came up with a new method on which the AV software could work on. Playing catchup is always on the losing side.

Erm Melih, I don't get you when you said you were using the whitelist approach. Do you refer to the CPF or CAVS? I certainly think that it is the CPF, right? No way you could create a whitelist for the CAVS.......


Yours truly,
DoomScythe

Give me 2 months to show you what i mean :-)

Melih

Offline Justin L.

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 3124
Re: Eighty percent of new malware defeats antivirus????!!!!
« Reply #10 on: July 31, 2006, 02:30:10 PM »
Give me 2 months to show you what i mean :-)

Melih

 :D

Offline DoomScythe

  • Comodo's Hero
  • *****
  • Posts: 396
Re: Eighty percent of new malware defeats antivirus????!!!!
« Reply #11 on: August 01, 2006, 01:39:21 AM »
Give me 2 months to show you what i mean :-)

Melih

Alright Melih, now you got me really curious. Hehe :)


Yours truly,
DoomScythe

Offline andyman35

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 1579
Re: Eighty percent of new malware defeats antivirus????!!!!
« Reply #12 on: August 16, 2006, 11:23:19 AM »
I used to use Kerio PF to help in catching some rootkits when they tried to connect to the internet. Mostly it was because I could see all the information of what comes in and goes out.

Guess what? I've had MUCH greater success with CPF when it come to doing the same thing.

Sure a good firewall like CPF doesn't get rid of the rootkits, and generally I haven't really seen any AV/AS program being able to remove them, but at least I can sure tell when one is installed.

Removal usually turns out to be a manually done job.... but oh well....

Hopefully CAVS will collaborate with CPF enough to have a better chance of removing these nuisances.

Besides that, you'd need a program that does thread tracing to be able to catch many/all rootkits (thread tracing=very time consuming - maybe do-able when AMD releases their 4x4 initiative).

Edward

The only effective method for removing these threats is by a comparison scan between the windows environment and a BARTPE or similar ,based bootable cd scan.

Offline -[Red_Oplok]-

  • Comodo's Hero
  • *****
  • Posts: 373
  • Bardahl Super Lube Specialist...
    • https://www.facebook.com/karl.j.benz
Re: Eighty percent of new malware defeats antivirus????!!!!
« Reply #13 on: August 20, 2008, 01:33:18 PM »
http://www.zdnet.com.au/news/security/soa/Eighty_percent_of_new_malware_defeats_antivirus/0,2000061744,39263949,00.htm

Interesting reading.

The point that is being raised in this news article is that people use AV mostly and anti spyware is yet to penetrate the market.

One of the major reasons why Anti-Spyware products come as a seperate product is because vendors are looking for ways to charge extra for this. At Comodo we decided to turn our AV engine to also catch spyware hence we called it CAVS (Comodo Anti Virus/Spyware). Hence I believe our strategy is right and our strategy will help fight malware better, cos majority of people still think just AV will be enough and don't bother with Anti spyware.

Read the article and let me know your thoughts please.

Thanks
Melih


HE!!O MELIH

A combination of FIREWALL / AV / ANTISPYWARE in One package will be the best I think.

CPU/OS:
- INTEL ATOM Dual Core 1.85mHz CEDAR TRAIL[at] Win7 Ultimate

LONG RANGE ANTI MALWARE PROTECTION:
- CIS Premium FULL CONFIG Capable of Listening Malwares and Hackers.

EMERGENCY COUNTER MEASURES and WEAPON:
- SAS and MBAM

CONNECTION:
- LINKSYS E Series WiFi Power by GLOBE DSL

3xist

  • Guest
Re: Eighty percent of new malware defeats antivirus????!!!!
« Reply #14 on: August 22, 2008, 01:45:11 AM »
HE!!O MELIH

A combination of FIREWALL / AV / ANTISPYWARE in One package will be the best I think.



Hey Lewis,

It's in the making :)

Cheers,
Josh

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek