Sophos vs Kaspersky Observation

  • Thread starter Thread starter Vstopper
  • Start date Start date
V

Vstopper

Migrating a small network from Sophos 3.92, using hourly EM Library for updates, over to Kaspersky 5.0.177 revealed that eight out of the ten workstations were infected with a variety of virus which were discovered when the KAV scanner was first run.
One PC was first scanned with the latest Sophos 3.92 and IDE updates, using the "Full" and "All Files" options and the result showed a clean PC.
Sophos was then uninstalled and Kaspersky installed in it's place.
On the initial KAV system scan Kaspersky found:
Win32.Stubby.c in farmmext.exe
and also Win32.Agent.cb in spike.exe
which seemed to have been completely missed by Sophos
Kaspersky then revealed that seven of the remaining nine PCs had infectionsof various Dialer Dloader & Bettynet-A virus as follows: 6, 3, 22, 6, 1, 4 & 26.
www.av-comparatives.org/seiten/ergebnisse/report05.pdf makes interesting reading and the spreadsheet analysis perhaps provides some explanation
 
On 10 Apr 2005 21:02:16 +0100, Vstopper <> wrote:

Please don't post to newsgroups using html.
Migrating a small network from Sophos 3.92, using hourly EM Library for updates, over to Kaspersky 5.0.177 revealed that eight out of the ten workstations were infected with a variety of virus which were discovered when the KAV scanner was first run.
One PC was first scanned with the latest Sophos 3.92 and IDE updates, using the "Full" and "All Files" options and the result showed a clean PC.
Sophos was then uninstalled and Kaspersky installed in it's place.
On the initial KAV system scan Kaspersky found:
Win32.Stubby.c in farmmext.exe
and also Win32.Agent.cb in spike.exe
which seemed to have been completely missed by Sophos
Kaspersky then revealed that seven of the remaining nine PCs had infections of various Dialer Dloader & Bettynet-A virus as follows: 6, 3, 22, 6, 1, 4 & 26.
www.av-comparatives.org/seiten/ergebnisse/report05.pdf makes interesting reading and the spreadsheet analysis perhaps provides some explanation

The KAV scan engine is top notch, so this isn't surprising. You should
though verify that KAV isn't false alarming on any of the hits. Send
samples to both Sophos and KAV to have them checked, just to
make sure.

Why so many infestations of malware? You can't blame that on
Sophos. Somebody is not doing a very good job of securing the
systems.

Art

http://home.epix.net/~artnpeg
 
Vstopper said:
Migrating a small network from Sophos 3.92, using hourly EM Library for
updates, over to Kaspersky 5.0.177 revealed that eight out of the ten
workstations were infected with a variety of virus which were discovered
when the KAV scanner was first run.
One PC was first scanned with the latest Sophos 3.92 and IDE updates,
using the "Full" and "All Files" options and the result showed a clean PC.
Sophos was then uninstalled and Kaspersky installed in it's place.
On the initial KAV system scan Kaspersky found:
Win32.Stubby.c in farmmext.exe
and also Win32.Agent.cb in spike.exe
which seemed to have been completely missed by Sophos
Kaspersky then revealed that seven of the remaining nine PCs had
infections of various Dialer Dloader & Bettynet-A virus as follows: 6,
3, 22, 6, 1, 4 & 26.

http://anti-virus-rants.blogspot.com/2004/07/all-anti-virus-products-fail.html
 
Back
Top