antivirus signatures

Discussion in 'other anti-virus software' started by MalwareDie, Dec 19, 2006.

Thread Status:
Not open for further replies.
  1. MalwareDie

    MalwareDie Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    500
    I am not sure if this si a valid post. How about you post the amount of signatures your antivirus has and then post again when av-comparatives does their february testing. We can see judge how many signatures your antivirus added and guess how well it wil do in the on demand test and the retrospective test.
     
  2. apm

    apm Registered Member

    Joined:
    Mar 15, 2006
    Posts:
    162
    Dr.Web v4.33.2 2006-12-19 (04:33) 162428, 3.11MB
     
  3. FRug

    FRug Registered Member

    Joined:
    Feb 7, 2006
    Posts:
    309
    signature count is pretty much irrelevant, since different vendors count signatures in a different way.
     
  4. Miyagi

    Miyagi Registered Member

    Joined:
    Mar 12, 2005
    Posts:
    420
    Location:
    Honolulu, Hawaii
    Don't forget the heuristics. ;)
     
  5. IBK

    IBK AV Expert

    Joined:
    Dec 22, 2003
    Posts:
    1,819
    Location:
    Innsbruck (Austria)
    e.g. symantec keeps the number of signatures as low as they can, by adding/creating/optimizing generic signatures. Thats why they have such a low number of signatures claimed but anyway high detection rates. So, no, it is not possible to conclude how the AVs will score based on looking/analyzing the number of signatures they have or added.
    But you can anyway guess just for fun. I would for example guess this (it is only a guess, I did not test them recently and some I did never tested at all so far - it is only guessing, which means I could be totally wrong in my guess): AVK, AVIRA, TrustPort, eScan, F-Secure, KAV, Bitdefender, NOD32, Norman, Avast, Fortinet, F-Prot, McAfee, AVG, Dr.Web, Ikarus, Microsoft, VBA32.
     
    Last edited: Dec 19, 2006
  6. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    162486 - 12:34
    162494 - 12:36
    162496 - 13:38
    162506 - 14:27
    162517 - 14:48
    162520 - 15:09

    updates are released quite frequently here with dr.web, thats for sure, but... role on version 5.

    im sure you see the point anyway, also .. dr.web's schedule for updates is default every 9 minutes.
     
    Last edited: Dec 19, 2006
  7. MalwareDie

    MalwareDie Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    500

    microsoft has an antivirus?
     
  8. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
  9. MalwareDie

    MalwareDie Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    500
    For the upcoming february on demand test. ill guess the results including DOS viruses/malware.

    Avira Antivir, GData AntiVirusKit (heard they recently switched engines), F-Secure, Kaspersky, NOD32, TrustPort, Norton, BitDefender, Norman Virus Control, Avast, McAfee VirusScan, F-Prot, AVG, Dr.Web, Microsoft OneCare.


    Will any others be tested in February? I know VBA32 wil be done separately
     
    Last edited: Dec 20, 2006
  10. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
  11. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    new signatures i recieved, found an FP with my new dell laptop,

    sent to dr.web, fixed in exactly 16 mins. WOWWWWWWW
    everyday, they impress me... whether its not the top rated for detection, service is top-notch.
     
    Last edited: Dec 19, 2006
  12. MalwareDie

    MalwareDie Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    500
    Ya their service is excellent
     
  13. mrtwolman

    mrtwolman Eset Staff Account

    Joined:
    Dec 5, 2002
    Posts:
    613
    Exactly, pure number of the samples says nothing about the product and its detection abilities.

    Here is my classic a contrario agruing:

    Imagine we have have malware family with 1000 members. You can have product A detecting this family with one generic signature which will catch also some modification and product B having 999 signatures for every single piece but one.

    As for samples B beats A 999:1, but in detection A beats B by detecting 1 piece of malware more.
     
Loading...
Thread Status:
Not open for further replies.