Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: AV Testing

01 Mar 2010   #61
Dinesh

Windows® 8 Pro (64-bit)
 
 

[QUOTE=thathagat;598632
hey dinesh it would be nice to know which engine detects the files in hitman pro[/QUOTE]
Avira, G Data and Prevx.


My System SpecsSystem Spec
.
05 Mar 2010   #62
Dinesh

Windows® 8 Pro (64-bit)
 
 

Today I installed XP in VM and then infected it badly, very badly. Then scanned it with Hitman Pro.
Here are the results.
AV Testing-capture.png


My System SpecsSystem Spec
05 Mar 2010   #63
polarbear

Windows 7 Home Premium 64-bit
 
 

I have been testing Avast! and MSE for a few months now running side by side... not many programs you can run side by side... hope to switch to just one shortly down the road... may just keep both for a few more months now... GL
My System SpecsSystem Spec
.

05 Mar 2010   #64
Pichu

Windows 7 Home Premium
 
 

Quote   Quote: Originally Posted by TheIgster View Post
Quote   Quote: Originally Posted by Jaxryley View Post
If they were really zero day then no AV would be detecting the samples at the time of finding them.
Well, perhaps our idea of zero day is different then. By that I mean they were listed links on various malware web sites found THAT day. These are not old links from weeks ago or anything. These were posted on that day on those sites as active threats that day.

Sorry guys, I don't have any screen shots. The testing was done and no video or screen shots were taken. Screens most likely would have been a good idea though. If I perform a test again, I will try to grab some. Problem is, it is easy to make a product look bad if you really want to, even with a screen shot.

While 15 links is not a huge sample, it is just that, a random sample of links that someone may or may not come across while surfing the Internet.

Listen, I'm not a professional by any means. This test was performed on my main system using Shadow Defender to simply start over again, uninstall the current AV and then install a new AV. After all the testing was done, I had imaged my system using the built-in Windows 7 image backup, so I simply put that image back on to be sure nothing was left behind.

I will add that in some more testing, Avast has not remained perfect (using other links found), but what Avast missed, my Malwarebytes Pro caught, so a layered approach is best in my opinion.
Would tend to disagree running multiple antivirus is suicide to your computer. What your avast missed would have been caught after the virus started becoming more prominent on your computer. How would you know whether those antivirus/antimalware are conflicting your computer?
My System SpecsSystem Spec
06 Mar 2010   #65
TheIgster

Windows 7 Home Premium 64-bit
 
 

Quote   Quote: Originally Posted by Pichu View Post
Would tend to disagree running multiple antivirus is suicide to your computer. What your avast missed would have been caught after the virus started becoming more prominent on your computer. How would you know whether those antivirus/antimalware are conflicting your computer?
I think you misunderstood. Layered approach in something that CAN run alongside an AV product such as MBAM, Prevx, etc. I am not saying people should run two AV products that are not meant to run alongside each other.
My System SpecsSystem Spec
06 Mar 2010   #66
TheIgster

Windows 7 Home Premium 64-bit
 
 

More testing done the other night with some of the same AV's to see if they keep performing along at the same pace, as well as some new ones that I had requests for. I used 15 brand new malware links. Most were links to .exe files including fake AV's, other rogues, and other various types of malware. All AV's were installed, allowed to update and set to the default settings. The only AV that anything was changed on was A-Squared, as it appeared by default, a couple of the shields were off for some reason, so they were turned on.

After each test, Malwarebytes was ran and updated and a fast scan was done. The results for each fast scan after each test are listed along with the tested AV. In some cases, files that were 'infected' were simply left behind files in the temporary folder. This doesn't seem like a big deal to me, but it may be to some. I personally use CC Cleaner all the time to clean temp folders out, so those files would be gone. Not sure why some of the AV's didn't simply delete those files, but they seem pretty harmless sitting in a temp folder and not running in memory or anything.

One of the surprises for me again was Avast. Caught everything and the only thing left behind was a registry key. Also, the new Trend Micro Titanium Beta. It stopped everything in it's tracks. I will say though the beta seems a little heavy to me. About 45MB of RAM and I did notice a bit of system slowdown, but it works very, very well for a beta, so maybe the drag on the system is worth it or maybe it's just because it's a beta. Kaspersky still did very well in reporting every single link, but three items were left behind in the temp folder. Again, not a big deal to me personally, as they would be deleted soon anyway and were not running in memory. It was the same with Vipre, which performed VERY well and only left behind three files in the temp folder.

I don't mean to offend anyone but BluePoint Security is not good. It did nothing. Their sell line is Revolutionizing Computer Security. If by that they mean, allowing every system to get completely infected, well, they have achieved their goal. Not sure what has happened to Nod32 as well. It didn't perform very well at all. Now, onto the results:

A-Squared Beta 5

Links Missed: 2/15
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 3
Registry Data Items Infected: 0
Folders Infected: 5
Files Infected: 19

Avast

Links Missed: 1/15
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

BluePoint Security

Links Missed: 15/15
Memory Processes Infected: 4
Memory Modules Infected: 1
Registry Keys Infected: 2
Registry Values Infected: 7
Registry Data Items Infected: 5
Folders Infected: 5
Files Infected: 29

Dr. Web

Links Missed: 2/15
Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 4
Registry Data Items Infected: 2
Folders Infected: 5
Files Infected: 18

F-PROT

Links Missed: 7/15
Memory Processes Infected: 2
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 4
Registry Data Items Infected: 5
Folders Infected: 3
Files Infected: 19

Kaspersky

Links Missed: 0/15
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3

Microsoft Security Essentials

Links Missed: 2/15
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 3
Registry Data Items Infected: 3
Folders Infected: 3
Files Infected: 15

ESET Nod32

Links Missed: 8/15
Memory Processes Infected: 2
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 4
Registry Data Items Infected: 5
Folders Infected: 5
Files Infected: 25

Trend Micro Titanium Beta

Links Missed: 0/15
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Vipre

Links Missed: 1/15
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3

Please keep in mind, I'm no pro and these are just small tests. All AV's could perform badly when only given some 15 links. These tests are just simple tests to see how each AV performs under these conditions.
My System SpecsSystem Spec
06 Mar 2010   #67
Pichu

Windows 7 Home Premium
 
 

I understand then. However, I wouldn't ever recommend to a user that they run two antiviruses together in any situation. Users don't need such security.

Nice security test by the way, I'm curious as to how you got your viruses to test with lol.

Also, for your security setup, I personally, think you should not run kaspersky with malwarebyte, with pc tools firewall, with shadow defender. What, are you paranoid or something? Just MSE is enough. Why don't you delete everything and only keep shadow defender? I'm curious. Why run four security software that obviously could possibly conflict with each other?
My System SpecsSystem Spec
06 Mar 2010   #68
TheIgster

Windows 7 Home Premium 64-bit
 
 

Quote   Quote: Originally Posted by Pichu View Post
I understand then. However, I wouldn't ever recommend to a user that they run two antiviruses together in any situation. Users don't need such security.

Nice security test by the way, I'm curious as to how you got your viruses to test with lol.

Also, for your security setup, I personally, think you should not run kaspersky with malwarebyte, with pc tools firewall, with shadow defender. What, are you paranoid or something? Just MSE is enough. Why don't you delete everything and only keep shadow defender? I'm curious. Why run four security software that obviously could possibly conflict with each other?
Well, as I've stated and it's been pretty much proven by the testing that I have done, running something like MBAM as well as Kaspersky allows me to ensure I'm pretty darn safe actually. If Kaspersky misses something (and it has), MBAM catches it. As for PC Tools Firewall Plus, well, it's a firewall, not an AV product. Shadow Defender is there, but not used all the time. I only enter Shadow Mode when I am going somewhere that I know may have some serious threats or I use it for testing. Having it on the entire time can cause issues when wanting to download and save things and especially when wanting to install something.

Edit: I would like to add as well, in the testing I have done, sorry, but MSE is not good enough. It has failed in many respects.
My System SpecsSystem Spec
06 Mar 2010   #69
Pichu

Windows 7 Home Premium
 
 

In my informal and completely possibly flawed test, I found that microsoft security essentials blocked a rogue antivirus that shadow defender missed, but of course, that is nowhere as professional as yours =).

I just wanted to suggest to you, that keeping such a layered protection can have negative consequences for your computer. This is simply my opinion but I do not want four different programs to scan every file on my computer even if they can work harmoniously together. It misses the point of less is more in windows 7. Yes, it is definitely possible that a virus that gets through one layer is blocked by another layer, so two layer approach is feasible but four layers of protection??!?! lol, im probably just overreacting, but you are being paranoid !!! I don't even think a fanatic like Dinesh, keeps so much to protect his computer??!! I can only imagine how much your cpu has to work and your disk has to thrash...

Note: I'm not criticizing, just suggesting.
My System SpecsSystem Spec
06 Mar 2010   #70
TheIgster

Windows 7 Home Premium 64-bit
 
 

Quote   Quote: Originally Posted by Pichu View Post
In my informal and completely possibly flawed test, I found that microsoft security essentials blocked a rogue antivirus that shadow defender missed, but of course, that is nowhere as professional as yours =).
What? Shadow Defender doesn't "miss" anything or "block" anything. It's not an AV product.

What is Shadow Defender ?

Quote:
Shadow Defender is an easy-to-use security solution (for Windows operating systems) that protects your PC/laptop real environment against malicious activity and unwanted changes.

Shadow Defender can run your system in a virtual environment called 'Shadow Mode'. 'Shadow Mode' redirects each system change to a virtual environment with no change to your real environment. If you experience malicious activity and/or unwanted changes, perform a reboot to restore your system back to its original state, as if nothing happened.
I've stated numerous times that I am not a "professional" and I simply do this for fun. Take from the tests what you will. I've stated how they are done and what happens exactly.

I have no slow down issues at all on my system running the security setup I have, but each to his own.
My System SpecsSystem Spec
Reply

 AV Testing




Thread Tools




Similar help and support threads
Thread Forum
Testing
Does it always take approval of a mod to get your post posted? when do you get elevated so it instantly posts? edit- i posted in the crash portion but it didnt get posted yet. is there different policy for each topic area? or is it because i am new?
Chillout Room
testing
just testing to see if i did this sig right or not
Chillout Room
testing a psu
just curious here, i havent got a problem but i was wondering is there some software to test a psu's useage? like how much power its using at any given time. i been thinking about this for years but never seemed to find anything
Hardware & Devices
Why are you testing Win 7?
Is it because you want to see how fast this new OS is? Gaming? Office and business applications? Just curious as to what's to come? Since this *will* be a new Windows OS, do you have anything to add for your reasons? As for me, I'm testing it to see how much malware we will see in the...
General Discussion


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 04:11.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App