Malware Research Group is happy to announce the completion of our latest test , Rogue Software Infection Prevention test.
Details regarding this test are available in our Malware Tests section as well as the full report which is available for download (PDF).
Malware Research Group
Welcome to our first test of the new decade!
In 2010, MRG will be conducting and publishing an increased number of product reviews, group tests and security articles. We hope our tests will allow readers to make more informed decisions concerning the choice and implementation of security products and that our articles will enlighten and spark interest in new areas of technology
To kick off our first new series of tests, we thought we would put Comodo Internet Security V4 Beta in the spotlight.
CIS 4 s one of the most talked about and eagerly anticipated applications of its type for some time. Because of the keen interest shown in CIS 4, we thought we would really put it to the test and pitch it against three apps that performed best in our labs during the past 12 months – these being A-SQUARED, Avira and G Data.
All four applications were tested against 10.000 of mixed samples in an On Demand test and also on a system with 15 live infections, to assess their effectiveness in cleaning a compromised PC.
Malware categories and amount of samples in each category (10.000 samples):
Trojans/Backdoors- 8.134
Worms- 795
Windows Viruses- 314
Other Malware- 757
(Adware/Spyware, Rogues, Rootkits)
List of malware samples used in Infected System Rescue test (names according to Kaspersky’s malware database):
Backdoor.Win32.Hupigon.dsx
Backdoor.Win32.Inject.dbw
Backdoor.Win32.NewRest.bc
Backdoor.Win32.Rbot.ahjq
Email.Worm.Win32.Gibon.bj
Trojan.Downloader.Win32.Adload.mhg
Trojan.Downloader.Win32.Agent.ctpc
Trojan.Downloader.Win32.Delf.wwk
Trojan.Downloader.Win32.FraudLoad.fip
Trojan.Dropper.Win32.Agent.bjbn
Trojan.Spy.Win32.Zbot.adhp
Trojan.Win32.Buzus.cqmk
Trojan.Win32.FraudPack.achf
Trojan.Win32.Refroso.xio
Trojan.Win32.Sasfis.uak
Both tests were performed using Windows XP Professional Service Pack 3
Program versions:
Results for the 10.000 samples On Demand scan test:
| Program | Samples missed | Detection ratio |
| A-SQUARED | 63 | 99.37% |
| G DATA | 92 | 99.08% |
| AVIRA | 97 | 99.03% |
| COMODO | 101 | 98.99% |
Results for Infected System Rescue test:
Successfully removed all 15 infections , only 1 harmless trace found in the registry.
Failed to remove the folowing samples, malicious traces found:
Backdoor.Win32.Inject.dbw
Failed to remove the folowing samples, malicious traces found:
Trojan.Win32.FraudPack.achf
Backdoor.Win32.Inject.dbw
Failed to remove the folowing samples, malicious traces found:
Backdoor.Win32.Hupigon.dsx
Backdoor.Win32.Inject.dbw
Conclusion:
COMODO Internet Security is still in Beta Phase but is already showing that it is able to compete with the Top Guns, we only hope that they improve the cleaning capabilities, we are plainning to test CIS V4 Beta in Real Time very soon.
Keep up the good work!
Malware Research Group
EMSI Software is working on version 5.0 of A-Squared Anti-Malware, and you can expect that EMSI will once again make something very special and make their users feel even safer.We will disclose more details soon.
COMODO Internet Security version 4 is in its BETA phase and and the entire COMODO team is working around a clock to finish one of the most awaited programs at this point. New AV engine, Sandbox, Improved Defense + are just a few things that will be introduced in version 4.
Malwarebytes’ Amti-Malware is a very popular security application, in the past few months MRG has received many requests to review this application and we have decided to do it.
We want to start by saying a few words about this product, Malwarebytes’ Anti-Malware ,or as commonly referred to as MBAM, is a product specially designed to give out extra level of protection as it works right next to your primary Anti-Malware application.
As this product is a complementary Anti-Malware application, the reviewing process is slightly changed to show full potential of this program.
We used Malwarebytes’ Anti-Malware 1.42 Professional with the signature database number 3425
The reviewing process had 5 stages:
Result of our reviewing process:
Conclusion:
Malwarebytes’ Anti-Malware is an extremely effective security application, it has many useful features one of which is IP blocking which works perfectly, real time protection is able to block samples which are not recognized by signature based detection (heuristic and IP). It showed us that it was more than capable of detecting, removing and blocking samples that are not being recognized by other security applications. The program is very simple to install and configure and we believe that even the lesser experienced users will not have any problems with configuration.
Overall, Malwarebytes’ Anti-Malware is doing exactly what it was designed to do, it is offering extra level of protection working right next to your primary Anti-Malware application of choice, we wish to highlight its real time blocking and malware removal capabilities.
We have just completed out latest project in preparations for our Project#22. We have combined 2 tests , On Demand Scan and Infected System Rescue, into one. In first part we used 1000 samples of malware and performed an On Demand scan test using seven Anti-Malware Applications:
a-squared Anti-Malware
AntiVir Premium
Bluepoint Security
Hitman Pro
Malwarebytes’ Anti-Malware
Prevx
SUPERAntiSpyware Professional
After we finished our On Demand scan test we performed another Infected System Rescue test, this time we infected the system with 15 samples of malware and attempted to clean all 15 infections with the same seven applications that were used in the On Demand Scan test. Each program had one attempt at cleaning the system.
The results are published in our Malware Tests section.
Feel free to make a comment or ask a question, a thread has been opened in our Forums.
Malware Research Group
There is no such thing as the best/perfect malware remover, but the closest thing you can get is a product which is able to detect and remove more then the others, Surfright developed a product , Hitman Pro, a Cloud based Malware Remover which is using multiple engines (Avira, A-SQUARED, G DATA , Nod32, Prevx) in their cloud to scan all suspicious files.
How does it work?
Hitman Pro will quickly scan your system (the scan takes from few seconds to few minutes) and identify suspicious files which will be compressed and uploaded to the cloud where they will be scanned by multiple engines and you will, in matter of seconds, know are the suspicious files indeed malicious or not. For each detected object you will be able to see which of the engines made the detection. Both detection and removal capabilities have been tested by the MRG team and we are pleased to say that this product is extremely effective when combating active infections as it is effective in detecting Zero-Day threats. There is no doubt about it, Hitman Pro is as close as it gets to malware removal perfection.
We will publish a fully detailed review of Hitman Pro soon.
One thing you need to pay attention to is that all Cloud based applications need active internet connection.
Hitman Pro is recommended by Malware Research Group
Hello everyone,
We would like to introduce the new section in our forums, MRG Videos.
In this section you will be able to see some of our tests, essentially zero day testing, so far we have completed 4 videos (IObit Security 360, BluePoint Security, A-SQUARED Anti-Malware and Avira AntiVir Premium). Many more videos are being prepared and will be added in upcoming days.
The videos are uploaded to youtube where you can make comments, you can also make suggestions for future videos both on our forums and youtube.
You can check out our existing videos in our forums , MRG Videos section.
Malware Research Group
Welcome to Project #3 of the MRG Ongoing Early Life Testing Project.
Project #3 uses 250 malware samples which we downloaded 24 hours before the test which was run on 14/11/09.
The applications tested are in three categories; cloud based Anti-Malware, traditional Anti-Malware and specialist complementary antimalware.
The cloud based Anti-Malware products were:
• Bluepoint Security 1.0.0.78
• Immunet Protect Beta 1.0.18
• Panda cloud 1.0
• Prevx 3.0.5.10
The traditional Anti-Malware products were:
• A-Squared Antimalware 4.5.0.27
• Avira AntiVir Premium 9.0.0.447
• GData 20.0.1.1
• Kaspersky Antivirus 9.0.0.736
• Microsoft Security Essentials 1.0.1611.0
• Nod32 4.0.468
The results of our Ongoing early life testing project#1 are published in our forums
Malware Research Group
Welcome to Project #2 of the MRG Ongoing Early Life Testing Project.
Project #2 uses 100 malware samples which we downloaded 24 hours before the test which was run on 07/11/09.
The applications tested are in three categories; cloud based Anti-Malware, traditional Anti-Malware and specialist complementary antimalware.
The cloud based Anti-Malware products were:
• Bluepoint Security 1.0.0.75
• Immunet Protect Beta 1.0.18
• Panda cloud Beta 3
• Prevx 3.0.5.10
The traditional antimalware products were:
• A-Squared Antimalware 4.5.0.27
• Avira AntiVir Premium 9.0.0.447
• GData 20.0.1.1
• Kaspersky Antivirus 9.0.0.736
• Microsoft Security Essentials 1.0.1611.0
• Nod32 4.0.468
The complementary antimalware products were:
• IOBit Security 360 1.20.10
• Malwarebytes Antimalware 1.41
The results of our Ongoing early life testing project#1 are published in our forums
Malware Research Group
