Research: 80% of Carberp infected computers had antivirus software installed

malwarekiller · Jul 28, 2012

Just how useful is antivirus software in general? According to a recently published study by security researcher Jim McKenney, based on his analysis 80% of Carberp infected computers had antivirus software installed, which was either disabled, or cripped by the Carberp malware leaving antivirus users with a 'false feeling of security'.

The forensic investigation included 603 computers located in Kansas, Missouri, Oklahoma and Nebraska. What he found was pretty interesting. The majority of users relying on Symantec's Norton 360 antivirus had their protection either crippled or completely disabled. The same happened to AVG, Microsoft's Security Essentials, McAfee, Avast, ESET, Sophos, Avira, Kaspersky and BitDefender users.

read full story: http://www.zdnet.com/research-80-of-carberp-infected-computers-had-antivirus-software-installed-7000001679/

LOL! avira and BD were disabled completely!!!

Deleted member 178 · Jul 28, 2012

Me? overkill and Paranoid? No....

Tobi · Jul 28, 2012

malwarekiller said:
LOL! no doubt a lot of Basic AV's like avira were disabled!!!

When was Kaspersky, Norton, or even Avast considered basic?

Ink · Jul 28, 2012

A disabled AV is better than a crippled AV. At least you know you're not given a false-sense of security.

Does this call for improved antivirus self-protection for PCs that can be exploited (ie. outdated software)?

Edited.

Deleted member 178 · Jul 28, 2012

i remember a malware that recognize the AV installed on the victimized machine, disabled it and replace the missing tray icon by a fake one... ^^

malwarekiller · Jul 28, 2012

Earth said:
A disabled AV is better than a crippled AV. At least you know you're not given a false-sense of security.

Does this call for improved self-protection for PCs that can be exploited (ie. outdated software)?

If a AV is crippled then atleast it can do something to stop it from becoming more destructive...Yes this will call for a sense of layered protection and updated software

umbrapolaris said:
i remember a malware that recognize the AV installed on the victimized machine, disabled it and replace the missing tray icon by a fake one... ^^

I guess it a fake version of avast,eset etc....i have seen these..they come in form of fake flash player...and in case of fake avast...it blocks avast..replaces tray icon and changes the avast UI back to avast 5 UI...

and starts giving warning about something called enhanced protection mode...says something like this:

Enhanced protection mode

Avast is operating in enhanced protection mode and something else...whatever.. :lolz:

Ink · Jul 28, 2012

I meant, improved Antivirus Self-Protection. Not PC. Corrected post. Thanks.

malwarekiller said:
Yes this will call for a sense of layered protection and updated software

malwarekiller · Jul 28, 2012

Earth said:
I meant, improved Antivirus Self-Protection. Not PC. Corrected post. Thanks.

Yes my reply to your post also meant the same

Ink · Jul 28, 2012

Does it? :S

Plexx · Jul 28, 2012

Tobi said:
malwarekiller said:

LOL! no doubt a lot of Basic AV's like avira were disabled!!!

Click to expand...

When was Kaspersky, Norton, or even Avast considered basic?

To be honest only one that can be considered Basic is MSE and even so...

Plexx · Jul 28, 2012

malwarekiller said:
Earth said:

A disabled AV is better than a crippled AV. At least you know you're not given a false-sense of security.

Does this call for improved self-protection for PCs that can be exploited (ie. outdated software)?

Click to expand...

If a AV is crippled then atleast it can do something to stop it from becoming more destructive...Yes this will call for a sense of layered protection and updated software

I would rather work anytime with a disabled AV than a Crippled AV...

Nikos · Jul 28, 2012

So that makes Antiviruses obsolete better a HIPS protection.

Plexx · Jul 28, 2012

Nikos said:
So that makes Antiviruses obsolete better a HIPS protection.

that is where you are wrong.

If you want a good protection, you need to have several components. Av, HIPS etc.

malbky · Jul 28, 2012

This exactly calls for layered security. Disabled AV is better, at least you know somethings wrong you will run combofix or somethin or at least not do any online transactions.

Syntax · Jul 29, 2012

Too bad for Norton.

iScream · Jul 29, 2012

Just a note: It was based on outdated XP SP2 pcs. At least that is what someone over ZDNet commented. lol. GG!

Syntax · Jul 29, 2012

iScream said:
Just a note: It was based on outdated XP SP2 pcs. At least that is what someone over ZDNet commented. lol. GG!

lol. If that is true then why are they using old OS?

Ink · Jul 29, 2012

Some users refuse to update to SP3, for various reasons. Pfft.

It's not like as if, "BREAKING NEWS: Microsoft's Service Pack 3 has bricked 100% of all Windows PCs that were running Windows XP".

:sleepy:

Syntax said:
lol. If that is true then why are they using old OS?

Search

Research: 80% of Carberp infected computers had antivirus software installed

malwarekiller

New Member

Deleted member 178

Tobi

New Member

Ink

Administrator

Deleted member 178

malwarekiller

New Member

Ink

Administrator

malwarekiller

New Member

Ink

Administrator

Plexx

Plexx

Nikos

New Member

Plexx

malbky

Level 1

Syntax

Level 1

iScream

New Member

Syntax

Level 1

Ink

Administrator

Similar threads