CIS Froozen highly infected machine

And others;
http://rapidshare.com/files/169970686/EDGE.rar

say me. is it good/bad. i feel different.

 

Now

Test 3: Norton Antivirus 2009

 

Hey Guest.

Thanks for the test. Do you have any opinion about the cleanup procedure that you can share with us ?

Regards,

Jacques/Prevx

 

So did Norton do anything or not? I just see the startup.

It's very possible that only the Kaspersky GUI was closed, and you still could use the AV.

 

i can, with my past testing of it.

it requires far too many reboots, neccessary?

scan > find 'some' > reboot.

then scan > find 'some more' > reboot.

this can go on forever, as is shown in this test-thread aswell.

this is the only thing i dislike about the software so-far.

(even though i am aware that its highly unlikely that any of my machines that i use will ever be so-highly-infected anyway)

 

bad points;

1. Prevx EDGE requires internet connection, it is disadvantage on infected system. malware can be block internet. please look at attachment

2. every malware popup over the all security soft's popup. it is bad.

3. i dont like restart same as C.S.J. restart and restart again.

4. Some trace files cant be deleted or cant be catched

5. On demand scanner doesnt look like powerfull. please look at attachment


good points;

1. fast
2. light
3. better deletion than some av software
4. there is no any blue screen, crash

 

Norton removal.
screenshoots;

http://rapidshare.com/files/169996532/norton.rar

 

and test 4
Cure IT;

http://rapidshare.com/files/169998747/Cure_it.rar

 

Hey again,

Thanks for the test and feedback. I can see that the reboots can be an issue to usability, but in some cases this is needed especially in this case. It’s like eating away at a big mountain, bit by bit. I do appreciate that it can get frustrating. We will see what we can do to make this process simpler. On the other hand, I see we missed some things, which we will correct, but thanks again for taking the time to do this, as I am always keen to see how this experience is for others.

Also, we are working on doing a better job on the registry cleaning, so that is an upcoming improvement.

Regards,

Jacques

 

New test with GDATA.

screenshoot;
http://rapidshare.com/files/170008779/GDATA.rar

 

THE END

hi everybody.
my test are finished.
i wont test more.
i tested it only for fun. i am not virus makers, antivirus makers, virus analizer,...
this is my hobby.
i tested many software, i cant say they are good, they are bad.

there is not perfect software.

test machine is not normal for many normal user.
it is highly infected. reel life is different.

but removal problem is big problem many times.
many user sad that "my av alert me for virus, but it cant delete it"

this is important problem.
i hope av vendors know and interested it.


i must say;

1. thank you emsisoft for double scan technology. it is very good malware dedector. it is good removal but has some problems

with some malware.
2. Drive senty is interesting behavioral blocker, it must be tested again with different malware. but its dialog popup has a
less information for the malware.
3. micropoint is unstable.
4. prevx EDGE is good but too many restart, requires net connection, and some others disadvantage.
5. i hope comodo correct to problems and i can test again. i believe this project. thank you MELİH.
6. Avast boot scan is great.
7. Eset is very good removal for this test
8. All AV run (on the windows start) too late. malware can load faster than av.
9. Malware alert over the av alert.

Test metodology;
1. i downloaded vmware workstation.
2. installed winXP SP3 and updates
3. found some malware (random)
4. run malware in the test systems.
5. vmware snapshoot

6. run antivirus
7. report.

* i am not professional av testers, this test simulate normal av user.
* i uploaded all malware files to rapidshare, and sent all links to av vendors
* test is not easy job. i want to say thank you to all testers.

i enjoyed it. i hope you do.


hey djohn, open the new beer for me. joob is finished.

 

Re: THE END

Again, how did Norton compare with the others? I could only see the one screenshot, as the .rar was empty.

 

Can anyone post info on the Dr. Web Cure It scan test? I guess I reached my rapidshare free limit already.

thanks

 

Thank you Guest for your tests i hope you had fun makeing them ^^

 

i concur, good work may, interesting reads all around

 

Very interesting indeed.

Thanks for your efforts, guest

 

Thanks guest for testing much much appreciated.

 

Thanks Guest for the test.

I looked at the cureit snapshots.Can u pls give the results in your words.I cannot make out anything from the screen shots.

 

it isnt emty. download again.

i crashed. cant launch.

Thank you too. i hope everybody like it.

yeah. but it was heavy.
---
what is yours idea?
For tests? is it too heavy?
For software? it is successfully or ...?

 

Thanks again, Guest.

Just a heads up, on Norton 2009.Realtime and other components start kicking in after reboot only ( see remove-malware.com video also by Matt. Same issue).
Plus I think you should enable "early load" option for real-time scanner. Which will make its start before all malware.

 

Captain guest, great stuff steering the malware ship.

I noticed cureit crashed and norton wouldn't start. Prevx removed a number of threats, but suffered from a broken internet connection.

This is some great testing and your screenshots have shown the mayhem that results when a user downloads malware, which then bring along many of their friends.

You've tested the majority of popular products. How do you think ThreatFire would go, quarantining active processes, then running a scan with its integrated AV?

Maybe, when you have the time (although you've given up heaps of your time already), you could throw in a free combo, say ThreatFire (with its AV scan) + a SAS/MBAM scan! Hey, maybe they all won't start so my 'combo' idea is no good!

 

i tested it with default settings.
Many normal user dont know and use "early load".
i have no time for repeat testing, but may be later i can try again with enable this fuction.

 

it is a good idea. Infected machine Vs. Security Combo. But it is hard job. more time, more effort.

i think behavioral analizers mission are different. my machine is not good for this concept. Maybe i can test them with real dangerous virus, backdoor, rootkit.
Fake av vs Behavioral blocker is not true test.

 

All ok.

I think you showed that almost every product installed after a system has been infected will struggle with these new fake AVs and malware programs which seem to dig their roots in deep.

And the worrying part is, the majority of users don't even have the programs you tested installed in the first place. If they had any of the programs installed on a clean system to begin with, there would be a much better result/outcome.

Instead, most average day-to-day users seem to rely on not using any security programs, and later rush out to buy something after the system has gone bizerk, or thinking they won't have a problem because they have an AV, although its subscription and updates are dated/expired several months or years ago.

 

Sure