2015 PCSL IT Consulting Institute PCSL ❷ Windows Virus Cleaning Test Report 感染型病毒清除测试报告 Celebrating Technology Innovation
报告目录 Table of Contents P1 P1 P2 测试背景测试流程待测软件 P3 P7 P8 测试结果相关信息权利说明 P9 免责声明
1. 测试背景感染型病毒由于其自身的特性, 为了方便传播, 通常感染型病毒都会将自己感染到其他程序上 干净的操作系统系统上, 一旦被病毒感染过的文件被执行, 病毒将迅速感染 这些病毒执行起来之后, 常常会下载大量的木马, 达到其盗号 窃取隐私等目的 此类病毒按破坏类型分, 主要有两类 :1 可修复型感染, 病毒仅仅隐藏在正常文件中, 没有破坏正常文件原有代码, 杀毒软件在处理此类病毒时, 可以去除感染文件中的病毒代码, 使文件恢复到无危害的状态 ;2 不可修复型感染, 此类病毒将自己隐藏到正常文件中的同时, 会破坏正常文件的功能导致文件不可修复 本次测试采用的样本均为可修复的感染型病毒样本, 我们通过对反病毒软件对感染型病毒的修复程度来判断反病毒软件对感染型病毒样本的清除修复能力 2. 测试流程 1 在测试电脑上安装 Windows8 64 位系统, 准备镜像文件备用 2 将 17 个感染型病毒样本拷贝至测试机器 3 安装反病毒软件并使用推荐操作对 17 个感染型病毒样本进行扫描并处理, 没有推荐操作的情况下选择修复或清除操作 4 统计经反病毒软件处理过后的样本修复情况 5 重复步骤 1-4 1
3. 待测软件 软件名称 ( 按字母顺利排列 ) 厂商 版本号 360 Antivirus Qihoo 360 5.0.0.5104 Ad-Aware Free Antivirus+ Lavasoft 11.5.202.7299 AhnLab V3 Internet Security AhnLab 8.0.8.4 (Build 1607) Avast Free Antivirus AVAST 2015.10.0.2208 AVG Antivirus Free AVG 2015.0.5645 Avira Free Antivirus Avira 14.0.7.468 Baidu Antivirus Baidu 3.0.0.4791 Bitdefender Antivirus Plus Bitdefender 18.19.0.1369 COMODO Antivirus COMODO 8.0.0.4344 Dr.Web Security Space Dr.Web 10.0 Emsisoft Anti-Malware Emsisoft 9.0.0.4799 escan for Windows MicroWorld 14.0.1400.4640 DB ESET Smart Security ESET 8.0.304.1 FortiClient Fortinet 5.2.2.0624 F-Secure Internet Security F-Secure 14.115 build 100 G DATA ANTIVIRUS G DATA 25.0.2.2 HitmanPro SurfRight 3.7.9.234 IKARUS anti.virus IKARUS 2.7.30 Immunet Protect Cisco 3.1.13.9671 K7 Ultimate Security K7 14.2.0257 Kaspersky Internet Security Kaspersky 15.0.0.463(b) Kingsoft Duba Kingsoft 2015.SP0.5.012210 NANO Antivirus NANO Security 0.30.0.64812 Norton Security Symantec 22.1.0.9 Psafe Total Psafe 5.1.0.1069 Quick Heal AntiVirus Pro Quick Heal 16.00 (9.0.0.9) Tencent PC Manager Tencent 10.7.16059.213 Total Defense Total Defense 9.0.0.141 TrustPort Antivirus TrustPort 15.0.0.5420 UnThreat AntiVirus Scandium Security 6.2.37.37024 UtilTool Antivirus UtilTool 3.3.67 VIPRE Antivirus ThreatTrack 8.0.5.3 Windows Defender Microsoft 4.0.9200.16384 ZoneAlarm Free Antivirus + Firewall Check Point 13.3.209.000 2
4. 检测结果 厂商 样本 1 样本 2 样本 3 样本 4 样本 5 样本 6 AhnLab Untreated Successful Successful Untreated PE Corrupted Successful AVAST Successful Successful Successful Successful Successful Successful AVG Successful Successful Deleted Deleted Deleted Successful Avira Deleted Successful Deleted Deleted Successful Deleted Baidu Successful Successful Successful Successful Successful Successful Bitdefender Successful Successful Deleted Successful PE Corrupted Successful Check Point Successful Successful Successful Successful PE Corrupted Successful Cisco Untreated Deleted Deleted Deleted Deleted Deleted COMODO Deleted Successful Deleted Deleted Deleted Deleted Dr.Web Successful Successful PE Corrupted Successful PE Corrupted Successful Emsisoft Deleted Deleted Deleted Deleted Deleted Deleted ESET Successful Successful Successful Successful Successful Successful Fortinet Deleted Deleted Deleted Deleted Deleted Deleted F-Secure Deleted Deleted Deleted Deleted Deleted Deleted G DATA Successful Successful Deleted Successful PE Corrupted Successful IKARUS Deleted Deleted Deleted Deleted Deleted Deleted K7 Successful Successful Deleted Deleted Deleted Deleted Kaspersky Successful Successful Successful Successful PE Corrupted Successful Kingsoft Successful Untreated Successful Untreated Deleted Deleted Lavasoft Successful Successful Deleted Successful PE Corrupted Successful Microsoft Successful Successful Successful Deleted Successful Successful MicroWorld Successful Successful Deleted Successful PE Corrupted Deleted NANO Security Successful Successful Deleted Successful PE Corrupted Untreated Psafe Successful Deleted Successful Deleted Deleted Successful Qihoo 360 Successful Successful Successful Deleted Successful Successful Quick Heal Successful Successful Successful Successful Successful Successful Scandium Security Deleted Successful Successful Deleted Deleted Successful SurfRight Deleted Deleted Deleted Deleted Deleted Deleted Symantec Successful Successful Successful Deleted Deleted Successful Tencent Successful Deleted Successful Successful Successful PE Corrupted ThreatTrack Untreated Successful Successful Untreated Untreated Successful Total Defense Successful Successful Successful Deleted Successful Deleted TrustPort Successful Successful Deleted Successful PE Corrupted Successful UtilTool Deleted Deleted Deleted Deleted Deleted Deleted 3
厂商 样本 7 样本 8 样本 9 样本 10 样本 11 样本 12 AhnLab Successful Successful Successful Successful Successful Successful AVAST Successful Successful Successful Successful Successful Successful AVG Successful Deleted Deleted Successful Deleted Successful Avira Deleted Deleted Deleted Deleted Deleted Successful Baidu Successful Successful Deleted Successful Successful Successful Bitdefender Deleted Successful Deleted Successful Successful Successful Check Point Successful Successful Successful Successful Successful Successful Cisco Untreated Deleted Untreated Deleted Deleted Deleted COMODO Deleted Deleted Deleted Deleted Deleted Successful Dr.Web Successful Successful Successful Successful Successful Successful Emsisoft Deleted Deleted Deleted Deleted Deleted Deleted ESET Successful Successful Successful Successful Deleted Successful Fortinet Deleted Deleted Deleted Deleted Deleted Deleted F-Secure Deleted Deleted Deleted Deleted Deleted Deleted G DATA Deleted Successful Deleted Successful Successful Successful IKARUS Deleted Deleted Deleted Deleted Deleted Deleted K7 Deleted Successful Deleted Successful Successful Successful Kaspersky Successful Successful Successful Successful Successful Successful Kingsoft Successful Successful Successful Successful Successful Successful Lavasoft Deleted Successful Deleted Successful Successful Successful Microsoft Successful Successful Successful Successful Successful Successful MicroWorld Deleted Successful Deleted Deleted Successful Successful NANO Security Deleted Untreated Deleted Untreated Successful Successful Psafe Successful Successful Successful Successful Successful Successful Qihoo 360 Successful Successful Successful Successful Successful Successful Quick Heal Successful Successful Successful Successful Successful Successful Scandium Security Successful Successful Successful Successful Successful Successful SurfRight Deleted Deleted Deleted Deleted Deleted Deleted Symantec Successful Deleted Successful Successful Successful Successful Tencent PE Corrupted Successful Successful PE Corrupted Successful Successful ThreatTrack Successful Successful Successful Successful Successful Successful Total Defense Successful Successful Successful Deleted Successful Successful TrustPort Deleted Successful Deleted Successful Successful Successful UtilTool Deleted Deleted Deleted Deleted Deleted Deleted 4
厂商 样本 13 样本 14 样本 15 样本 16 样本 17 AhnLab Successful Successful Successful Successful Successful AVAST Successful Untreated Untreated Successful Untreated AVG Successful Successful Deleted Successful Deleted Avira Deleted Successful Deleted Successful Deleted Baidu Successful Successful Deleted Successful Successful Bitdefender Successful Successful Successful Successful Successful Check Point Successful Successful Successful Successful Successful Cisco Deleted Deleted Untreated Deleted Deleted COMODO Successful Deleted Deleted Deleted Deleted Dr.Web Successful Successful Successful Successful Successful Emsisoft Deleted Deleted Deleted Deleted Deleted ESET Successful Successful Successful Successful Deleted Fortinet Deleted Deleted Deleted Deleted Deleted F-Secure Deleted Deleted Deleted Deleted Deleted G DATA Successful Deleted Successful Successful Successful IKARUS Deleted Deleted Deleted Deleted Deleted K7 Successful Successful Successful Successful Successful Kaspersky Successful Successful Successful Successful Successful Kingsoft Deleted PE Corrupted Deleted Successful Successful Lavasoft Successful Successful Successful Successful Successful Microsoft Successful Successful Successful Successful Successful MicroWorld Successful Successful Successful Successful Successful NANO Security Successful Successful Untreated Successful Deleted Psafe Successful Deleted Successful Successful Successful Qihoo 360 Successful Deleted Successful Successful Successful Quick Heal Successful Successful Successful Successful Successful Scandium Security Successful Successful Deleted Successful Deleted SurfRight Deleted Deleted Deleted Deleted Deleted Symantec Successful Successful Successful Successful Successful Tencent Successful Deleted Successful Successful Successful ThreatTrack Successful Successful Untreated Successful Untreated Total Defense Successful Successful Successful Successful Successful TrustPort Successful Successful Successful Successful Successful UtilTool Deleted Deleted Deleted Deleted Deleted 5
厂商 得分 Quick Heal 17.0 Kaspersky 16.5 Microsoft 16.5 Check Point 16.5 Qihoo 360 16.0 Baidu 16.0 Dr.Web 16.0 ESET 16.0 AVAST 15.5 Symantec 15.5 Total Defense 15.5 Lavasoft 15.0 Bitdefender 15.0 Psafe 15.0 TrustPort 15.0 AhnLab 14.5 G DATA 14.5 Tencent 14.5 Scandium Security 14.5 MicroWorld 14.0 K7 14.0 AVG 13.0 Kingsoft 12.5 ThreatTrack 12.0 Avira 11.0 NANO Security 10.5 COMODO 10.0 Emsisoft 8.5 Fortinet 8.5 F-Secure 8.5 SurfRight 8.5 IKARUS 8.5 UtilTool 8.5 Cisco 6.5 测试备注 : 本次测试满分为 17 分 Successful 表示清除成功, 每清除成功一个样本得 1 分 Deleted 表示删除样本, 每删除一个样本得 0.5 分 PE Corrupted 表示清除损坏, 每清除损坏一个样本得 0.5 分 Untreated 表示不处理样本, 不处理样本不得分 6
5. 相关信息嘉兴市辰翔信息科技有限公司, 位于浙江省嘉兴市 作为一家计算机安全软硬件及 IT 软硬件测试咨询公司, 专业为 IT 企业提供专业的产品研发咨询并为企事业单位和终端消费用户选择 IT 产品提供参考 公司将在传统的 PC 端安全软件测试咨询的基础上逐步开展移动端安全软件 服务器安全软件 PC 端通用软件 移动端通用软件及其他通用软硬件的测试与咨询工作 公司电话 :+86 573 82809089 公司传真 :+86 573 82808561 公司电邮 :info@pitci.com 公司网址 :https://www.pitci.com 公司地址 : 浙江省嘉兴市南湖区凌公塘 3339 号嘉兴科技城科创中心 3 号楼 3304-3306, 邮编 314000 公司法律顾问 : 浙江南湖律师事务所 7
6. 权利说明除非另有说明, 嘉兴市辰翔信息科技有限公司 ( 简称 辰翔科技, 下同 ) 拥有本报告的版权, 未经辰翔科技事先书面授权许可, 任何机构或个人无权擅自更改本报告内容或以任何方式以商业目的而使用本报告 ( 包括但不限于发送 传播 复印 摘编等 ) 本报告中所使用的辰翔科技商标 服务标识及标记, 除非另有说明, 均为辰翔科技的商标 服务标识及标记, 辰翔科技对此拥有版权, 任何侵犯辰翔科技版权之行为, 均为违法行为, 辰翔科技将对此依法追究侵权人相关法律责任 8
7. 免责声明辰翔科技在此特别提醒, 在使用本公司报告前, 请认真阅读 充分理解本声明中各条款, 包括免除或限制辰翔科技责任的免责条款及对用户的权利限制, 如果您对本声明中的任何条款表示异议, 可以选择不使用本报告, 您使用本报告的行为将被视为对本声明全部内容的认可, 并同意接受本声明全部条款的约束 1 本报告由辰翔科技向读者提供, 所载全部内容仅系提供读者参考之用, 并不构成对其选择 购买 使用产品之建议, 也不构成对其选择 购买 使用报告中所涉产品的邀请或保证 辰翔科技不担保内容的绝对准确性和完整性, 读者不应单纯依靠本报告而取代个人的独立判断, 辰翔科技建议读者如有任何疑问, 应当咨询国家相关部门并进行独立选择 购买或使用判断 2 本报告所载内容为辰翔科技在报告发表日当日对有关产品性状的判断, 在其它不同日期辰翔科技可发出与本报告内容不一致或有不同结论的报告, 但辰翔科技无义务或责任为此将原报告涉及内容及时更新并由此通知读者, 在此情形下辰翔科技不对读者因使用本报告所产生的损失负任何责任 3 本报告可能附带其它网站的地址或超级链接, 目的纯粹是为了读者使用方便, 所链接网站的内容不构成本报告的任何部分, 读者需自行承担浏览该类网站的风险 费用或者损失 同时辰翔科技不对此类网站的内容 ( 包括但不限于广告 产品或其他资料 ) 的真实性 完整性 准确性及合法性负责或保证, 读者使用或依赖任何此类网站或经由此类网站获得的任何内容 商品或服 9
务所产生的任何损害或损失, 辰翔科技不承担任何直接或间接法律责任 4 辰翔科技可能与生产本报告涉及产品的公司间已存在或将存在业务关系, 但无需事先或在将来建立业务关系后通知其他读者 5 读者接收本报告并不视为和辰翔科技建立业务关系, 辰翔科技无需因此而对其承担类似客户关系情形下的任何法律责任 6 所有辰翔科技报告测试对象之产品样品, 系辰翔科技于正规合法销售渠道购买之产品, 故本报告内容仅适合于从正规合法渠道购买之产品, 而不适于从其他渠道所得之产品, 读者使用非正规合法销售渠道产品所产生的任何风险或损失, 与辰翔科技无关, 在此情形下辰翔科技概不承担任何法律责任 7 本报告可能会涉及公司或个人所有的商标或其相关照片 图案, 若任何单位或个人认为涉嫌侵犯其合法权益, 可及时与辰翔科技联系, 以便辰翔科技迅速作出处理 对上述声明的解释 修改及更新权属辰翔科技所有 10