Multiple virus scanning needed, says multiple scanning firm...

[Prince_Serendip]

Multiple virus scanning needed, says multiple scanning firm...

Quote:

That's the conclusion of a study analysing the results of research by five leading anti-virus testing laboratories from security firm GFI which reveals various (we'd say minor) shortcomings in popular AV products.

GFI looked at results on tests on AV tools from Trend Micro, Symantec (Norton), McAfee, Norman, and Softwin by five impartial anti-virus testing laboratories (ICSA Labs, West Coast Labs, Virus Bulletin, AV-Test.org, and Virus TestCenter). In GFI's analysis, particular attention was paid to overall virus detection rates, the ability of AV tools to scan through compressed and embedded files, and their coverage of non-virus malware.

More...http://online.securityfocus.com/news/559


IMO, running two AV's might cause conflicts and false positives.

[root]

Yes, really. That is not the smartest conclusion to be drawn from the study. The white paper can be found here
I did not find F-Secure to be heads and shoulders above the competition and it employs 3 engines.
Doctor Web, KAV, and Esset are noticibly missing from the test. Guess it would make Norton and McAfee look too bad.
I thought GFI had better stuff in em.

[Paul Wilders]

Quote:

Doctor Web, KAV, and Esset are noticibly missing from the test.

A matter of GFI.COM marketing - no more, no less. That's their perogative no doubt. Just ask some test organizations to test products x,y and z - and they will do so. Andreas Marx is IMHO quite trustworthy - thus no blame on the testers.

I for one would look upon this in the right perspective - pure marketing.

regards.

paul

[Prince_Serendip]

Hi Paul!

Quote:

I for one would look upon this in the right perspective - pure marketing.

That's why I put this up. This is the same stuff we discussed last month. They are still trying to make it look legit! As you say, it is all about $$$!

Does DCS have an AV yet? I bet if they did to AV's what they've done to trojans with TDS-3, they would put the rest to shame!

[Paul Wilders]

Hi PS,

Quote:

This is the same stuff we discussed last month.

I'm not sure what you are referring to here - in case it's the "pcflank comparison/test": there is a big difference: they tested various ATs on a very suspicous way, and ranked them. In this case, just a few AVs have been picked out to test.

Quote:

They are still trying to make it look legit!

Well, as a comparison between the tested AVs, they might be right as well..

Quote:

As you say, it is all about $$$!

..that's what marketing usually is all about

Quote:

Does DCS have an AV yet?

Nope; sophisticated ATs a quite a different ball game. Personally, I do believe DCS will never enter the AV business.

Quote:

I bet if they did to AV's what they've done to trojans with TDS-3, they would put the rest to shame!

A different ball game as stated. Nevertheless, I'm sure DCS will be pleased to know you do have that much confidence!

regards.

paul

[controler]

I think it is time to gather forces and prod sombody to get a legit test of all the AV products and include NOD 32 and F-PROT, The products never compared to the major brand names.
All things should be considered, such as speed, detection rates, compressed-zipped-bound-mutilated.
Then post the results for all to see.
This would put to rest some of the debate but NEVER all debate.
There will always be those that like one GUI over another.

[Technodrome]

You will find some of tests for f-prot at http://www.av-test.com

NOD32 doesn't enter these kind of tests(or any) because of the poor detection of zoo viruses and backdoor/trojan detection. (Marketing from eset).


Technodrome

[controler]

Quote:

quoting: Technodrome link=board=24;threaded=2920;start=0#19827 date=1029028428]
You will find some of tests for f-prot at http://www.av-test.com

NOD32 doesn't enter these kind of tests(or any) because of the poor detection of zoo viruses and backdoor/trojan detection. (Marketing from eset).


Technodrome

Hey Tech , How you doin? Are you saying NOD-32 is afraid to enter their software into AV tests because of some weaknesses is certain areas?

[Paul Wilders]

Quote:

Are you saying NOD-32 is afraid to enter their software into AV tests because of some weaknesses is certain areas?

Allow me to correct that statement TD

av-test.com (Andreas Marx c.s.) does have permission from Eset to test NOD32 in the meanwhile. If and when NOD32 will be tested, is up to av-test.com.

btw: without any doubt NOD32 will not score highest in regards to backdoors/trojans: it's an anti-virus in the first place. IMHO one should rely on a separate stand alone resident running anti-trojan to cover both.

regards.

paul

[Technodrome]

Quote:

quoting: controler link=board=24;threadid=2920;start=0#19832 date=1029032036]
Hey Tech , How you doin? Are you saying NOD-32 is afraid to enter their software into AV tests because of some weaknesses is certain areas?

Yes! Wouldn't they or anyone else like to score top besides ITW VB 100 test!
NOD32 is rather weak in regards to ZOO Virus Detection and Trojan/Backdoor.I am more concerned of ZOO viruses then Trojans and Backdoors. I want to see some more tests before I change my mind about what I said!

P.S NOD32 posses strengths among others: Great Heuristics analyzer and almost perfect score in regards to ITW detection rate.

Technodrome

[Technodrome]

Quote:

quoting: Forum Admin link=board=24;threadid=2920;start=0#19856 date=1029075265]

Allow me to correct that statement TD

av-test.com (Andreas Marx c.s.) does have permission from Eset to test NOD32 in the meanwhile. If and when NOD32 will be tested, is up to av-test.com.

btw: without any doubt NOD32 will not score highest in regards to backdoors/trojans: it's an anti-virus in the first place. IMHO one should rely on a separate stand alone resident running anti-trojan to cover both.

regards.

paul

I am glad to hear that! I'd be glad if they scored very high in regards to zoo viruses. But we don't know if they will be included!Don't we?


Technodrome

[Paul Wilders]

Hi TD,

Quote:

But we don't know if they will be included! Don't we?

..unless we contact Marx, asking for the test bed used

regards.

paul

[Technodrome]

I'd like that!!!
We should ask! Its free!


Technodrome

[wizard]

The results from av-test.org regarding trojan/backdoor detection are useless. Their testset includes also non-trojans like clients or edit servers.

wizard