Malware Cleaning Av-Test - July 29Th 2014

[Arakasi 549]

hxxp://www.av-test.org/en/news/news-single-view/17-software-packages-in-a-repair-performance-test-after-malware-attacks/

 

Needs to be studied.

Malwarebytes on the come up.

Their registry object cleaning and ability to search deeper and repair as well as remove is always going to be wanted over what product you are using or installing.

There is just too many people that are getting infected because of lack of security software, or not using the right one for them. This is happening!

The after-the-fact cleaning needs to be spot on, before installing a new product for preventative measures.

 

I encourage ESET to work on the cleaning process more, to get a better balance between prevention and repair for new prospects.

 

Thanks~

[Marcos 5,074]

I see that ESET cleaned all active malware so there's virtually nothing to improve in cleaning with regard to this test. Needless to say that prevention is much more important than reaction.

[Arakasi 549]

I agree that prevention is more important, but i do not agree when it comes to new clients that need their systems repaired.

It may not be the vendors priority, but i make it mine to clean everything even junk and leftovers before i install ESET on a clients computer.

Either that or i reinstall the OS for them, which it was conveyed that reinstalling the OS should not be everyone's end result all the time.

 

There is nothing to improve in cleaning malware, but there is room for more attention to detail with another persons computer.

[Marcos 5,074]

First of all, we need to define what should be cleaned besides actual malware. Icons? Text files? Innocuous data files? Corrupted or otherwise non-functional files? To me, it makes no sense to put precious resources into dealing with benign stuff which doesn't affect users in other way than occupying literally a few bytes on a disk.

[Arakasi 549]

First of all, we need to define what should be cleaned besides actual malware. Icons? Text files? Innocuous data files? Corrupted or otherwise non-functional files? To me, it makes no sense to put precious resources into dealing with benign stuff which doesn't affect users in other way than occupying literally a few bytes on a disk.

 

This is true and we don't really have any clarification, besides these stupid tests that are never in detail.

I hate them.

 

I do believe in cleaning up all the data that a trojan left behind though.

The user didn't put those bytes there ?

 

I see where your coming from though. I also still believe ESET is better proactive detection then Malwarebytes reactive cleaning.

[Arakasi 549]

Marcos you know im a die hard ESET supporter.

I'm a partner, distributor and i wouldn't sell or install anything else on a clients machine. lol

I hate seeing other vendors winning on these tests

[Octavian 5]

Eset at section Removal need to improve clean. In tests Eset has no Malware undetected but has 2 files cleaned not fully (Only harmless file remnants left behind). Also Eset does not clean (detect) tracking cookie.

 

Eset has problems with remains after remove malware file (Malware removed, but some executable files, MBR and registry changes (e.g loading points, etc.) remaining).

Eset to remove a sophisticated ransomware or a worm it is require to run Rescue Disc or Safe Mode, this thing also decrease test result grade.

If a computer is already infected and install Eset, cleaning capacity also is not very good.

 

I observe some time ago that in User file was a dangerous Trojan but Eset displays some notifications that threat was clean but the dangerous file remains there. In this case are necessary improvements and On Demand Scan capacity of cleaning.

[Marcos 5,074]

Eset has problems with remains after remove malware file (Malware removed, but some executable files, MBR and registry changes (e.g loading points, etc.) remaining).[/size]

I'm not aware of any issues with cleaning registry changes, please be more concrete.

As for fixing MBR, this cannot be accomplished due to legal issues and Microsoft tools have to be used. In some cases it's possible to restore MBR in case malware created a backup.

 

Eset to remove a sophisticated ransomware or a worm it is require to run Rescue Disc or Safe Mode, this thing also decrease test result grade.

I'm not aware of any issues related to cleaning ransomware. This was improved in v7. Again, be more concrete and we can look into it then.

 

If a computer is already infected and install Eset, cleaning capacity also is not very good.

I observe some time ago that in User file was a dangerous Trojan but Eset displays some notifications that threat was clean but the dangerous file remains there. In this case are necessary improvements and On Demand Scan capacity of cleaning.

Please be more concrete. Maybe the malware was detected in memory but after the next update a signature was added and ESET was able to locate it on the disk and clean it. Another possibility is that the malware didn't exist in the file system whatsoever. Unfortunately, too little information was given.

[Octavian 5]

 

Eset has problems with remains after remove malware file (Malware removed, but some executable files, MBR and registry changes (e.g loading points, etc.) remaining).[/size]

I'm not aware of any issues with cleaning registry changes, please be more concrete.

As for fixing MBR, this cannot be accomplished due to legal issues and Microsoft tools have to be used. In some cases it's possible to restore MBR in case malware created a backup.

 

Eset to remove a sophisticated ransomware or a worm it is require to run Rescue Disc or Safe Mode, this thing also decrease test result grade.

I'm not aware of any issues related to cleaning ransomware. This was improved in v7. Again, be more concrete and we can look into it then.

 

If a computer is already infected and install Eset, cleaning capacity also is not very good.

I observe some time ago that in User file was a dangerous Trojan but Eset displays some notifications that threat was clean but the dangerous file remains there. In this case are necessary improvements and On Demand Scan capacity of cleaning.

Please be more concrete. Maybe the malware was detected in memory but after the next update a signature was added and ESET was able to locate it on the disk and clean it. Another possibility is that the malware didn't exist in the file system whatsoever. Unfortunately, too little information was given.

 

 

Av-Test has a test hxxp://www.av-test.org/en/news/news-single-view/17-software-packages-in-a-repair-performance-test-after-malware-attacks/

 

In this test is presented  capacity of security solution to remove malware.

In this test Eset has: 0 Malware Not detected;

                                 0 Active Malware components not removed;

                                 2 and 9 only harmless file remnants left behind; 

                                 28 and 51 Complete removal, clean system

Total System Repair Score 95%.  

 

Eset has weak point at Harmless File Remnants Left Behind

Edited August 4, 2014 by Octavian

[Marcos 5,074]

Eset has weak point at Harmless File Remnants Left Behind

I've already commented on detecting and removing clean files, such as icons, text files, config. files, images, etc. that do not pose any risk to users and just occupy a few bytes on a disk.