- May 3, 2013
- 82
MRG Effitas Laboratory published the results of dynamic testing of antiviruses "360 Assessments" for the fourth quarter (Q4) 2017. Testing was conducted on Windows OS 10 64-bit in conditions close to real with a full range of threats
Dynamic testing "360 Assessments" by an independent laboratory shows MRG Effitas antivirus capabilities protect against real threats. Also, if the system has been infected, it is measured by the time required to detect and eliminate the consequences of infection.
The methodology used is close to the actual use of anti-virus programs on the average system, and allows you to give a realistic assessment of the security capabilities of the product.
MRG Effitas specialists take into account the peculiarity that many anti-virus software can detect infection only during reset / startup, or if the scan was set to the default schedule. To estimate the detection time used methodology based on the fact that the infected system reboots once during the 24-hour period.
Test the name "360 Assessments" due to the fact that the test was carried out with the full spectrum of malware, not only with financial threats. Used for testing trojans, trojans, backdoors, coders, financial malware and other malicious samples.
test methodology
Useful examples of malicious
A total of 322 were used active "In the Wild" sample, including: Trojans (149) Trojans backdoor (68), financial malware (80), coders (18) and others (7).
Test results
Missed and blocked samples
blocks auto - automatic locking threats, behaviour block - behavioral locking by proactive protection, block in 24h - blocking for 24 hours, fail - missed threats
Missed and blocked samples (additional security tools)
Lock cryptographers (ransomware)
Lock financial threats
Blocking of potentially unwanted programs (PUP)
Certification MRG Effitas
Pass
Only those antivirus software / tools receive a certificate "MRG Effitas 360 Assessment" for the 4th quarter 2017:
Level 1 . All threats detected at the first execution, via proactive defense or within 24 hours.
Other security products could not detect all the threats and eliminate the infection in the system during testing.
A full report can be found at this link .
Dynamic testing "360 Assessments" by an independent laboratory shows MRG Effitas antivirus capabilities protect against real threats. Also, if the system has been infected, it is measured by the time required to detect and eliminate the consequences of infection.
The methodology used is close to the actual use of anti-virus programs on the average system, and allows you to give a realistic assessment of the security capabilities of the product.
MRG Effitas specialists take into account the peculiarity that many anti-virus software can detect infection only during reset / startup, or if the scan was set to the default schedule. To estimate the detection time used methodology based on the fact that the infected system reboots once during the 24-hour period.
Test the name "360 Assessments" due to the fact that the test was carried out with the full spectrum of malware, not only with financial threats. Used for testing trojans, trojans, backdoors, coders, financial malware and other malicious samples.
test methodology
detailed information
1. Operating System Windows 10 64-bit installed on a virtual machine. The system installed Adobe Flash, Reader, Java, Microsoft Office 2010, Microsoft Edge and VLC Player. All Microsoft components are fully upgraded, and all third-party components are out of date by three months.
2. Create an image of the operating system.
3. A copy of the system image is created for each of the test product.
4. Individual security applications installed with default settings (if security options from the EOR is included) on each system created at step 3, and then, if necessary, updated.
5. A copy system after completing step 4.
6. Conduct testing. Loading malware sample on active URL-link with Microsoft Edge browser on the desktop, after Microsoft Edge closing is performed sample run.
7. The test is passed on the following criteria:
a) security application disables URL-link, on which the sample is located, thus preventing it from loading.
b) security application detects the sample until it is downloaded to the desktop.
d) the sample application security detects when executed according to the following criterion:
- Anti-Virus detects as malicious sample and then either automatically blocks it or suspend its execution, and notifies the user, without running it and waiting for user solutions.
8. The test is considered failed on the following criteria:
a) security application is not able to detect the pattern of all the conditions of paragraph 7.
9. Test on the infected system continues for 24 hours by the following process:
a) Reboot the system is performed once in a 24-hour period, exactly 12 hours after infection system.
10. The ability of anti-virus recover the infected system by manually checking the state of the system as compared to its original state, and not with the help of anti-virus scan with the most security products.
11. In the process of testing all the systems have Internet access.
12. All security programs have full functionality in unregistered versions or versions, registered anonymously, without any connection with the MRG Effitas.
13. All tests were conducted in the 3rd quarter of 2017.
14. The test does not provide for compulsory launch of scanners, so in order to prevent threats to the tested products can use a variety of proprietary technologies detect and eliminate malware, including background scanning, scanning at system startup, scheduled scanning, monitoring, etc. Scheduled Scan has been used, only if it has been enabled by default.
1. Operating System Windows 10 64-bit installed on a virtual machine. The system installed Adobe Flash, Reader, Java, Microsoft Office 2010, Microsoft Edge and VLC Player. All Microsoft components are fully upgraded, and all third-party components are out of date by three months.
2. Create an image of the operating system.
3. A copy of the system image is created for each of the test product.
4. Individual security applications installed with default settings (if security options from the EOR is included) on each system created at step 3, and then, if necessary, updated.
5. A copy system after completing step 4.
6. Conduct testing. Loading malware sample on active URL-link with Microsoft Edge browser on the desktop, after Microsoft Edge closing is performed sample run.
7. The test is passed on the following criteria:
a) security application disables URL-link, on which the sample is located, thus preventing it from loading.
b) security application detects the sample until it is downloaded to the desktop.
d) the sample application security detects when executed according to the following criterion:
- Anti-Virus detects as malicious sample and then either automatically blocks it or suspend its execution, and notifies the user, without running it and waiting for user solutions.
8. The test is considered failed on the following criteria:
a) security application is not able to detect the pattern of all the conditions of paragraph 7.
9. Test on the infected system continues for 24 hours by the following process:
a) Reboot the system is performed once in a 24-hour period, exactly 12 hours after infection system.
10. The ability of anti-virus recover the infected system by manually checking the state of the system as compared to its original state, and not with the help of anti-virus scan with the most security products.
11. In the process of testing all the systems have Internet access.
12. All security programs have full functionality in unregistered versions or versions, registered anonymously, without any connection with the MRG Effitas.
13. All tests were conducted in the 3rd quarter of 2017.
14. The test does not provide for compulsory launch of scanners, so in order to prevent threats to the tested products can use a variety of proprietary technologies detect and eliminate malware, including background scanning, scanning at system startup, scheduled scanning, monitoring, etc. Scheduled Scan has been used, only if it has been enabled by default.
Test antivirus
We used the following anti-virus software with the latest version at the time of testing:
Antivirus Version
Avast Internet Security 17.9.2322
AVG Internet Security 17.9.3040
Avira Internet Security 15.0.34.16
Bitdefender Internet Security 2018 22.0.18.224
ESET NOD32 Smart Security 11.0.159.0
Kaspersky Internet Security 2018 18.0.0.405 (f)
Malwarebytes Anti-Malware* 3.3.1.2183
Microsoft "Защитник Windows" 4.12.16299.15
Microsoft "Защитник Windows" + SmartScreen 4.12.16299.15
Panda Internet Security 17.0.1
SurfRight Hitman Pro* 3.7.20.286
Symantec Norton Security 22.12.0.104
ThreatTrack VIPRE Advanced Security 10.1.4.33
Trend Micro Maximum Security 12.0.1226
Watchdog Anti-Malware * 2.72.186.426
Webroot SecureAnywhere AntiVirus 9.0.19.43
Zemana AntiMalware* 2.74.2.150
* Malwarebytes AntiMalware, Surfright HitmanPro, Watchdog AntiMalware Zemana AntiMalware and are optional anti-virus tools. HitmanPro does not protect in real time and has been tested only when scanning "on demand".
We used the following anti-virus software with the latest version at the time of testing:
Antivirus Version
Avast Internet Security 17.9.2322
AVG Internet Security 17.9.3040
Avira Internet Security 15.0.34.16
Bitdefender Internet Security 2018 22.0.18.224
ESET NOD32 Smart Security 11.0.159.0
Kaspersky Internet Security 2018 18.0.0.405 (f)
Malwarebytes Anti-Malware* 3.3.1.2183
Microsoft "Защитник Windows" 4.12.16299.15
Microsoft "Защитник Windows" + SmartScreen 4.12.16299.15
Panda Internet Security 17.0.1
SurfRight Hitman Pro* 3.7.20.286
Symantec Norton Security 22.12.0.104
ThreatTrack VIPRE Advanced Security 10.1.4.33
Trend Micro Maximum Security 12.0.1226
Watchdog Anti-Malware * 2.72.186.426
Webroot SecureAnywhere AntiVirus 9.0.19.43
Zemana AntiMalware* 2.74.2.150
* Malwarebytes AntiMalware, Surfright HitmanPro, Watchdog AntiMalware Zemana AntiMalware and are optional anti-virus tools. HitmanPro does not protect in real time and has been tested only when scanning "on demand".
Useful examples of malicious
A total of 322 were used active "In the Wild" sample, including: Trojans (149) Trojans backdoor (68), financial malware (80), coders (18) and others (7).
Test results
Missed and blocked samples
blocks auto - automatic locking threats, behaviour block - behavioral locking by proactive protection, block in 24h - blocking for 24 hours, fail - missed threats
Missed and blocked samples (additional security tools)
Lock cryptographers (ransomware)
Lock financial threats
Blocking of potentially unwanted programs (PUP)
Certification MRG Effitas
Pass
Only those antivirus software / tools receive a certificate "MRG Effitas 360 Assessment" for the 4th quarter 2017:
Level 1 . All threats detected at the first execution, via proactive defense or within 24 hours.
- Avira Internet Security
- Avast Internet Security
- Bitdefender Internet Security
- ESET NOD32 Smart Security
- Kaspersky Internet Security
- Symantec Norton Security
- Trend Micro Maximum Security
Other security products could not detect all the threats and eliminate the infection in the system during testing.
A full report can be found at this link .
Last edited:
