Google Image Search Virus Leads to AV Showdown

The last few months we have seen a huge spike in viruses coming from Google Image Search. Our current solution just was not cutting it, so I took a day to test out some of the better known anti-virus programs. Here are the results:

- Microsoft Security Essentials: doesn’t block any virus sites, lets installer install and infects computers. Doesn’t catch virus if it’s in a USB. System down – Boo.

- Kaspersky: blocks about 20% of the viruses sites, allows installer to run and infect computer. Doesn’t catch virus if it’s in a USB either. System down – Boo.

- ESET NOD32: blocks all sites and infected downloads. Scans USB sticks for virus, but takes a little bit. If it has a virus on the stick, it will delete it. I can force the virus install if I really try, but it actively removes parts of the virus that send data, etc. during install. No real system downtime, but still need to manually remove a file so it doesn’t give an error at start-up – Very good, but a little room for improvement.

- Symantec Endpoint Protection: not only blocks sites with infected viruses, but actually bans the IP from their computer as well for one day (can be adjusted). Blocks infected downloads and bans IP from that as well. It doesn’t remove infected files from USB sticks, but at the same time it won’t allow the install at all like NOD32 did. No effect on the system at all – Very good and less room for improvement than NOD32!

Of course the above was just testing against the Google Image Search virus that is running rampant. If we take into account all aspects (computer resources used, track record for stopping viruses, as little user interaction as possible) there was one clear winner: ESET NOD32.

Share