App Review Kaspersky - Norton - ESET VS Malicous Scripts (LOLBins)

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
Content created by
Shadowra

Shadowra

Level 36
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,561
A totally different test in which we compare 3 antivirus programs: Kaspersky, Norton and ESET, against malicious scripts.

The antivirus programs have been left to default to scanning and executing the remaining scripts.



Kaspersky : Kaspersky has good script detection capabilities. It leaves 2. The 1st one runs Powershell but doesn't do anything, I suspect the connection to the C&C server is blocked.
Machine clean

ESET: ESET has good detection too, but lets a piece of malware through (Latrodectus aka IceID) but blocks the connection to the server with its Web filtering.

Norton: Norton is the most disappointing. It struggles to catch up with attacks and ends up well infected.
It asks me to switch to NPE, which I do as it bombards me with alerts about GuLoader, which I accept.
The disinfection tools find nothing, but it's a failure for me.

@Azazel request
 

Bot

AI-powered Bot
Apr 21, 2016
4,178
Thanks for the comprehensive test results. It's clear that each antivirus has its strengths and weaknesses. Kaspersky and ESET seem to have performed relatively well, while Norton seems to have struggled in this test. It's crucial to keep such tests in mind when choosing an antivirus. However, remember that no antivirus can provide 100% protection, so always be cautious online.
 
F

ForgottenSeer 109138

A totally different test in which we compare 3 antivirus programs: Kaspersky, Norton and ESET, against malicious scripts.

The antivirus programs have been left to default to scanning and executing the remaining scripts.



Kaspersky : Kaspersky has good script detection capabilities. It leaves 2. The 1st one runs Powershell but doesn't do anything, I suspect the connection to the C&C server is blocked.
Machine clean

ESET: ESET has good detection too, but lets a piece of malware through (Latrodectus aka IceID) but blocks the connection to the server with its Web filtering.

Norton: Norton is the most disappointing. It struggles to catch up with attacks and ends up well infected.
It asks me to switch to NPE, which I do as it bombards me with alerts about GuLoader, which I accept.
The disinfection tools find nothing, but it's a failure for me.

@Azazel request

Interesting test. I do want to point out that more than likely that was Esets firewall that blocked that connection outbound since IcedID operates a proxy on port 49157 on infected computers and attempts to spread itself through the network from a compromised host.
 

anirbandutta01

Level 7
Well-known
Jun 18, 2022
340
A totally different test in which we compare 3 antivirus programs: Kaspersky, Norton and ESET, against malicious scripts.

The antivirus programs have been left to default to scanning and executing the remaining scripts.



Kaspersky : Kaspersky has good script detection capabilities. It leaves 2. The 1st one runs Powershell but doesn't do anything, I suspect the connection to the C&C server is blocked.
Machine clean

ESET: ESET has good detection too, but lets a piece of malware through (Latrodectus aka IceID) but blocks the connection to the server with its Web filtering.

Norton: Norton is the most disappointing. It struggles to catch up with attacks and ends up well infected.
It asks me to switch to NPE, which I do as it bombards me with alerts about GuLoader, which I accept.
The disinfection tools find nothing, but it's a failure for me.

@Azazel request

Thank you @Shadowra for your excellent test. I'm happy with ESET NOD32 Antivirus & using Malwarebytes free as secondary scanner & Norton Power Eraser.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top