Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 2437 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Virus detection

TimRay

I am evaluating a few different AV packages with a view to moving away from Symantec Endpoint Protection which I am unhappy with. As part of my evaluation of each package I have downloaded a collection of viruses from virussig.com and scanned them to see how many are identified.

With Sophos, if I create a new scan and include just the folder containing the viruses (sub-folders are automatically selected) it doesn't find a single virus. However, if i right-click on the folder and select Scan with Sophos Anti Virus, it detects 579 viruses (incidentally Kaspersky found 2600 in the same folder but that's a differnt matter). Can anyone explain why the normal  scan doesn't find these viruses but the right-click does.

Thanks

:14827


This thread was automatically locked due to age.
Parents
  • 0

    Thanks for the link. As these files have no extension a "normal" scan does not include them. I had to configure it to Scan all files (as I assumed). This is - as mentioned - the default for right-click (and on-access has BTW Scan files with no extensions set).

    Can't judge the significance of the detection rate against these samples (of course the more the better but some non-viral malware might have only very limited prevalence and practically "extinct" in the wild). I think that performance and sensitivity of on-access (and download) scans and "zero-day" protection is more important, as well as manageability and last but not least a vendor's support and reaction time to new threats.

    HTH

    Christian

    :14841
Reply
  • 0

    Thanks for the link. As these files have no extension a "normal" scan does not include them. I had to configure it to Scan all files (as I assumed). This is - as mentioned - the default for right-click (and on-access has BTW Scan files with no extensions set).

    Can't judge the significance of the detection rate against these samples (of course the more the better but some non-viral malware might have only very limited prevalence and practically "extinct" in the wild). I think that performance and sensitivity of on-access (and download) scans and "zero-day" protection is more important, as well as manageability and last but not least a vendor's support and reaction time to new threats.

    HTH

    Christian

    :14841
Children
No Data