Bkav never hoists white flag to any viruses
10:02:00 | 07-03-2009

Bkav has recently warned the community that some antivirus softwares can harm Windows after the scanning process. To find out more about this issue, eChip's reporter has had an interview with Nguyen Tu Quang, CEO of Bkav.

How many PCs have been hung up after being scanned for virus?

About 47,000 PCs, according to our statistics.

What are the difficulties that users face then?

When the operating systems have been corrupted, reinstalling Windows is the only thing users can do. Windows reinstallation is as complicated as moving to a new house. There have been people who lost their data forever. For those who are lucky not losing the data, it takes months to get the computers back to its normal working. The consequence is that some people cannot complete their work because of the computers' malfunction.

What made Bkav decide to bring this sensitive issue to public?

To fulfill its responsibility, Bkav should have addressed this incidence six months ago. However, we had to delay the announcement for fear that users might misunderstand our purpose.

During the past six months, people all thought virus had broken their Windows; no one had the idea that the situation was caused by the antivirus softwares they employed. Some newspapers had instructions for users to overcome the effects but the real cause was not revealed. Some who majored in information technology even assumed that viruses had rooted so deeply into the system that they couldn't be detected or removed. Their solution was to run antivirus softwares to kill the viruses, accepting to reinstall their Windows. If so, what do use antivirus softwares for then?

Currently, the number of affected computers amounts to 47,000, we know it's high time to have a say.

What did the announcement result in?

This announcement, like Bkav's other warnings, is for the sake of computer users. After Bkav's announcement, some electronic newspapers immediately set up voting systems to find out whether their readers encountered such problem. The result shows that 67.9 percent of the computer users have been affected. This figure signifies the seriousness of the problem. That's the reason why almost most people supported Bkav's announcement.

There were also users who considered the announcement as Bkav's PR exercise. They thought we were trying to gain competitive advantage over other antivirus software vendors. However, looking deeper into the case, they learnt that what Bkav announced reflected the truth. They themselves then got to support Bkav.

At last, the announcement has proved to be good for the community. Many users, after the event, feel proud of being Vietnamese because they have their own antivirus software that is even better than the leading softwares in the world. On Bkav's side, we are pleased that we can do as our hearts tell us.

Why didn't Bkav let a "third party" publish the research so that the announcement would be more objective?

As I mentioned above, Bkav discovered the issue that antivirus softwares were harming Windows about six months ago. At that time, we decided not to make any announcement for fear that users might misunderstand Bkav's intention.

Six months passed and no warnings were released by any third party; people remained totally unaware of the threat. They all blamed virus for destroying their operating systems. No one could imagine that the antivirus softwares could be the cause.

The consequence was more and more people had to reinstall their Windows after scanning their computers for virus. Then, when too many users suffered from the damage, we knew it's our responsibility to let the community know about the problem.

In fact, Bkav didn't carry out the experiment on our own. IT reporters were invited to ensure the objectivity of the experiment.

There's an idea that this is an unfair PR exercise of Bkav. Many even think that the experiment result is not fair as Bkav the manufacturer of Bkav. What's your opinion?

Normally, Bkav releases warnings right after we discover the risks so as computer users can take precautions. This means Bkav should have warned the community about the "dark side" of antivirus softwares six months ago. However, because Bkav is also an antivirus software vendor, we had to keep the issue to ourselves. In case we wanted to PR our product, it wouldn't take so much time for us to come to the decision to alert the community.

A representative from one of the four antivirus software vendors included in Bkav's report said "I can't figure out how Bkav could decode the virus and then recover Windows' original file, and how they could develop a "talented key" to "open the packet, get rid of the virus then get the packet back to its original condition". What do you think about this statement?

It's simple. On analysing the rivus, our researchers found that the virus had hidden the computer's source code and encrypted it. We tried to work out the virus' encryption mode before designing module to decompile the code, and then restore the original file.

In my opinion, a person who has such statement can't be a tech-savvy individual.

In your experiment, why didn't Bkav install the antivirus softwares before infecting the computers with virus?

Let's compare virus infection in computers with flu in human beings. Vaccines help prevent flu. However, not all people have already had a flu vaccine injection despite this vaccine is now available. This means there are still many vulnerable to the disease. Once you have had flu, you have to kill the virus, so what you need is antibiotic, not vaccine. In other words, men need both prevention and cure.

Similarly, antivirus softwares need to be capable of preventing PCs from being infected with viruses (like vaccine) and capable of removing the viruses in case the virus has made its home in the PCs (like antibiotic). If a software is unable to clean a virus-infected computer, in practice it is a useless one. Computers, like human beings, need both vaccine and antibiotic. That's the reason why in our test, antivirus softwares were installed in virus-infected machines.

You may wonder that why Bkav's experiment didn't include tests on computers which are infected with viruses before the installation of antivirus softwares. The reason is, unlike the case of biological virus, once the software can detect and kill virus in the computer, certainly it is able to keep the virus "outside" the computer.

Some people claimed that they couldn't log into their computers after running Bkav?

We've heard of such claims and have looked at the problem. Actually, users often employ different kinds of softwares when their computers are infected with virus. In some cases, Bkav is installed together with another software. Then, when this software kills the virus and, at the same time, kills Windows, users might mistakenly blame Bkav for their computers' stoppage.

Experiments have proved that the files UserInit.exe, Explorer.exe and rpcss.dll have their original codes recovered after the scanning process with Bkav. This means that Bkav has the ability to detect and remove virus, get Windows back to its basic functioning.

Are there any viruses that Bkav is unable to kill?

Computer viruses, unlike biological viruses which are born beyond people's control, are created by humans. Hence, the combat against computer viruses is in fact the struggle among humans. There has been no time at which fails to kill any virus. Let's take Vetor as an example. Vector is a polymorphic virus originated in Germany nearly 2 years ago. Up to now, Bkav is the only software capable of killing Vetor without damaging the Windows.

Are you being overconfident to have such affirmation?

One year ago, we only aimed at controlling the domestic antivirus software market by making use of home advantage. At no time did I myself have the idea that Bkav's quality was better than those of world famous antivirus softwares.

Everyday we tested Bkav as well as the most popular antivirus softwares with all virus samples collected worldwide by our "honeypot" (300 virus families with 14,000 samples identified each day). These tests revealed that Bkav had a better quality than those softwares. We were surprised and couldn't think of the reason at that time.

The reasons are clear now. First, Bkav's experience in the field is as much as that of any other world leading antivirus software vendors (14 years of experience, from 1995). Second, there is a basic equality in the information technology area, in which the developed countries have no advantage over their developing friends. No special equipment is needed for one to become a specialist. Internetwork security specialists across the globe, including us in Bkav, all work on internet-connected computers and basic network equipments. Third, security specialists, like warriors, are supposed to be patient, and intelligent. These are all striking Vietnamese characteristics.

Furthermore, global virus situation has changed unpredictably. This year, the number of virus infected computers equals to that of last year. That's to see malware has become more and more nasty, forcing security vendors to change their strategic plans. Bkav is among few vendors to adjust strategic plans to the new situation.

Bkav is now available in 103 countries and territories and in Vietnam it enjoys about 10.5 million users.

We just try and do our best. No unreal ambition. But as we have doing our best, we've received more than what we expected. It's time for bigger objectives. Our biggest goal now is to introduce Bkav to global market in 2010.

How can Bkav accomplish its goal?

In 1995, I examined and, on my own, learnt to kill viruses. I wrote antivirus software to help people. When having any problems relating to virus, people called me for help.

I then asked my friends to join me. By 1997 – 1999, we were overloaded with requests from the community. I then was named "Mr. Promise" because of my failure to help all the people despite I really wanted, and promised, to give them a hand.

In 2000, Enterprise Law was enacted. Commercializing Bkav was the sole solution to improve Bkav's quality and service. One of the difficulties we encountered, however, was the disapproval of those who had been using the Bkav free. Some even saw Bkav's decision as a betrayal.

The difference between the free and commercial versions is that users get no onsite support and have to check for and install the updates manually when using the free version. Antivirus softwares need to be updated regularly; hence we couldn't deliver technical support to all BkavHome's users. Additionally, Bkav now employs more than 300 specialists (planned to reach about one thousand next year), so we need budget for training, waging as well as for reinvestment.

There are some people determining not to use Bkav. When they have trouble after using other antivirus softwares, they find and download Bkav, kill viruses and then delete the software. This really upsets us. Sometimes we think that Bkav is like the air we breathe in, despite the fact that it's vital to our life, many may not notice its existence as well as its importance. Things have changed, more and more users are installing BkavPro in their computers.

Today sees the third generation of computer viruses. Today's viruses have new forms, combine different kinds of malicious codes (rootkit, worm, trojan...), hide in nooks and crannies of your system. Additionally, virus writers' purposes are clear now, they create virus for gain. Their aims are to harvest passwords, personal information, credit card codes, or to send spam, etc. The fight against virus will never end.

Thank you!