The security solutions from Microsoft including Windows Live Safety Scanner version 1.1.3007.0 and Microsoft Windows Live OneCare 1.6.2111.32 (1.1.2803.0), have nothing to compete with
Products Avira, BitDefender, Kaspersky, Gdata, Symantec, Panda, Trend Micro and others. Independent Security Test Equipment AV-Test has executed two rootkit detection and removal of marks, the last month of 32-bit copies of Windows XP and Windows Vista Ultimate.
AV-Test thrown into the same arena of Internet security suites, web-based online scanners, specialized anti-root kit tools on Windows XP, as well as solutions and for security on Windows Vista. "In the caseof Windows XP, all products (in their most current versions) have been updated and then frozen, October 25, 2007. The only exceptions were the online scanners, which have been tested October 25 and November 2, 2007, revealed security researchers Andreas Marx and Maik Morgenstern of AV-Test.
On Windows XP, testing implementing several steps, including detection of inactive rootkit samples, active and latent malware. At the same time, security products have been tested for their capacity to eliminate rootkits, active or inactive, as well as malware hidden by rootkits. The first tests consisted of a detection and removal application with the exception of the dedicated anti-rootkit products that are not relevant to the application of scanning capabilities.
Signatures "This has already revealed some gaps in the database the scanner. The results of the analysis were the same access to the results on demand, so they are not listed separately in the results table. The maximum number of samples tools could detect was 30 dedicated rootkits, and not more than 27 rootkits could be deleted, because we used the original (and therefore write-protected) Media CD and DVD with the three commercial ' rootkits, Marx and Morgenstern showed.
The anti-rootkit technology managed a detection rate of about 80%, with suites of security and only 66% of online tools to only 53%. Microsoft Windows Live Safety Scanner 1.1.3007.0, for example, detected only 20 samples inactive, 17 active and only 25 examples of code malicius hidden by rootkits. In each category, Windows Live Safety Scanner would have detected 30 samples rootkit. When he goes to the kidnapping, a line scanner Microsoft performed even worse, to be able to remove only 19 samples inactive, 10 active and just eight pieces of malware hidden.
Under Vista, AV-Test run that she called "pure" anti-virus. "The tools of last update and frozen, October 2, 2007. To our surprise, the detection rate of inactive samples reached only 90% on average, even though most rootkits used were released in 2005 and 2006. Only four of the six installed rootkits can be detected by a tool and the average cleaning rate was even lower with 54%. AVG (with one of the best stand-alone tools in Windows XP) poor results without detection or cleaning rootkit on Vista, "Marx and Morgenstern added. In Windows Vista, Windows Live OneCare 1.6.2111.32 (1.1.2803.0) n ' is not an impediment to all of rootkits. The virus was detected five samples inactive, but just one active and successfully remove a rootkit unique. By comparison, F-Secure Anti-Virus 2008, Norton Antivirus 2008 and Panda Security Antivirus 2008 has achieved a perfect score by detecting and removing any rootkit on Vista.
"Tests for detecting active rootkits and cleaning characteristics of anti-malware are rather time consuming and require considerable resources to perform. However, programmers and testers should dedicate more attention to these features, as most AV tools still perform poorly in this area. Without proper anti-rootkit features a protection program may give the user the wrong impression about the state of their PC, "Marx and Morgenstern concluded.
