- Dec 22, 2015
- 148
Round three. Four free programs were tested. Have fun 
Facts to the tests:
Virtualization Software: Oracle VM VirtualBox & VMware Workstation (needed to switch, Vbox crashed with Avast)
Operating System: Windows 10 Pro x64 Anniversary (Version 1607)
Sample-Set: 140 Samples, consisting of ransomware, self-extractors, windows/java script files and some ad-/riskware.
HitmanPro.Alert: Custom Setup - I enabled the BadUSB, which was disabled by default
Testing method: I extracted the malware samples to the desktop on running real time-protection of the antivirus-solution. After detecting and deleting by the anti-virus I scanned it manually by using the context-scan. After checking the detection-ratio I executed the rest of samples for checking the realtime-protection. Finally I scanned the system with HitmanPro and Zemana AntiMalware for checking if there are any rests of malware in the system folders.
avast! Free Antivirus
Detection Ratio (On-Demand and On-Access): 137/140 - 97,9% (133 d, 4 b and d)
HitmanPro.Alert (not detected by Avast): 1
Total blocked (Avast + HMP.Alert): 138/140 - 98,6%
HitmanPro + Zemana Scanning Result after executing: Clean - Zemana found one threat in samples folder. But it seems to be a false positive (0 detections on VirusTotal)
Any picture, text or excel document infected/encrypted: No
Was the system usable after testing (reboot)?: Yes
Attempts to repair the system: Not needed
Would I recommend it?: Yes - protected the system solid. It wasn't the fastest on threat removing but very fast for a freeware. Well done avast!
Avast Free Antivirus-Setup: Custom
Enabled "Scan for potentially unwanted programs (PUPs)" (General)
Enabled "Scan all files" (Components->Scan when opening and Scan when writing)
Disbaled "Do not scan verified system DLLs" (Components->Advanced)
Set the action on detected threats to "Move to Chest" (Components->Actions)
Selected "All packers" (Components->Packers)
Set the Suspicious behavior (HIPS) sensitivity to medium (Components->Sensitivity)
Avira Free Antivirus
Detection Ratio (On-Demand and On-Access): 138/140 - 98,6% (138 d)
HitmanPro.Alert (not detected by Avast): 0
Total blocked (Avast + HMP.Alert): 138/140 - 98,6%
HitmanPro + Zemana Scanning Result after executing: Clean system folders, found threats in samples folder
Any picture, text or excel document infected/encrypted: No
Was the system usable after testing (reboot)?: Yes
Attempts to repair the system: Not needed
Would I recommend it?: Yes. A strong detection ratio but very slow on deleting/moving threats. So you need time and much cups of coffee with it
Avira Free Antivirus-Setup: Custom
Enabled "Integrity checking of system files" (System-Scanner)
Enabled "Follow symbolic links" (System-Scanner)
Set the area to scan to "All files" (System-Scanner)
Changed the "Action on detection" to Quarantine (System-Scanner)
Selected all "All archive types" (System-Scanner)
Microsoft Windows Defender
Detection Ratio (On-Demand and On-Access): 134*/140 - 95,7% (132 d, 1 b, 1 b and d)
HitmanPro.Alert (not detected by Windows Defender): 1
Total blocked (WD + HMP.Alert): 135/140 - 96,4%
HitmanPro + Zemana Scanning Result after executing: Infected - Threats found in samples and system folder
Any picture, text or excel document infected/encrypted: No
Was the system usable after testing (reboot)?: Yes
Attempts to repair the system: Not needed
Would I recommend it?: Only for experienced Users - The Windows Defender left a rest of malware which was not detected. Maybe together with one or two second opinion scanners the detection ratio could be strong enough. Furthermore the Windows Defender needs a long time for destroying Malware. It also needs much resources for it.
Windows Defender Setup: Default
*1 file seems to be a false positive or for an older version of ms word (.rtf-file)
Qihu 360 Total Security
Detection Ratio (On-Demand and On-Access): 138/140 - 98,6% (138 d)
HitmanPro.Alert (not detected by 360 TS): 1
Total blocked (360 + HMP.Alert): 139/140 - 99,3%
HitmanPro + Zemana Scanning Result after executing: Clean - Zemana found one threat in samples folder. But it seems to be a false positive (0 detections on VirusTotal)
Any picture, text or excel document infected/encrypted: No
Was the system usable after testing (reboot)?: Yes
Attempts to repair the system: Not needed
Would I recommend it?: Yes, one of the best protection with very good engines (BitDefender and Avira) you can get for free. It's also very fast on removing threats and easy to handle.
360 Total Security-Setup: Custom
Installed the Avira Engine and activated Avira on Protection
Changed "File type to be monitored" to "All files" (Active Protection)
Enabled blocking of PUPs
Activated Scanning of compressed files (Virus Scan)
b=blocked, d=deleted
Facts to the tests:
Virtualization Software: Oracle VM VirtualBox & VMware Workstation (needed to switch, Vbox crashed with Avast)
Operating System: Windows 10 Pro x64 Anniversary (Version 1607)
Sample-Set: 140 Samples, consisting of ransomware, self-extractors, windows/java script files and some ad-/riskware.
HitmanPro.Alert: Custom Setup - I enabled the BadUSB, which was disabled by default
Testing method: I extracted the malware samples to the desktop on running real time-protection of the antivirus-solution. After detecting and deleting by the anti-virus I scanned it manually by using the context-scan. After checking the detection-ratio I executed the rest of samples for checking the realtime-protection. Finally I scanned the system with HitmanPro and Zemana AntiMalware for checking if there are any rests of malware in the system folders.
avast! Free Antivirus
Detection Ratio (On-Demand and On-Access): 137/140 - 97,9% (133 d, 4 b and d)
HitmanPro.Alert (not detected by Avast): 1
Total blocked (Avast + HMP.Alert): 138/140 - 98,6%
HitmanPro + Zemana Scanning Result after executing: Clean - Zemana found one threat in samples folder. But it seems to be a false positive (0 detections on VirusTotal)
Any picture, text or excel document infected/encrypted: No
Was the system usable after testing (reboot)?: Yes
Attempts to repair the system: Not needed
Would I recommend it?: Yes - protected the system solid. It wasn't the fastest on threat removing but very fast for a freeware. Well done avast!
Avast Free Antivirus-Setup: Custom
Enabled "Scan for potentially unwanted programs (PUPs)" (General)
Enabled "Scan all files" (Components->Scan when opening and Scan when writing)
Disbaled "Do not scan verified system DLLs" (Components->Advanced)
Set the action on detected threats to "Move to Chest" (Components->Actions)
Selected "All packers" (Components->Packers)
Set the Suspicious behavior (HIPS) sensitivity to medium (Components->Sensitivity)
Avira Free Antivirus
Detection Ratio (On-Demand and On-Access): 138/140 - 98,6% (138 d)
HitmanPro.Alert (not detected by Avast): 0
Total blocked (Avast + HMP.Alert): 138/140 - 98,6%
HitmanPro + Zemana Scanning Result after executing: Clean system folders, found threats in samples folder
Any picture, text or excel document infected/encrypted: No
Was the system usable after testing (reboot)?: Yes
Attempts to repair the system: Not needed
Would I recommend it?: Yes. A strong detection ratio but very slow on deleting/moving threats. So you need time and much cups of coffee with it
Avira Free Antivirus-Setup: Custom
Enabled "Integrity checking of system files" (System-Scanner)
Enabled "Follow symbolic links" (System-Scanner)
Set the area to scan to "All files" (System-Scanner)
Changed the "Action on detection" to Quarantine (System-Scanner)
Selected all "All archive types" (System-Scanner)
Microsoft Windows Defender
Detection Ratio (On-Demand and On-Access): 134*/140 - 95,7% (132 d, 1 b, 1 b and d)
HitmanPro.Alert (not detected by Windows Defender): 1
Total blocked (WD + HMP.Alert): 135/140 - 96,4%
HitmanPro + Zemana Scanning Result after executing: Infected - Threats found in samples and system folder
Any picture, text or excel document infected/encrypted: No
Was the system usable after testing (reboot)?: Yes
Attempts to repair the system: Not needed
Would I recommend it?: Only for experienced Users - The Windows Defender left a rest of malware which was not detected. Maybe together with one or two second opinion scanners the detection ratio could be strong enough. Furthermore the Windows Defender needs a long time for destroying Malware. It also needs much resources for it.
Windows Defender Setup: Default
*1 file seems to be a false positive or for an older version of ms word (.rtf-file)
Qihu 360 Total Security
Detection Ratio (On-Demand and On-Access): 138/140 - 98,6% (138 d)
HitmanPro.Alert (not detected by 360 TS): 1
Total blocked (360 + HMP.Alert): 139/140 - 99,3%
HitmanPro + Zemana Scanning Result after executing: Clean - Zemana found one threat in samples folder. But it seems to be a false positive (0 detections on VirusTotal)
Any picture, text or excel document infected/encrypted: No
Was the system usable after testing (reboot)?: Yes
Attempts to repair the system: Not needed
Would I recommend it?: Yes, one of the best protection with very good engines (BitDefender and Avira) you can get for free. It's also very fast on removing threats and easy to handle.
360 Total Security-Setup: Custom
Installed the Avira Engine and activated Avira on Protection
Changed "File type to be monitored" to "All files" (Active Protection)
Enabled blocking of PUPs
Activated Scanning of compressed files (Virus Scan)
b=blocked, d=deleted
