Exclusive material: Active Disinfection Test

Hi guys! :slight_smile:

Our independent security portal Anti-Malware.Ru performed a test of antivirus software for the successfulness of healing an active infection. The testers infected a computer with a virus, then tried to install the antivirus and heal the infection. The important thing is that by the moment of installing the system was already infected.

For those members who know Russian: you may read the original material here.

http://anti-malware.ru/index.phtml?part=tests&test=active_infection

For those who do not: I am currently translating the result table into English. It will be available soon.

Brief summary:

1st was Norton Antivirus 2007, who healed successfully 8 active infections of 10.

2nd was Kaspersky Anti-Virus 6.0, who disinfected 7 of 10 viruses.

3rd place was shared by
Avast! Professional Edition 4.7
Eset NOD32 Antivirus 2.7
Sophos Anti-Virus 6.0
BitDefender Antivirus 10
AVZ Antiviral Toolkit 4.21
, who healed successfully 5 of 10 infections.

The outsiders were

AVG Anti-Virus PE 7.5
McAfee VirusScan 2007
Panda Antivirus 2007
, whose result was 4 of 10,

and

Avira AntiVir СE 7.0
Dr.Web Anti-Virus 4.33
F-Secure Anti-Virus 2007
Trend Micro PC-Cillin 2007
VBA32 Antivirus 3.11

, who disinfected 3 of 10 viruses.

So the result of avast! is quite good, as you may see. It overcame many commercial products. Yes, the Pro version was tested, but the restrictions of Home do not affect the healing effectiveness. :slight_smile:

I can’t believe it! At least I though that Norton is the worst AV in the world!
NickGolovko, can you say names of tested viruses?

Norton has been the No.1 for file infectors for quiet some time. And still is. So don’t be so surprised.

File infectors… well, the test is for this particular infection.
For others (spyware, browser hijacking, etc.), the products sequence will be different.
Thanks for the info NickGolovko.

Tech, hello, it’s nice to see you :slight_smile:

Oh, yes, but NickGolovko didn’t say what are the viruses names :-\

Well you don’t have to be a rocket scientist to know that you can’t desinfect trojans or backdoors except by erasing them…

I’m not following you, can you rephrase? To whom are you saying this? ???

Hi NickGolovko,

Nice that I have translator add-on in Flock, and with Prompt as Translator Preferences, it comes up with this translated page on the fly:
http://www.online-translator.com/url/tran_url.asp?lang=en&url=http%3A%2F%2Fanti-malware.ru%2Findex.phtml%3Fpart%3Dtests%26test%3Dactive_infection&direction=re&template=General&cp1=NO&cp2=NO&autotranslate=on&psubmit2.x=62&psubmit2.y=11

Think there is not much wrong with this online translation on the fly, these automatic services getting better and better,

polonus

Hi, RejZoR! I don’t think you are right. I am not a rocket scientist, but I can use viruslist.com, some tools like avz and hijackthis to find and remove virus or another malware, if you are speaking about it.

Hi, polonus! My Opera says that page on this link is fraudulent… I don’t have any reasons to not believe it :frowning:
Besides, on pointed by NickGolovko link I see a new page with new test and new results, that is why I asked about viruses names…

If it’s not about file infectors, then someone should reconsider the meaning of word “desinfected” and “deleted/cleaned”. Because they DO NOT mean the same thing.

Oh, RejZoR, someone it’s me :slight_smile:
I don’t want to enter in dispute, but it was your words: “desinfect trojans or backdoors except by erasing them…”.
I think that “to erase” and “to delete” mean the same when we are talking about trojans or backdoors which can be only erased (or deleted, as you wish) because they are not file infectors. “To clean” in this case means something another. Thence conclusion - it’s you who said that “desinfected” and “deleted” (erased) are the same things, not me.

Feel free to quote that part. I never said that… you may also want to read and/or quote entire sentence, not just part of it. Yes, i said that trojans/backdoors cannot be desinfected. Only way to remove them is to erase/delete them. There are also some hybrids but we won’t go into those details here…