Anti-malware.ru, treatment of active infections (July 2011)

Discussion in 'other anti-virus software' started by 3x0gR13N, Jul 29, 2011.

Thread Status:
Not open for further replies.
  1. 3x0gR13N

    3x0gR13N Registered Member

    Joined:
    May 1, 2008
    Posts:
    754
    Link to test: http://www.anti-malware.ru/malware_treatment_test_2011
    Test performed 29. July.
    Internet security products tested against active infections.
    Malware used:
    1. TDL (TDSS, Alureon, Tidserv)
    2. Koutodoor
    3. Win32/Glaze
    4. Sinowal (Mebroot)
    5. Rootkit.Protector (Cutwail, Pandex)
    6. Worm.Rorpian
    7. Rootkit.Podnuha (Boaxxe)
    8. Virus.Protector (Kobcka, Neprodoor)
    9. Rustock (Bubnix)
    10. Email-Worm.Scano (Areses)
    11. SST (DNSChanger, FakeAV)
    12. SubSys (Trojan.Okuks)
    13. Rootkit.Pakes (synsenddrv, BlackEnergy)
    14. TDL2 (TDSS, Alureon, Tidserv)
    15. TDL3 (TDSS, Alureon, Tidserv)
    16. TDL4 (TDSS, Alureon, Tidserv) *
    17. Xorpix (Eterok)
    *TDL4 tested on 64bit Win 7 as well as on 32bit XP.

    XLS file attached at the end of the report contains additional information about the samples used.

    Google translate: http://translate.google.com/transla...w.anti-malware.ru/malware_treatment_test_2011

    First three competitors:
    1. Kaspersky Internet Security 2011 (100%)
    2. Dr.Web Security Space 6.0 (94%)
    3. Avast! Internet Security 6.0 (53%)
     
  2. gery

    gery Registered Member

    Joined:
    Mar 8, 2008
    Posts:
    1,786
    Hello o_O o_O o_O o_O
     
  3. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,856
    Something tells me the samples are heavily Russian regional based.
     
  4. 3x0gR13N

    3x0gR13N Registered Member

    Joined:
    May 1, 2008
    Posts:
    754
    As the test is about treatment of infections, malware droppers were sent (anonymously) to vendors to make sure they actually know about them (you cannot cure what you don't know about, rendering the test useless).
     
  5. carat

    carat Guest

    Well done GData :D
     
  6. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
  7. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    kudos to Dr Web.:thumb:

    Ok, if rigged, take the top 2 out of the equation and look at how the others handled these so called Russian malware. It still tells a tale of where some are investing their ability. Even MSE did respectable considering how non-legit you claim this is. Kudos to Avast to.:thumb:
     
  8. Narxis

    Narxis Registered Member

    Joined:
    Jun 10, 2009
    Posts:
    477
    Kaspersky is great!:cool:
     
  9. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    The message is don't get infected, especially with rootkits.

    Avast did well, because it uses GMER. Dr.Web did great as before. Kaspersky kinda surprised me. Everyone under bronze is somewhat unexpected.
     
  10. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,052
    Location:
    USA
    Kaspersky is certainly on a roll this year. I'm going to have to put it back on again. Too bad I run something for about a week or 2 before I get bored and load something else. o_O
     
  11. Nevis

    Nevis Registered Member

    Joined:
    Aug 28, 2010
    Posts:
    786
    Location:
    255.255.255.255
    based on just 17 samples :doubt:

    anyways, congrats kaspersky
     
  12. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    What do you expect out of active infections?
     
  13. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    That's nice. But detection of active infections is definitely not what I look for first in security software.

    Still, Kudos to kaspersky.
     
  14. Kernelwars

    Kernelwars Registered Member

    Joined:
    Aug 12, 2010
    Posts:
    2,155
    Location:
    TX
    well done dr. web:D
     
  15. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    The test is not about detection, rather about treatment or cure which I think is really important if you are going to use it in an infected system. I know everyone might say that it is not wise to install an AV in an infected PC but this is what common users do.
     
  16. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Detection, removal, repair, whatever. It's a nice thing to have in an antivirus but I'd much prefer it be able to prevent infection.
     
  17. GrammatonCleric

    GrammatonCleric Registered Member

    Joined:
    Jan 8, 2009
    Posts:
    372
    I am sorry but I call *COUGH bullcrap COUGH*.

    The owner of that review site works for Kaspersky Marketing :)

    IlyaShabanov
    Founder and Managing Partner at Anti-Malware Test Lab Russian Federation | Computer & Network Security Current: Founder and Managing Partner at Anti-Malware Test Lab Past: Head of Marketing Research at InfoWatch, Marketing Audit Manager at Kaspersky Lab, Senior Marketing Researcher at Kaspersky Lab


    http://www.linkedin.com/pub/dir/Ilya/Shabanov






    ~Off topic comment removed~
     
    Last edited by a moderator: Jul 30, 2011
  18. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Doesn't Kaspersky always get the first position in all tests made by Anti-malware.ru :shifty:
     
  19. SLE

    SLE Registered Member

    Joined:
    Jun 30, 2011
    Posts:
    361
    Ah. And thats why the test is wrong? Weak argument.
    And many other guys from russian security vendors are on anti-malware.ru too...shocking? Russian experts on a russian site...strange world :)

    Do it for yourself and look for similar sample types...
    I played a month ago with a few TDL Samples - in my amateurish test Kasperksy was able to clean, HitmanPro was, Dr. Web was...others I tested: not.

    To say prevention is better than cleaning is ok. To have problems with cleaning at all, ok too.
    But nevertheless: When it comes to cleaning this test has some value and is still interesting.

    Wrong too. Some simple research on Anti-malware.ru website and you can answer your question.
     
    Last edited: Jul 30, 2011
  20. Rampastein

    Rampastein Registered Member

    Joined:
    Oct 16, 2009
    Posts:
    290
    Although I've known that Kaspersky and Dr. Web have effective cleaning capabilities, it's surprising to see such a gap between them and the other products. I guess it'd be much more even if there were more samples.
    Doesn't seem so, looking at their performance test: http://www.anti-malware-test.com/?q=node/167
     
  21. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Last edited: Jul 30, 2011
  22. PJC

    PJC Very Frequent Poster

    Joined:
    Feb 17, 2010
    Posts:
    2,959
    Location:
    Internet
    I wonder why...:rolleyes:
    OR shouldn't I? :D
     
  23. Jose_Lisbon

    Jose_Lisbon Registered Member

    Joined:
    Feb 5, 2010
    Posts:
    245
    Location:
    Portugal
    A test where Dr.Web gets 94% and Emsisoft gets 18% is not to be taken seriously.
     
  24. SLE

    SLE Registered Member

    Joined:
    Jun 30, 2011
    Posts:
    361
    Why? I miss the argument...

    Emsisoft is great in detection in curing - there are better ones. (also EAM v6 beta makes some improvements here). Dr.Web was always known as good in curing...
     
  25. icr

    icr Registered Member

    Joined:
    Sep 6, 2008
    Posts:
    1,588
    Location:
    Mumbai
    Well those just 17 samples are common and also most dangerous ones out there;)
     
Loading...
Thread Status:
Not open for further replies.