Please don't flame me, only want to share with you my personal antivirus test, if it doesn't allowed or something like that then delete the post:

28/02/03

Total 200 Archives in 55 Folders

NAV 2003*** Scanned 210, 202 Infected = 202 Total
PC-CIllin2003 Scanned 200, 200 Infected = 200 Total
Kaspersky 4 Scanned 205, 200 Infected = 200 Total
Drweb 4.29 Scanned 201, 196 Infected + 3 Suspicious + 1 Infected Modified = 200 Total
RAV 8 Scanned 224, 197 Infected + 1 Suspicious = 198 Total
NOD32 1.368 Scanned 200, 192 Infected = 192 Total
AVAST4 Scanned 202, 175 Infected = 175 Total
AVG 6*** Scanned 203, 131 Infected = 131 Total

All products updated today, the virus is a mix of trojans, vbs, worms and win32 virus, all relatively recent not sure if ITW.

Interesting!

A little confusing, though. How many actual pieces of malware were there? NAV, I take it, had 2 fp's?

Can you break down the test a little more? ;D

I'm not going to flame you... ;D, but if you don't mind me asking, what's your point?

Without being a little more specific as to what the malware was, sure, NAV would find older outdated virii that NOD32 wouldn't. However, both passed the latest VB100. I presently use both.

Some of the AV's have weaknesses with trojans. Some have Script blocking built in (NAV). Most of the Wilders faithful is well versed with the advantages and disadvantages of each program...

Without more specifics, I'm afraid the test wouldn't hold water...

I did not flame you, right? ;)

My point is only think what would happened if I receive any of that viruses using that AV's, no matter if it were backdoors, trojans or whatever, were 200 virus files that I found and scanned it with that AV's, no so much details because is the user view, no professional view.

Here is the tree file tested, many of this is received by mail or P2P file share:

02938056.INI
0E207E63.BAT
1.exe
26FDED1A.EXE
277A9239.BAT
2E439491.EXE
6ee1c90a.exe
960ECC95.EXE
alco.pif
Anthrax.exe
BAIT.EXE
baivietmoi.gif.exe
binladen.exe
Bored.vbs
Britney.chm
caifanes.chm
CALC.EXE
CHTHON.EXE
cmpld1.EXE
cmpld2.EXE
CodeGreen.exe
codered.exe
Codered2.exe
Crystal.a1.vbs
docworm.exe
Empire.248.EXE
energy.exe
Eraser.vbs
Eternity.A.8704.exe
F0SF0R0.EXE
F302E1F6.EXE
F98F8A3E.BAT
FlashPla.exe
Friends.exe
****er.scr
****osama.vbs
GEMINI.EXE
gone.scr
HD_Fixing.exe
HTML.Stertor.html
ID.exe
invalid.EXE
I-Worm.Avalon.vbs
I-Worm.Choke.exe
I-Worm.Croatia.vbs
I-Worm.Embrion.exe
I-Worm.Enviar_(11).EXE
I-Worm.Fiume.doc
I-Worm.Hybris.c.exe
I-Worm.Noon.vbs
I-Worm.Repah.a.EXE
I-Worm.rous.a.EXE
I-Worm.WinXP.vbs
jimmy.EXE
JOSS.EXE
Kallisti.doc
KANBAN.EXE
ketamine.EXE
LaraCroft.theme
lastword.exe
Like_A_Virgin.MP3.vbs
LUCIFERX.EXE
madafaka.vbs
MadTraxD3D.exe
Mbop!.vbs
Mbop!-Vbs.vbs
MLINK32.EXE
movie.avi.pif
movie.exe
nach.EXE
neo.exe
NEOKILLER.vbs
next.EXE
NortonAntivirus2002FullDonwloader+SerialKey.exe
NOTEPAD.EXE
OperacionTriunfo.scr
optiz.js
orange.exe
OU812.EXE
Parrot.scr
PawPaw.bat
Penfold.2133.bat
pet_tick.vbs
Pexpress.exe
Platnico.txt.shs
PLEXAR.EXE
PORN_Madonna.JPEG.vbs
PussyTweak.exe
QTM.COM
Raptor V.vbs
readme.eml
Revelation_2.1.exe
sargo.vbs
SEGAX.EXE
setup32.exe
SEX_za_neupucene.htm
sexyPHAGE.GIF.pif
Shakira.chm
Sharp.exe
singlung.exe
SOLITON.BAT
Stress.vbs
SuperNova.exe
Sys.602.bat
Taichi.exe
taker.exe
trood.exe
Troodon.exe
VBS.Trojan.Zirkov.vbs
VBS.VbsDoc.vbs
VICTIM.EXE
VS008642.COM
VS035415.COM
VS035448.EXE
VS038237.PIF
w32.mimee.eml
W32.Trilisa.C.scr
W32.Trilisa.D.scr
w32linda32.EXE
wargames.exe
Welcomb.vbs
Win32.Alma.2414.EXE
Win32.Alma.5319.EXE
Win32.iwing.exe
Win32.Mix.EXE
Win32.Revaz.exe
Win95.Caw.1335.EXE
WinREG.Wow.reg
WM.Larva.doc
WM.Mikrob.doc
WM.Spiroheta.doc
wordpass.vbs
worm.exe
worms.exe
WTC.exe
WV32.EXE
www.symantec.com.vbs
XFW.exe
XTC.EXE
Yap.exe
yell0w.exe
ZekeZip.bat
zerg.exe
ziplung.exe
Abraxas.1171\Abraxas.1171.com
Abraxas.1200.a\Abraxas.1200.a.com
Abraxas.1214\Abraxas.1214.com
Abraxas.Cleton.1508\Abraxas.Cleton.1508.com
Abraxas.Cleton.1518\Abraxas.Cleton.1518.com
Anna\Anna.com
Bat.Jumper.Trojan\FunnFaCTOR.bat
deadday\deadday.exe
dome\dome.vbs
Eternity.B.7168\Eternity.B.7168.exe
Eternity.B.7168\infected_file.exe
Ginger.2247\Ginger.2247.com
Ginger.2691\Ginger.2691.com
I-Worm.America\America.COM
I-Worm.BadtransII\Me_nude.MP3.scr
I-Worm.Energy.f\SygatePatch.exe
I-Worm.Fireburn\I-691D~1.VBS
I-Worm.Gokar.A\I-WORM~1.EXE
I-Worm.Kazus\I-Worm.Kazus.exe
I-Worm.Magistrar.b\I-Worm.Magistrar.b.exe
I-Worm.MyLife.e\mylife_e.exe
INF.DelBios\Delreg.inf
infis\30CB0B5D.EXE
jasemin\Jasemin.EXE
jethro\bait.EXE
JPGvirus\proof.exe
JS.Prawn.A@mm\DAWN.JS
JS.Trojan.Seeker-based\dlcounter[1].js
Kristen\Kristen.vbs
lena\lena.EXE
Trojan.BAT.Tuber\Help4u.bat
TrojanDropper.Win32.BigJack\patcher.exe
Uncensored\Uncensored.jpg.exe
VBS.LaMEr0nE\VBS.LaMEr0nE.vbs
VBS.RTFinfo\1nfo.vbs
VBS.Solved\vbs.solved.vbs
VBS.Timofonica\I-A93F~1.VBS
Win2k.Dob\dob.EXE
Win32.bubica.A\IEpatch.exe
Win32.BugBear@mm\I-Worm.Tanatos.exe
Win32.Cichosz\cichosz.EXE
Win32.Gnuman.Worm\GNUTEL~1.EXE
Win32.Hotriga\h0rtserver.exe
Win32.Hotriga.dr\h0rtclient.exe
Win32.IKX\Win32.IKX.exe
Win32.Pet_Tick.M\Kevlar.exe
Win32.Zaushka@mm\Win32.HLLP.Zaushka.Worm.exe
Win95.Boza.c\Win95.Boza.c.(intended).exe
Win95.Cerebrus\CEREBRUS.EXE
Win95.Evil\Win95.Evil.962.exe
Win95.Lud.Hill\Win95.Lud.Hill.401.exe
Win95.MarkJ\Win95.MarkJ.826.exe
Win95.Mmorf\2m.EXE
Worm.Super.393\Worm.Super.393.com
X14\LAB.EXE
Zippy\Zippy.exe

Also, as previously discussed here, some AV's are better at archive scanning than others. Just because a virus isn't detected in an archive does not necessarily mean that it wouldn't be detected when unzipped.

RaLX,

-{ Quote: "My point is only think what would happened if I receive any of that viruses using that AV's, no matter if it were backdoors, trojans or whatever" }-

In essence, an antivirus has been designed to do just that: coping with viruses. Apart from KAV/AVP and to some extend Dr.Web, there's no way to rely on an antivirus to be on the safe side for other malware as well - and IMHO one could not expect such an overall protection from any specific antivirus either.

As for KAV/AVP and Dr.Web: I've stated this before, and will repeat it once more: personally, I'm all for a layered defense: a separate top notch ITW antivirus in conjunction with a top notch antitrojan. This way, whenever one app has been put out of business for one reason or another, at least the system isn't totally vulnerable for all malware on the spot.

regards.

paul

I think what RaLX posted has some value for some people.No claim was made that any one product excelled. It was just information about how things worked on his/her computer.
The results shown were along the lines of what I would expect to see. Nothing professional here and no claim to such. Just another piece of information to add to the picture.
Having noted it was a mixed bag of bad guys and knowing that all AVs do not go after all known trojans, it really indicates to me, that what we generally discuss here about the various AVs is backed up by this.
I think it does, to a point, show the need for anti trojan software also.
So I say thanks for the effort. You did not try to prove anything to anybody, just did some tests and shared the results for people to use or discard as they see fit.
It is important to note though, if anyone new to security sees the results of the programs tested here, they should not get the impression that one program will protect them adequately all around. :)

To RaLX from Firefighter!

Is it possible to send us a list of missed files per program?


Best Regards,
Firefighter!

-{ Quote: " quoting: root link=board=24;threadid=7642;start=0#50408 date=1046571081]
I think what RaLX posted has some value for some people.No claim was made that any one product excelled. It was just information about how things worked on his/her computer." }-

I second that! I think it's cool to see how the different av's work on a "typical" users machine. It always makes me wonder how an av would fare against malware if it was installed on my box--and it's difficult to get an idea based on all the "lab tests".

Thanks for doing some of the "legwork", Ralx--even if it was only for grins! ;D

To Firefighter from RaLX

Sorry I didn't take a note of each file missed because my intention was merely numerical results.