View Full Version : Detect rate
Tinribs
August 24th, 2002, 08:36 PM
Following on from a previous thread I made a while back, I rescanned my test folder and Nod32 detected only 16 ,all correctly, DrWeb detects 19 all correctly.
Does this imply that DrWebs detection rate is higher than Nods? )or Heuristics and a good guess) I realise its just a small selection of Samples but its got my knees 'a' knockin a little,
Paul Wilders
August 24th, 2002, 09:11 PM
Tinribs,
Apart from how the AVs have been configured - an essential factor - what test bed have you been using? Only viruses? Worms? trojans/backdoors? As is well known, NOD32 does a fine job in regard to ITW viruses - and performs average on other fields. Dr.Web has its own quite different capacities.
regards.
paul
Tinribs
August 24th, 2002, 09:24 PM
All program settings the same,or as near as poss, mostly virii and worm, few trojan as I leave this for TDS3, I'm not too worried as results speak for themselves,but still iys something to test further.
Paul Wilders
August 24th, 2002, 09:32 PM
Hi Tinribs,
-{ Quote: "All program settings the same,or as near as poss" }-
By design NOD32 and Dr.Web act quite differently - in spite of the way they are configured.
-{ Quote: "mostly virii and worm{quote]
Would you mind providing names?
-{ Quote: "few trojan as I leave this for TDS3" }-
Thus trojans/backdoors have been left out while testing the AVs?
regards.
paul
" }-
Tinribs
August 24th, 2002, 09:43 PM
Ok,here is folder 1, bear in mind all are zipped up, and stay that way,so names are of zip archive and may not represent the true virii name;
aim2
aimaster3
badtrans
ghostd
hybris
inspect
kamakazaa
klez
kpmv
kraimer13
lassa2
magistr
metrion3
pengoz
pratoreo
s3x
sinistahack
seekersjs
sircam
vbsworm7
wizardry
yaha
This is the folder that DrWeb finds 19 infected and names them all correctly,Nod32 see's 16. Of course its not a good test under ideal conditions but all programs I have tested have been under the same conditions at time of testing.
zappa
August 25th, 2002, 05:03 AM
Which 3 didn't NOD find? If not in NOD data base perhaps sending them in to NOD would be the neighborly thing to do so my next update has them in it!!!! Thanks neighbor.
Tinribs
August 25th, 2002, 05:51 AM
Its been done already ;)
As I say,I have never opened these zip files and all tests rely on these zip files actually containing what they report to.
vBulletin® Copyright ©2000-2012, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2012, Wilders Security Forums