Anti Virus Speed and Detection Testing.
The Antivirus Need for Speed to stop fast viruses is a must.
Once again spring is in sight and at Xtreme Computer that means we start surfing for viruses again. Not only do we look to download and infect our testing computer we do so in a controlled environment that allows us make recommendations to our group.
When we started collecting viruses back in the late 90's there wasn't much to choose from when it came to anti virus applications. Today it seems to be growing faster than we can keep up with which causes great concern was well as great material.
The great concern is because we know how viruses are created and for the most part understand what each is designed to do. When IBM sent me (Murray) one of my first virus removal tools in 1992 before the virus infected any computer in the network I was resposible for I only had one question.
"How did you know?"
They had a database program removed and before that programmer packed up and exited the building he introduced a virus which was a database script that would delete the database once run. The package came in a form of an update and before news of this got to everyone we had the virus removal tool in hand. But, it only worked to protect the data and if the update was run prior to the running of the removal tool your database was cleaned out.
Not bad experience if you ask me. My first hundred of so infected IBM computers.
Other viruses were created to distrory data, files and applications. Others were designed to copy personal information and while others were to spy on your surfing habits.
Our Test Setup:
If you are a technician and would like to test with us here's what you will need. The following is our recommendations only. If you have other methods of testing feel free to share them with us. The key is only to use your AV as a detection application not a preventive or blocking application. You'll need to allow the virus to take it's full hold to identify the delivery and package installation.
1. Computer running windows XP with what most manufacturers put into it. Minimum memory and a slow hard drive.
2. Tiny Software firewall the version 2 works best but not with Dual processor or Dual core systems.
3. Loging application and network scanning software. We use GFI but we also have several other applications that we will list if used.
Now, our test system is an old 733Mhz 256Mb memory Intel system with an old 5400RPM WD drive. We also have a P4 2.8Ghz with 1Gb memory to offer up our checksums. The application response time will often be the same unless the application requires additional resources. You must keep in mind the type of computers people are using this is why we use two systems.
Fast computers can speed up the detection process of any application but you can not expect everyone to have a fast computer. Fact is for most of our applications our 733Mhz system with XP response quicker than a 2Ghz system running Vista. Operating systems often slow down the response time of your applications. It depends on how many subroutines you have running. Our tests will be with the minium amount of processes running.
We will start testing this week and post results as we are infected.