Friends, we all know perfectly well that any computer or laptop must have an antivirus installed. And this required condition, because if there is no antivirus, then the computer can easily be exposed to viral attack... I will not analyze the consequences of such an attack, but I can say one thing - everything can end in tears. The question arises - which antivirus is better? Today I will tell you about it.
Before posting the list TOP Antivirus 2015, I will make a little explanation. The list of antiviruses I have selected from many is not based on my personal preference. There are independent antivirus laboratories that are dedicated to testing antivirus software. Personally, I've used AV-Comparatives, AV-Test, Virus Bulletin, and Dennis Technology Labs. It is on the test results of these laboratories that this top of the best antiviruses of 2015 is based. With this sorted out, now let's take a look at antivirus software.
Best Antivirus 2015
1. Kaspersky Internet Security 2015The first place in my rating is occupied by Kaspersky Anti-Virus, or to be more precise, the Kaspersky package Internet Security... This is a well-known antivirus that protects your computer from various threats, removes viruses, while having a lot of different capabilities. I really like their product - emergency disk Kaspersky Rescue Disk, which can solve a huge number of problems that appeared when a malicious program entered a computer. I personally used this disc myself and more than once helped me out.
Many users are dissatisfied with the work this antivirus, based on negative impact on PC performance. But my experience and tests disprove this. Even on weak computers the antivirus shows itself perfectly.
You can download the antivirus at the office. www.kaspersky.com website (paid, free trial available)
2. Bitdefender Internet Security
This antivirus was the leader in many tests and reviews. However, by the beginning of 2015, everything had changed. The benchmarks now show a slightly lower score, which is why I put Bitdefender in second place.
Bitdefender Internet Security powerful tool to protect your computer from viruses. Present additional features this antivirus: payment protection, parental control, acceleration of PC boot, Anti-theft tool, etc. There is only one drawback, as I believe, - the absence of the Russian language, since some functions will not be clear to everyone. However, the rest is an excellent antivirus that provides reliable protection computer. Bitdefender can be obtained for free for half a year, all the details can be found on the site's office.
3. 360 Total Security(Qihoo 360 Internet Security)
Next, according to the tests, comes the Qihoo 360 Internet Security antivirus from a Chinese programmer. In almost 6 months he managed to bypass many paid antivirus programs and quietly took root in the leaders' places.
4. Avira Internet Security Suite
Many users are familiar with Avira antivirus... It is really fast and good tool to protect your computer from various types of attacks. At one time I used the free version of this antivirus, and was pleased with its work. There is also paid version Avira Internet Security Suite, which will maximize the security of your computer.
5. ESET Smart Security
Who has not heard of antivirus ESET product Smart Security? I suppose there will be few of them. Excellent antivirus, who has been in leadership positions for more than two years now. Provides good protection computer and has many interesting "chips" regarding finding different kinds viruses.
So let's summarize. On the this moment there are many more good antiviruses, and if they are not included in top 5 best antivirus 2015, this does not mean that they are bad. I just picked only five antivirus programs in one article. Remember that no matter where the antivirus is, first or last, there is a 100% guarantee that there will be no viruses on your computer - no. After all, there are many potentially unwanted programs, which are not viruses, but do harm, just like viruses (ads in browsers). Be aware that under no pretext you should not disable the antivirus, especially before installing any program.
I think the article will be useful, especially for beginners. Until next time!
Keeping your software safe is the most important thing when working with unfamiliar applications and files. To reliably protect your computer from Trojans, worms, scripts, rootkits and others internet threats you need a powerful antivirus program.
The article presents a rating of free antiviruses in 2015 for windows 7. Before determining the leaders of the rating, each of the programs presented below was tested. Before installing the antivirus, the computer was deliberately infected with several types latest viruses... After the anti-spyware program was downloaded, an analysis of malicious Internet resources was performed. Each of the presented antiviruses showed high results degree of reliability.
Ranked in the Top 10 Antispyware Programs of the Year. is able to protect the PC from all kinds of Internet threats and guarantees the safety of storing personal information. AVG regularly launches auto scan system and allows you to timely identify malicious programs and all kinds of viruses. The presence of heuretic analysis and firewall ensures full control over the software system. This is one of the most reliable free antivirus solutions.
Possesses powerful system protection and is able to provide safe work ON. Each file and application is scanned for scripts and viruses before launching. In the absence of malware, Komodo allows work with the application. Like many modern antivirus programs, Comodo has heuristic analysis, which allows you to calculate the presence of rootkits in the application and block them. The antivirus has a proactive defense feature called a "sandbox". Its purpose is to analyze new programs by sending information to the developer's environment. Only after receiving security information will the user be able to run the program.
Is a high-quality antivirus product that can protect your PC from many existing malware programs. Zillya works in real time and has the function of tracking suspicious activity. The program is able to recognize hidden rootkits in applications and instantly block them. In addition to heuretic analysis, there is also a function mail filter... Scanning hard disk detects the presence of spyware, worms and other potential threats. Software verification can be carried out automatically or by hand... This is one of the most reliable antivirus 2015, designed for windows 7.
- one of the most popular antiviruses , which has proven itself on the good side. Software launches automatic check hard drives for viruses even before the windows system starts working. Avast instantly recognizes and blocks spyware, as well as conducts heuristic analysis of applications for rootkits. Each file is scanned for potential threats and possible malware is quickly recognized. The antivirus is periodically updated to improve the protection of your PC. A free version of the product is available to users.
Reliably protects your PC from spyware, Trojans, rootkits and other external threats. Antivirus provides both manual and automatic scanning. Ad-Aware is able to recognize most known viruses... The program has a high degree of protection against hacking, thanks to the security code, which is indicated at the final moment of installation. The work takes place both in real time and on demand. The Ad-Aware product is one of the most reliable anti-virus solutions today.
360 Total (Security 6.0) Is one of the most latest developments on anti-virus software... The program is capable of recognizing over 100,000 existing Internet threats. Total 360 allows you to speed up the system by cleaning the PC from temporary files... Running the antivirus before starting work allows you to clean the system of junk and create reliable protection against fraudulent and spyware threats. Antivirus is among the 10 best antivirus for windows 7.
Provides full protection when working on the Internet. The system is scanned in real time with the use of several levels of encryption at once. The program checks the reputation of each file for the presence or absence of potential threats. Smart function Mode allows you to track suspicious activity and provides enhanced protection using social networks... Node 32 instantly blocks exploits that may be in the downloadable application. The antivirus program automatically updates and autoscans the software. It is one of the most user-friendly next generation antivirus.
Panda Security (Free Antivirus 15.0) represents a unique innovative technology system scanning, which allows timely identification of even the most complex and little-known spyware... An intelligent anti-virus program is able to "cure" infected USB drives connected to a computer. In this case, the autorun function will be unavailable for malicious programs. In the absence of an Internet connection, the local scanner... Panda Security is one of the most powerful antivirus programs of 2015.
Bitdefender (Antivirus Free) has a high security record and is capable of recognizing little-known threats. Bitdefender Total Security offers to PC users free version for 3 months. The main advantage new program is the use system resources to a minimum, which allows you to continue working without "freezing" the system. Bitdefender not only fights Internet attacks, but also provides protection in Wi-Fi networks... It is one of the most effective free antivirus software for windows 7.
Avira (Free Antivirus 2015) recognized as the best and the most reliable free antivirus this year. Avira instantly blocks all known threats: worms, Trojans, rootkits and other Internet attacks. One of the newest developed technologies Protection Cloud makes it possible to check the reputation suspicious file... A questionable file is sent by the system to the "cloud" for verification, and after a few seconds the user sees about it full information... If the resource is not safe, it is immediately blocked by the program. The server detects the potential threat of just released viruses and reliably protects your PC from infection. It is one of the fastest antivirus programs out there.
Virus creators and antivirus software vendors have long been at war with each other. From year to year, viruses are becoming more and more perfect, which means that for reliable protection it is necessary to timely update the protection means.
The list is compiled on the basis of the AV-Test, antivirus test, carried out by the antivirus research laboratory, as of 03/15/2015. The places in the rating are distributed according to the level of protection, where # 1 is the most powerful antivirus with maximum threat detection.
Introduced new, better free solutions according to the results of numerous tests.
Multi-layered protection version 8.0 includes a firewall, NOD32 antivirus, HIPS, protection against vulnerabilities and phishing, as well as parental control and antispam. Antivirus cost - 1750 rubles. for a year.
9. Avast Free Antivirus 2015
Reliable antivirus of Czech origin is distributed free of charge with personal use... Avast provides protection against all types of threats and is used by 200 million users around the world. Updated version 2015 received enhanced protection against home network hacking.
8. Norton Security 2015
Antivirus cost - 1440 rubles. per year for 5 devices. Norton Security applies 5 levels of computer security - firewall, intrusion prevention system (IPS), traditional file protection technologies, protection technologies based on reputation Insight, and technologies based on behavioral analysis SONAR.
7.360 Internet Security 5.0
Free antivirus with 3 engines: QVM II, Bitdefender and 360 Cloud. The software provides safe Internet surfing, online purchases, file download checks, privacy protection.
6. Panda Free Antivirus 15.0
Free cloud antivirus protects your computer without diverting resources from other tasks, taking effect only when you really need it. The kit includes anti-spyware, antivirus, heuristic scan and anti-rootkit.
5. Kaspersky Internet Security 2015
The popular antivirus provides comprehensive protection from many types of threats. Main screens Kaspersky protection Internet Security 2015 - network monitoring, program control, web antivirus, secure internet payments, parental control. Antivirus cost - 1600 rubles. in year.
4. Bitdefender Internet Security 2015
The 2015 version includes a powerful antivirus, proactive and cloud protection, firewall, anti-phishing, protection of Internet banking, personal data, as well as parental control. The cost of the antivirus is 1080 rubles. for a year.
3. Trend Micro Internet Security 2015
Japanese antivirus includes cloud network, antivirus and antispyware, spam filter, network protection, privacy protection, leak prevention, parental control. The cost of the antivirus is 997 rubles. for 3 computers.
2.F-secure Internet Security 2015
Antivirus provides reliable protection in the process of Internet surfing, online shopping, downloading files. Parental control is provided. Antivirus cost - 899 rubles. for a year.
1. Avira Antivirus Pro 2015
Most best antivirus provides reliable protection data, blocking Internet spyware and adware, assessing the security of sites in search engine results, preventing malicious downloads. The cost of the antivirus is 32.95 euros per year.
In order to choose a reliable antivirus program, a PC user needs to know about it functionality, speed of work and resource consumption. It takes a very long time to study this information by visiting the official websites of the developers. Therefore, it is worth familiarizing yourself with Top 10 Best Antivirus Programs 2016 of the year. This article analyzed a dozen free antivirus programs that were used to treat infected Windows 7. In addition to eliminating 15 viruses, malicious sites were visited, files with potentially unwanted objects were downloaded.
Test results
We depicted the overall test result in the form of a table, in which each software was assigned a corresponding score. The speed of the program, its reliability, interface, consumed resources and processing errors were assessed.
Based on the results of testing, large quantity points received. Both, and broke into the top five.
Reliability testing
The highest reliability indicators were demonstrated by antiviruses that run on the engine Bitdefender... They are considered the most powerful.In this group top scores search and blocking of malicious objects was shown by the software Chinese developers 360 Total Security... This antivirus has detected and eliminated all viruses, leaving only some traces of their activity - damaged files. These high rates are due to the fact that the application runs on five engines: System Repair, QVM II, Avira, Bitdefender and 360 Cloud, and also has a tool to optimize the OS.
The same results were obtained during a PC scan with Ad-Aware Free Antivirus and Bitdefender Free Edition. Further, acceptable data was obtained thanks to AVG AntiVirus Free and Panda cloud Antivirus. The rest of the anti-virus programs partially coped with the removal of malicious objects. There are only 1-2 viruses left on the PC.
Analysis of the amount of consumed resources
In this group, the first place was taken by Panda Cloud antivirus, since all potentially unwanted objects are sent for scanning to " cloud service»Programs without consuming processor resources and random access memory... The system did not display scanning from with AVG and Microsoft Security Essentials.Testing the speed of antivirus software
Avast, AVG and 360 Total Security demonstrated excellent performance indicators. It should be noted that it is rare when antiviruses combine good speed scanning, minimal resource consumption and protection. The slowest were Ad-Aware Free, Comodo and Bitdefender Free Edition .Lipstick alarm
False positives are typical for 360 Total Security, Comodo, Microsoft Security Essentials who identified unlicensed software as a potential threat to the PC. Avast, Bitdefender and Ad-Aware did not excel in this regard. These antiviruses also found pirated software as malicious.Interface
All of the above anti-virus programs have a Russian interface, only Bitdefender Free Edition did not offer a choice of language during installation. The easiest way to change skins is360 Total Security, Avast, Panda Cloud Antivirus and Zillya.
After reviewing the top ten antivirus programs, based on subjective preferences, you can easily choose the best one. Although Panda Cloud Antivirus received the most points, its productivity is not so high without an Internet connection. For those who need exclusively licensed software, you should pay attention to 360 Total Security. Well, if you are good at English language and want to get decent protection, without any bells and whistles, then the free version
Among the general stream of malicious programs that do not differ in sophisticated functionality, there are samples that use unusual or even innovative technological methods to ensure the operability of the malicious program on the affected system. This leads to a significant complication of the process of removing such malicious programs. Test results this test allow you to answer the question: how effectively can popular antiviruses help in the treatment of the affected system?
Despite the fact that the active phase of the spread of malicious programs that carry various techniques its concealment in an infected system dates back to 2012-2013 and was replaced by a wave of significantly less technologically advanced families; over the past two years, a number of interesting malware programs have emerged from the point of view of treatment.
The emergence of new technological methods in the development of malicious programs, even at the level of conceptual implementation, in most cases nullifies the effectiveness of the functions of popular antiviruses in the treatment active infection... This ensures the persistent viability of the malicious program in the compromised system.
Over time, antivirus developers make changes to their products that allow detecting active infection, thereby preventing its further spread, write numerous articles with meaningful analysis of the features of the new malicious program. And this usually ends. However, this leaves out the question of how effectively the antivirus will cope with neutralizing new malware in its active state? For the publication of a meaningful analysis of the performance of a malicious program is only the ability of an antivirus to effectively cure on paper, but not always in practice.
Since 2007, the information and analytical center of the site has regularly conducted tests for the treatment of active infections, thereby tracking the dynamics of the capabilities of popular antiviruses to successfully neutralize active malware.
The purpose of this test is to check personal versions antiviruses for the ability to successfully (without disrupting the operating systems) detect and remove malicious programs that have already penetrated the computer in their active state.
Introduction
The release versions of the following 15 participated in testing antivirus software, selected during open discussion (assemblies are relevant at the start of the test):
- Avast! Internet Security 2015.10.0.2208
- AVG Internet Security 2015.0.5646
- Avira Internet Security 14.0.7.468
- Eset Smart Security 8.0.304.0
- Kaspersky Internet Security 15.0.1.415 (b)
- BitDefender Internet Security 18.20.0.1429
- Emsisoft Internet Security 9.0.0.4799
- Dr.Web Security space Pro 10.0.0.12160
- Microsoft Security Essentials 4.6.0305.0
- McAfee Internet Security 14.0
- Norton Security 22.1.0.9
- Qihoo360 Internet Security 5.0.0.5104
- TrustPort Internet Security 15.0.0.5420
- Panda Internet Security 15.0.4
- Trend Micro Titanium Internet Security 8.0.1133
Testing was conducted on malware that meets the conditions of the testing methodology exclusively for the platform Microsoft Windows 7 x64:
- APT (Uroburos, Turla)
- Cidox (Rovnix, Mayachok, Boigy)
- Poweliks (Powessere)
- Backboot (WinNT / Pitou)
- WMIGhost (HTTBot, Syndicasec)
- Stoned (Bebloh, Shiptob, Bublik)
- Pihar (TDL4, TDSS, Alureon, Tidserv)
- SST (PRAGMA, TDSS, Alureon)
- Zeroaccess (Sirefef, MAX ++)
Thus, for the test, 9 samples of malware that were conceptual from a technological point of view were selected, which were noticed in the general stream of malware.
Comparison of antiviruses for possible treatment
Table 1. Results of the test for the treatment of active infection 2015 (beginning)
| Avast! Internet Security | AVG Internet Security | Avira Internet Security | Eset Smart Security | Kaspersky Internet Security | |
|
APT (Uroburos, Turla) |
+ | + | + | + | + |
| + | -* | - | -* | + | |
|
Poweliks (Powessere) |
- | + | - | - | + |
| + | -* | -* | -* | + | |
|
WMIGhost (HTTBot, Syndicasec) |
- | - | - | - | + |
| + | + | - | + | + | |
| - | - | - | -* | + | |
|
SST (PRAGMA, TDSS, Alureon) |
+ | - | - | - | + |
|
Zeroaccess (Sirefef, MAX ++) |
+ | - | - | + | + |
| Cured / Total | 6/9 | 3/9 | 1/9 | 3/9 | 9/9 |
Table 2. Results of the test for the treatment of active infection 2015 (continued)
| Antivirus / Malware | BitDefender Internet Security | Emsisoft Internet Security | Dr.Web Security Space Pro | Qihoo360 Internet Security | Microsoft Security Essentials |
|
APT (Uroburos, Turla) |
+ | - | - | + | + |
|
Cidox (Rovnix, Mayachok, Boigy) |
+ | -* | + | - | - |
|
Poweliks (Powessere) |
+ | - | - | - | + |
| - | - | + | -* | -* | |
|
WMIGhost (HTTBot, Syndicasec) |
- | - | - | - | -* |
|
Stoned (Bebloh, Shiptob, Bublik) |
+ | - | + | + | + |
|
Pihar (TDL4, TDSS, Alureon, Tidserv) |
+ | - | + | - | - |
|
SST (PRAGMA, TDSS, Alureon) |
+ | -* | + | -* | - |
|
Zeroaccess (Sirefef, MAX ++) |
- | - | + | - | + |
|
Cured / Total |
6/9 | 0/9 | 6/9 | 2/9 | 4/9 |
Table 3. Results of the test for the treatment of active infection 2015 (end)
| Antivirus / Malware | McAfee Internet Security | Norton Security | TrustPort Internet Security | Panda Internet Security | Trend Micro Titanium Internet Security |
|
APT (Uroburos, Turla) |
+ | + | - | + | + |
|
Cidox (Rovnix, Mayachok, Boigy) |
-* | - | - | -* | - |
|
Poweliks (Powessere) |
- | + | - | - | + |
| -* | -* | - | -* | - | |
|
WMIGhost (HTTBot, Syndicasec) |
- | - | - | - | - |
|
Stoned (Bebloh, Shiptob, Bublik) |
- | + | - | - | - |
|
Pihar (TDL4, TDSS, Alureon, Tidserv) |
- | - | - | - | - |
|
SST (PRAGMA, TDSS, Alureon) |
-* | -* | - | -* | - |
|
Zeroaccess (Sirefef, MAX ++) |
- | + | - | - | - |
| Cured / Total | 1/9 | 4/9 | 0/9 | 1/9 | 2/9 |
Figure 1. Results of Active Infection Treatment Test 2015
Recall that, in accordance with the scheme used for analyzing results and rewarding, (+) means that the antivirus has successfully eliminated an active infection of the system, while the system's performance has been restored (or not broken). (-) means that the antivirus was unable to eliminate active infection or the system was seriously damaged during disinfection (for example, BSOD). (- *) means that after several months of waiting and multiple dispatches of samples for analysis in antivirus laboratory the detection was never added.
As you can see from the test results, the fileless malware WMIGhost turned out to be the most difficult to treat. Only Kaspersky Internet Security was able to detect and cure it. Next in terms of the complexity of treatment are malicious programs that use infection technologies. boot sectors disk (Backboot, Pihar, SST and cidox). Problems with detection and treatment arise even though the malware of this class participating in the test has existed for several years.
It is important to note the inability of the vast majority of antiviruses to detect and neutralize malicious code in RAM, which is confirmed by the results of treatment by Stoned (aka Bebloh, Shiptob, Bublik).
Overall, the picture is disappointing for the industry. Most popular antiviruses are unable to correctly cure the affected system even on those families of malware that have been known for more than one year.
Final test results and awards
Table 4. Final results of the active infection treatment test 2015
| Antivirus | Reward | % cured |
| Kaspersky Internet Security | |
100% |
| Avast! Internet Security | 67% | |
| BitDefender Internet Security | 67% | |
| Dr.Web Security Space Pro | 67% | |
| Microsoft Security Essentials | |
44% |
| Norton Security | 44% | |
| Eset Smart Security | Test failed | 33% |
| AVG Internet Security | 33% | |
| Trend Micro Titanium Internet Security | 22% | |
| Qihoo 360 Internet Security | 22% | |
| Avira Internet Security | 11% | |
| McAfee Internet Security | 11% | |
| Panda Internet Security | 11% | |
| Emsisoft Internet Security | 0% | |
| TrustPort Internet Security | 0% |
This year, only 6 out of 15 tested antiviruses showed decent results in the treatment of active infections, which is somewhat better than level recent years.
The only antivirus that successfully managed the treatment of all samples from test suite, is the award-winning Kaspersky Internet Security PlatinumMalwareTreatmentAward.
Reward Gold Malware Treatment Award none of the tested antiviruses are receiving this year.
Tied for second, third and fourth places Avast antiviruses! Internet Security, BitDefender Internet Security, and Dr.Web Security Space Pro, which neutralized six out of nine suggested samples (67%). They get a reward SilverMalwareTreatmentAward.
Fifth and sixth places were shared by Microsoft Security Essentials and Norton Security, which successfully cured four samples out of nine (44%) and received an award BronzeMalwareTreatmentAward).
The rest of the antiviruses failed the test. So AVG Internet Security and Eset Smart Security, managed to neutralize only three samples out of nine (33.3%). This is followed by Qihoo360 Internet Security 5.0.0.5104 and Trend Micro Titanium Internet Security, which successfully cured only two samples out of nine (gaining 22.2%). Among the outsiders of the test were McAfee Internet Security, Panda Internet Security and Avira Internet Security, which were able to cope with only one sample out of nine (11.1%).
Emsisoft Internet Security and TrustPort Internet Security completely failed the test. They were unable to cure a single sample taken for the test.
Analysis of changes in comparison with previous tests
In conclusion, let us analyze the results of all our tests for the treatment of active infection in 2011-2015. To do this, the results of two previous tests which you can see here. In this way, changes in the effectiveness of treatment of complex infections can be traced for each tested product (see Figures 2 and 3).
Figure 2: Dynamics of changes in the capabilities of antiviruses to cure active infections
Figure 3: Dynamics of changes in the capabilities of antiviruses to cure active infections
Domestic antiviruses - Kaspersky Internet Security and Dr.Web Security Space Pro - occupy invariably high places, although the latter has a tendency to decrease the effectiveness of treatment.
Avast! Internet Security and BitDefender Internet Security again performed relatively well, which reflects continued attention to the problem of curing complex infections. Norton Security and Microsoft Security Essentials balance at the average level in terms of the effectiveness of treatment, which is very strange for such giants of the market, which have all the necessary resources.
Against the background of the continuing trend towards a general decrease in efficiency in the treatment of active infections in the industry, the results of some antiviruses have improved compared to last year, among them: Avast! Internet Security, Eset Smart Security, AVG Internet Security and Norton Security. On the whole, it is obvious that due to the large flow of malicious programs that need to be added to anti-virus databases, most manufacturers do not pay attention to the treatment of active infection.
Ilya Shabanov, ManagerAM Test Lab:
“This year we have carried out a test entirely for Windows system 7 x64, which narrowed down the possibilities for selecting suitable malware, but made it possible to concentrate only on the actual tasks of curing active infections. In general, the results for the industry continued to decline, which is completely in line with the trend of recent years. Most manufacturers lack the resources and expertise to deal with sophisticated malware. Some manufacturers were completely unable to recognize individual malicious programs from our selection and for several months they did not add a detector to them, despite repeated requests. On the other hand, some vendors managed to improve their results in comparison with 2012. This allows us to hope that the problems of treating complex infections will not be ignored in the future. "
Alexander Shevtsov, Testing EngineerAM Test Lab:
“Summing up the results of the next test, you feel some disappointment - the ability to cure active infection is still not an advantage of antivirus for most vendors. Yes, some of them did work on bugs, new versions of their products showed better results with the samples that took part in the last test, but most of the results have not changed. With new threats, in general, the results are simply disastrous. The worst thing is that often the antivirus does not see any signs of active infection at all, outwardly it may not manifest itself in any way, and the user is completely unaware of what is happening. Moving on to specifics, I would like to note Avast, which showed clearly positive dynamics, and Dr.Web, which surprised by low results in the fight against new threats. BitDefender has been showing consistently good results, but it's too early to rest on our laurels, there is still room to strive for. The newcomers to the test did not please with anything, Emsisoft and Trustport failed the test completely. "
Vyacheslav Rusakov, site expert:
“It has been almost 3 years since the last active infection cure test from AM Test Lab. Innovations in "rootkit building" are frozen, gentlemen virus writers continue to mark time and only occasionally update their creations. Either thoughts and ideas have run out, or everything has already been explored up and down, or there is no point in poring over new ways to stay in the infected system when the old methods work (see test results). Evolution instead of revolution? Is that in relation to the incorporeal malicious code living in user space. The above method does not cause any difficulties with the cure of the infected system, it is difficult to call it new either, but rather a well-forgotten old one. But the field for activity is quite large, technologies do not stand still: hypervisors, UEFI, IoT, boom mobile technologies- there is where to "turn around". So far, this is all the lot of free researchers and authors of APT.
I ended each of my comments on the test for the treatment of active infection by pointing out that it is necessary to pay due attention to the problem of cure, but this time I will not. I was not talking about treatment as such, but about the quality of technology, about how important it is to keep track of what is happening in the world of virus writers, keep abreast and keep our own technologies up to date. By by and large the results are not interesting ordinary users... Until the first infection of a system with an active antivirus, until the first failed installation of an antivirus product on an infected system, until the first blue screen of death. After that, the failed antivirus is replaced with a more effective one. "
Vasily Berdnikov, site expert:
« After a long pause of almost 3 years, AM Test Lab conducted another test for the treatment of active infection. It is worth noting that no one has conducted similar tests yet. For obvious reasons. Although well-known test laboratories have made some attempts, however, the sponsors of the tests did not like it very much, and the results of the treatment test were not taken into account to obtain the coveted "medals".
With regards to the testing carried out. The results in general remained, as before, depressing for many manufacturers antivirus products... Moreover, it is worth noting that complex threats such as bootkits are gradually disappearing, and at the moment only two families are actively spreading - Rovnix and Pitou. Moreover, for several years now, there has been no serious development of these families in terms of counteraction to detection and treatment. But appeared new trend in malware evolution, fileless malware. Many antivirus vendors were completely unprepared to detect and treat such threats. The change in trend from complex threats like buktit to fileless malware is understandable: easier development, less problems with compatibility and can work on modern axes under GPT. At the same time, as it turned out, such malicious programs can live for a very long time and are not noticeable for a regular antivirus.
I repeat my words three years ago: most antivirus vendors do not pay due attention to detecting complex modern threats and correctly curing infected systems. Or he pays attention, but not to the protection of users, but rather to the publication of articles and PR in the media. As before, it comes to the ridiculous: the white-paper is ready, but there is still no detection and treatment. "
