Home few antivirus comparaison

bitdefender has an excellent heuristic engine. not quite NOD32 though
especially BD's backdoor heuristic's are great ( i've seen many behaveslike win32 backdoor detections on new/modified malware)
nod scores better on viruses/worms


Cadoul: please continue your tests

av tests are always interesting to read

a question: do you use standard bases with the avs when testing?
for example do you use drweb's spyware/riskware (beta) bases?
or KAV's extended bases?
did you enable extended threats with NAV ?
etc

 

At AV-Comparatives' latest retrospective/proactive test, NOD does better than BD at heuristically detecting Backdoors too. Any clarification?

 

I used the last updates for AV products, extended versions but never beta.
I made 22 tests. Big job. May i'll continue later.
Sincerely
Cadoul

 

@Firecat

the opinion is based on real life experience in finding new undetected malware.

 

Oh OK - So that means BD heuristics is effective at Trojans/Backdoors, while NOD's is more effective at viruses/worms?

 

That's is the reality. Wait other ~50 days to see the results of the next proactive test.

 

nod is IMO effective against general new malware, be it backdoors/trojans/malware/worms/viruses/dialers/anything.. its heuristics are second to none

i've just noticed that BD seems to be particularly effective against modified/new backdoors or bots, i suppose it is because it has good unpacking engine which is always helpful in backdoor detection.
again, these are my personal opinions/experiences

as i understand av-comparatives uses only decompressed samples the result may be different with packed malware

 

Hmm....I heard that BitDefender's HIVE technology has been partly implemented right now. Softwin support told me that BitDefender's HIVE is the only heuristic engine so far to catch at least 70% of all ITW malware out there without signatures.

Whats so strange is, NOD does better than that every time right?

Of course, I dont think unpackers are very important if the AV has a memory scanner. Am I right?

 

No, just unarchivied, but not decompressed.

 

that would explain it, i don't know BD that well, thats for the pro version right ? has ther been an upgrade of BD after the last av-comparatives test?

slightly but noticeably( based on my experience )

depends a little on the memory scanner, but basically yes

 

Yes, BitDefender recently announced their HIVE technology, and "Phase I" of the HIVE heuristics engine is now been added to BD (I think its for both versions).

"Phase I" of HIVE is a "Virtual PC in a PC", sort of like a Sandbox. There is more to come, and HIVE will be 100% implemented by the end of the year.

 

And btw thanks for answering my queries illukka and IBK

 

Last post about that subject. i get the last Symantec Corp 10 this morning.
i tried with max settings and last update(04/20/05).
Symantec Corp 10.0.0.359------------------22329
Sincerely
Cadoul

 

Hello, I am just curious how well Gdata 2005 would do in your test. I wonder how differently the combo would compare relative to their individual programs. Would you consider testing this?