Malware detection list updated

18. November 2013 Security 0

Notes about the PDF update:

– I was unable to update the VirusBarrier X6 results as the application keeps asking for a license. I don’t have one so this will have to wait.
– Avira now detects Genieo samples as adware but apart from adding those signatures it does not detect the actually Genieo application, uninstaller or anything else. Because Avira now detects the Genieo samples it jumped up in rank on the results list from 95.4% to 98.5%. With it unable to detect any of the Genieo trace files though this means that new infections by this adware can be avoided but currently infected users will get no protection from Avira. The same goes for the latest Crisis.B, the sample is detected but the trace files are not.
– MacKeeper also detected samples but not trace files of Genieo and Crisis.B
– After testing for removal of malware samples and trace files as well, I found out that Sophos (who has been slipping for a while now unfortunately) is pretty bad at cleaning up. Leaving a lot of the detected files up for “Manual Cleanup” or “Cleanup Failed”. Now even MacKeeper performs better than Sophos which is quite embarrassing.

As mentioned, the PDF now shows results for clean-up. This is how well an AV product can cure/repair/delete (clean) infected files for you. There are three color codes that are used in this list:
Green = Infection cleaned.
Orange = Infection detected, pointed out but unable to clean and/or clean-up failed leaving user to manually clean.
Red = Infection not detected.

The rest of the AV products will be updated soon to fill all those gaps. I might even give all of the excluded apps another shot at the title. Due to the amount of time it takes I will only do on-demand, on-access and clean-up tests for the top performing AV (80% or higher detection rates). The PDF can be found here. Keep an eye on the widget to the right as it will show when the PDF is updated next, these minor changes will not be mentioned in a post like this one so that widget is the only way to see if the PDF has been updated since your last visit.

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.