- Dec 22, 2015
- 148
Hey there, round two of my review collections. 
Facts to the tests:
Virtualization Software: Oracle VM VirtualBox
Operating System: Windows 10 Pro x64 Anniversary (Version 1607)
Sample-Set: 140 Samples, consisting of ransomware, self-extractors, windows/java script files and some ad-/riskware.
HitmanPro.Alert: Custom Setup - I enabled the BadUSB, which was disabled by default
Testing method: I extracted the malware samples to the desktop on running real time-protection of the antivirus-solution. After detecting and deleting by the anti-virus I scanned it manually by using the context-scan. After checking the detection-ratio I executed the rest of samples for checking the realtime-protection. Finally I scanned the system with HitmanPro and Zemana AntiMalware for checking if there are any rests of malware in the system folders.
AVG Antivirus 2016
Detection Ratio (On-Demand and On-Access): 135/140 - 96,4% (129 d, 6 b)
HitmanPro.Alert (not detected by AVG): 1
Total blocked (AVG + HMP.Alert): 136/140 - 97,1%
HitmanPro + Zemana Scanning Result after executing: Infected - HitmanPro cleaned up a system folder and registry and needed a restart for it.
Any picture, text or excel document infected/encrypted: No
Was the system usable after testing (reboot)?: Yes
Attempts to repair the system: Not needed
Would I recommend it?: Only for experienced users - for beginners it might be a bit too complicated
If I would know a beginner which is using AVG, I would recommend him to use a second opinion scanner.
AVG Antivirus Setup: Custom
Enabled "Report enhanced set of potentially unwanted applications"
Enabled "Scan inside archives" and changed the file type selection to "All"
ESET NOD32 Antivirus
Detection Ratio (On-Demand and On-Access): 135/140 - 96,4% (135 d)
HitmanPro.Alert (not detected by ESET): 1
Total blocked (ESET + HMP.Alert): 136/140 - 97,1%
HitmanPro + Zemana Scanning Result after executing: Clean system folders, found threats in samples folder
Any picture, text or excel document infected/encrypted: No
Was the system usable after testing (reboot)?: Yes
Attempts to repair the system: Not needed
Would I recommend it?: Yes - solid protection and very fast on removing threats
ESET NOD32 Antivirus-Setup: Custom
Enabled detection of potentially unwanted and unsafe applications
Enabled Device control
Activated "Advanced Heuristics/DNA signatures" (Real-Time)
Set the Cleaning level to Strict cleaning (Real-Time and Scan)
Enabled the document protection
Kaspersky Anti-Virus 2017
Detection Ratio (On-Demand and On-Access): 137/140 - 97,9% (132 d, 3 b, 2 b and d)
HitmanPro.Alert (not detected by Kaspersky): 1
Total blocked (Kaspersky + HMP.Alert): 138/140 - 98,6%
HitmanPro + Zemana Scanning Result after executing: Clean System folders, found threats in samples folder
Any picture, text or excel document infected/encrypted: No
Was the system usable after testing (reboot)?: Yes
Attempts to repair the system: Not needed
Would I recommend it?: Yes, a solid protection, but high consumption of resources when deleting malware. A bit annoying: Instead of blocking the malicious/malware links after executing the windows script files, Kaspersky should block the whole script. That would be better and would prevent 3000 upcoming notifications about bad links. Closing the "wscript.exe" will prevent further hits to bad links by the windows script file like seen on the video. But not every User knows it.
Kaspersky Anti-Virus Setup: Custom
set the Action on threat detection to "Delete" (File Anti-Virus)
set the Heuristic Analysis to "Medium Scan" (File Anti-Virus)
enabled "Scan installation packages" (File Anti-Virus)
disabled "Release resources to the operating system when the computer starts" (Performance)
set the security level to "High" (Scan)
enabled "Detect other software that can be used by criminals to damage your computer or personal data" (Threats and Exclusions)
d=deleted, b=blocked
Facts to the tests:
Virtualization Software: Oracle VM VirtualBox
Operating System: Windows 10 Pro x64 Anniversary (Version 1607)
Sample-Set: 140 Samples, consisting of ransomware, self-extractors, windows/java script files and some ad-/riskware.
HitmanPro.Alert: Custom Setup - I enabled the BadUSB, which was disabled by default
Testing method: I extracted the malware samples to the desktop on running real time-protection of the antivirus-solution. After detecting and deleting by the anti-virus I scanned it manually by using the context-scan. After checking the detection-ratio I executed the rest of samples for checking the realtime-protection. Finally I scanned the system with HitmanPro and Zemana AntiMalware for checking if there are any rests of malware in the system folders.
AVG Antivirus 2016
Detection Ratio (On-Demand and On-Access): 135/140 - 96,4% (129 d, 6 b)
HitmanPro.Alert (not detected by AVG): 1
Total blocked (AVG + HMP.Alert): 136/140 - 97,1%
HitmanPro + Zemana Scanning Result after executing: Infected - HitmanPro cleaned up a system folder and registry and needed a restart for it.
Any picture, text or excel document infected/encrypted: No
Was the system usable after testing (reboot)?: Yes
Attempts to repair the system: Not needed
Would I recommend it?: Only for experienced users - for beginners it might be a bit too complicated
If I would know a beginner which is using AVG, I would recommend him to use a second opinion scanner.
AVG Antivirus Setup: Custom
Enabled "Report enhanced set of potentially unwanted applications"
Enabled "Scan inside archives" and changed the file type selection to "All"
ESET NOD32 Antivirus
Detection Ratio (On-Demand and On-Access): 135/140 - 96,4% (135 d)
HitmanPro.Alert (not detected by ESET): 1
Total blocked (ESET + HMP.Alert): 136/140 - 97,1%
HitmanPro + Zemana Scanning Result after executing: Clean system folders, found threats in samples folder
Any picture, text or excel document infected/encrypted: No
Was the system usable after testing (reboot)?: Yes
Attempts to repair the system: Not needed
Would I recommend it?: Yes - solid protection and very fast on removing threats
ESET NOD32 Antivirus-Setup: Custom
Enabled detection of potentially unwanted and unsafe applications
Enabled Device control
Activated "Advanced Heuristics/DNA signatures" (Real-Time)
Set the Cleaning level to Strict cleaning (Real-Time and Scan)
Enabled the document protection
Kaspersky Anti-Virus 2017
Detection Ratio (On-Demand and On-Access): 137/140 - 97,9% (132 d, 3 b, 2 b and d)
HitmanPro.Alert (not detected by Kaspersky): 1
Total blocked (Kaspersky + HMP.Alert): 138/140 - 98,6%
HitmanPro + Zemana Scanning Result after executing: Clean System folders, found threats in samples folder
Any picture, text or excel document infected/encrypted: No
Was the system usable after testing (reboot)?: Yes
Attempts to repair the system: Not needed
Would I recommend it?: Yes, a solid protection, but high consumption of resources when deleting malware. A bit annoying: Instead of blocking the malicious/malware links after executing the windows script files, Kaspersky should block the whole script. That would be better and would prevent 3000 upcoming notifications about bad links. Closing the "wscript.exe" will prevent further hits to bad links by the windows script file like seen on the video. But not every User knows it.
Kaspersky Anti-Virus Setup: Custom
set the Action on threat detection to "Delete" (File Anti-Virus)
set the Heuristic Analysis to "Medium Scan" (File Anti-Virus)
enabled "Scan installation packages" (File Anti-Virus)
disabled "Release resources to the operating system when the computer starts" (Performance)
set the security level to "High" (Scan)
enabled "Detect other software that can be used by criminals to damage your computer or personal data" (Threats and Exclusions)
d=deleted, b=blocked
Last edited:
