App Review Security Software vs. Ransomware (Part 2)

[Alkajak]

Samples:
Cerber.exe VT: 8/52
Cerber2.exe VT: 15/55
Cerber3.exe VT: 18/52
CryptoFinancial.exe VT: 21/54
Locky.docm VT: 16/55
Locky2.js VT: 15/54
CryptXXX.dll 5/52

Products:
Bitdefender Internet Security 2016
Avast Free Antivirus
Zemana AntiMalware Premium
ESET Smart Security 9
Norton Security
Comodo Cloud Antivirus

 

[Captain Awesome]

Not happy with Avast! result it blocked CryptXXX.dll.Virus Alert - CryptXXX Ransomware Updated
Reply #2

 

[Der.Reisende]

Very nice vid, nice to watch, also great to see the sum up at the end of the video. Keep 'em coming! Thank you!

 

[Noxx]

Geez, Comodo Cloud took its dear little time, didn't it? Good test, and grats to ESET on the fine result.

 

[NullByte]

Very good, can you add Qihoo TSE in the next test

Thanks

 

[Cohen]

Amazing video. Glad to see how well ESET went in both parts.
Thanks for putting your time into making this.

 

[jamescv7]

Comodo AV primarily focus on their sandbox capabilities which honestly much better than rely fully much on signatures.

However it does not really mean all the time, of course balance protection still require to protect for possible payloads.


-----

ESET is indeed obvious survive the test, they follow strictly on fast response time landscape concept.

 

[frogboy]

Thanks for another test video, great to see Norton doing well a bit disappointed with ZAM and congrats to ESET.

 

[DJ Panda]

Not happy with Avast! result it blocked CryptXXX.dll.Virus Alert - CryptXXX Ransomware Updated
Reply #2

Sometimes you just got to give some time for results. I would expect unless very unlucky a regular user wouldn't stumble onto ransomeware until after its detected in a database. Like the disclaim!er said take it with a grain of salt.

 

[Alkajak]

Time is the main focus of these tests. It's a race for these vendors to add new malicious files to their databases ASAP. It's in that short period of time that people are infected and new ransomware variants are discovered.

 

[Solarlynx]

Good work! Please correct the final summary: Comodo Cloud AV context scan 1/7 (you wrote 0/7). As it follows from the comodo part of the video.

 

[Noxx]

Thanks for another test video, great to see Norton doing well a bit disappointed with ZAM and congrats to ESET.

I'm still shocked that ZAM did as well as it did against ransomware. But for ZAM not really being a traditional internet security unit, I give it credit for at least getting 6/7. Some would argue though that on-execution prevention is more valuable and ZAM tanked in that department. That's why I'd probably recommend ZAM users supplement with an anti-executable at this point.

 

[Deleted member 2913]

Amazing video. Glad to see how well ESET went in both parts.
Thanks for putting your time into making this.

If Eset not detects all in static scan then would be good to see how Eset proactive does.

 

[Deleted member 2913]

I wish you include Kaspersky.

Bd & Kas are neck to neck in almost all tests so will be like little comparison test against ransomware.

And also coz I use KIS 2016.

 

[hjlbx]

All that matters is whether or not a security solution will protect a system after a file has been executed.

Signature detection is so popular because it removes the User from the equation; install AV, push button, scan system, quarantine... false positive ?! Heeeeeyyyyy.... I don't know... I paid for it, isn't it working ???????????????????

 

[Noxx]

All that matters is whether or not a security solution will protect a system after a file has been executed.

Signature detection is so popular because it removes the User from the equation; install AV, push button, scan system, quarantine...

Yes, I tend to agree. I still like having a real-time malware prot just in case an anti-executable hiccups, though.

 

[Alkajak]

At the moment, I will not be adding any additional software or replacing any for this week's tests. All the products being tested are from the request thread.

BDIS2016 @Huracan
Avast Free (old member)
ZAMP @pablozi
ESS9 @Captain Awesome
NS @frogboy
CCAV @yesnoo @yigido

 

[Deleted member 2913]

At the moment, I will not be adding any additional software or replacing any for this week's tests. All the products being tested are from the request thread.

BDIS2016 @Huracan
Avast Free (old member)
ZAMP @pablozi
ESS9 @Captain Awesome
NS @frogboy
CCAV @yesnoo @yigido

When you posted the first video, I thought second video will come with other security software.

Looking forward to your tests...

 

[Alkajak]

When you posted the first video, I thought second video will come with other security software.

Looking forward to your tests...

Nope, maybe a product switch per week. 4 Locky samples were too small of a sample to say anything. Doing more new ransomware with the same products for now.

 

[Deleted member 2913]

Nope, maybe a product switch per week. 4 Locky samples were too small of a sample to say anything. Doing more new ransomware with the same products for now.

Yeah, a product switch per week is good, like you can switch CCAV & Zemana as AutoSandbox handles almost everything & Zemana is kinda supplementary to your primary security software.