AV-programs tested against the new wmf-hole-NOD among the best

Discussion in 'other anti-virus software' started by Jaska, Jan 5, 2006.

Thread Status:
Not open for further replies.
  1. Jaska

    Jaska Registered Member

    Joined:
    May 7, 2004
    Posts:
    98
    German av-test.org has tested the major players in AV business against
    the new Windows wmf-hole.
    Nod32 was one of those who stopped all the tested 206 variants
    Here are the results (in parenthesis the missed variants)
    Perfect protection:
    BitDefender
    Computer Associates eTrust - VET
    F-Secure
    Kaspersky Lab
    McAfee
    Eset Nod32
    Microsoft OneCare
    Sophos
    Symantec

    Inadequate protection:
    Alwil Avast (1)
    Clam AntiVirus (1)
    Aladdin eSafe (1)
    Fortinet (18 )
    AntiVir (24)
    eTrust - INO (25)
    Panda (25)
    Ikarus (26)
    Norman (26)
    Ewido (47)
    AVG (59)
    VirusBuster (61)
    QuickHeal (63)
    Trend Micro (63)
    Dr Web (93)
    VBA32 (110)
    Authentium Command (119)
    F-Prot (119)
     
    Last edited by a moderator: Jan 5, 2006
  2. bontchev

    bontchev AV Expert

    Joined:
    Nov 13, 2005
    Posts:
    38
    Re: AV-programs tested agaisnt the new wmf-hole-NOD among the best

    Handling this thing required a code change in F-PROT (just a DEF update wouldn't do). We have released a new version (3.16e) yesterday. It should detect this exploit just fine.

    Regards,
    Vesselin
     
  3. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Re: AV-programs tested agaisnt the new wmf-hole-NOD among the best

    Thanks for the update Vesselin :)

    On a side note: since this thread in effect regards many other Antiviruses, I'm going to move it to the "other antiviruses" forum. Hope you all do understand.

    regards,

    paul
     
  4. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Re: AV-programs tested agaisnt the new wmf-hole-NOD among the best

    Weird, Alwil guys released generic signature two days ago if i remember correctly. I guess this test missed this signature update:rolleyes:
     
  5. TAP

    TAP Registered Member

    Joined:
    Aug 17, 2004
    Posts:
    344
    Re: AV-programs tested agaisnt the new wmf-hole-NOD among the best

    I think AVG is weird too, it should not miss too much like this (59 samples).

    I don't know but I think AVG has a problem in its engine to detect this exploit, 2-3 days ago I noticed a very big updates from AVG Free so I think Grisoft released something (probably new engine) in order to detect this exploit.
     
  6. metallicakid15

    metallicakid15 Registered Member

    Joined:
    Dec 6, 2005
    Posts:
    454
    Re: AV-programs tested agaisnt the new wmf-hole-NOD among the best

    i wouldnt call the below products inadequate since they only missed one file which can easily be fixed.

    Alwil Avast (1)
    Clam AntiVirus (1)
    Aladdin eSafe (1)
    Fortinet (1
     
  7. vlk

    vlk AV Expert

    Joined:
    Dec 26, 2002
    Posts:
    618
    Re: AV-programs tested agaisnt the new wmf-hole-NOD among the best

    Indeed, avast with latest definitions catches all of them. The test was performed earlier.
     
  8. metallicakid15

    metallicakid15 Registered Member

    Joined:
    Dec 6, 2005
    Posts:
    454
    Re: AV-programs tested agaisnt the new wmf-hole-NOD among the best

    you might want to add pc tools antivirus in 100% detection of wmf
     
  9. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    Re: AV-programs tested agaisnt the new wmf-hole-NOD among the best

    Not a complete surprise as this is a KAV clone ;)
     
  10. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Re: AV-programs tested agaisnt the new wmf-hole-NOD among the best

    MS already released patch for WMF vulnerability. Please use Windows Update tool...
     
  11. Proland

    Proland Guest

    Re: AV-programs tested agaisnt the new wmf-hole-NOD among the best

    Code:
     Nod32 was one of those who stopped all the tested 206 variants 
    Jaska yeah i would really see this link by myself could you then give us the direct link to this article please?
     
  12. Jaska

    Jaska Registered Member

    Joined:
    May 7, 2004
    Posts:
    98
    Re: AV-programs tested agaisnt the new wmf-hole-NOD among the best

    I found this information from a appreciated Finnish
    computer magazines daily news. I did'n find the original test from http://www.av-test.org/ site. Maybe they are giving the information to magazines before their own website.
     
  13. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Re: AV-programs tested agaisnt the new wmf-hole-NOD among the best

    And how protected were AV users before any of the signature based AVs updated as opposed to virtualisation software users.

    No signatures = no protection.
     
  14. Proland

    Proland Guest

    Re: AV-programs tested agaisnt the new wmf-hole-NOD among the best

    ahaa from a Finland magazine.
    but also those antiviruses protected against all those WMF:
    BitDefender
    Computer Associates eTrust - VET
    F-Secure
    Kaspersky Lab
    McAfee
    Microsoft OneCare
    Sophos
    Symantec
    incl. Nod32
     
  15. TAP

    TAP Registered Member

    Joined:
    Aug 17, 2004
    Posts:
    344
    Re: AV-programs tested agaisnt the new wmf-hole-NOD among the best

    Updated Anti-virus Detection Stats


    We have an update to the anti-virus detection stats for WMF variants. There’s both good news and not so good news in it.


    AV-Test tested 206 variants and the following products detected all 206:

    Avast!
    BitDefender
    ClamAV
    eSafe
    eTrust-VET
    eTrust-VET (BETA)
    F-Secure
    F-Secure (BETA)
    Kaspersky
    McAfee
    McAfee (BETA)
    Nod32
    OneCare
    Panda (BETA)
    Sophos
    Symantec
    Symantec (BETA)


    Unfortunately some, including some well-known ones, missed quite a few. These are the products that missed some and the number they missed:


    Fortinet 18
    Fortinet (BETA) 18
    AntiVir 24
    eTrust-INO 25
    eTrust-INO (BETA) 25
    Panda 25
    Ikarus 26
    Norman 26
    Ewido 47
    AVG 59
    Trend Micro (BETA) 60
    VirusBuster 61
    QuickHeal 63
    Trend Micro 63
    Dr Web 93
    VBA32 110
    Command 119
    F-Prot 119


    (BETA) refers to beta definitions, as opposed to the release-level ones.

    http://blog.ziffdavis.com/seltzer/archive/2006/01/04/39774.aspx
     
  16. zzzzzz

    zzzzzz Guest

    Re: AV-programs tested agaisnt the new wmf-hole-NOD among the best

    Kaspersky didn't protect 100% the first day, only after a few patches. So don't count too much on those results as they are all an updated version of the original test.
     
  17. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    Re: AV-programs tested agaisnt the new wmf-hole-NOD among the best

    Explain please if you can, why the test's made after the first shouldn't be trusted, after all they are made by the same tester?
     
  18. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Re: AV-programs tested agaisnt the new wmf-hole-NOD among the best

    Results aren't that important itself but they show how flexible are specific AV engines. For example avast! didn't need any program update to cover this WMF (just signature) while F-Prot required program and signature update to correctly cover it. Though this shows just one aspect of the engine, not entire capability...
     
  19. Pornald

    Pornald Guest

    Code:
      AV-programs tested against the new wmf-hole-NOD among the best  
    NOD32 among the best to detect wmf-hole,
    also etrust, f-secure, bitdefender and some other also was the best to detect it 100%.
    i really like to know and to see those article's there you found that NOD was the best of all, or are you just writing it by yourself ?
     
  20. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,148
    Location:
    Denmark
    NOD was not the "best of all", but it had 100% detection/protection just like some of the other vendors had. A few had 75% protection, this included Kaspersky as well. However in the next updated test, Kaspersky had 100% detection/protection.
     
  21. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    KIS2006 slept through almost all the tests over at dslreports while Bit Defender was so aggressive that I couldn't do any of the tests. KIS never let out a peep on scanning of the zip files of the tests and the later repeated updated zips of the tests while BD insisted on deleting EACH TEST within the zipped folder. BD would not allow me to unzip and actually detected all nine tests individually. KIS, even after unzipping, missed most of the tests. I now have BD Pro. I did have BD free for a year and one-half but after seeing how it handled this situation, I think it is right at the top of the AVs and actually above KIS and NOD32 because it doesn't cripple my internet speed like both the others do.
     
  22. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    BD seldom gets mentioned when the question arises as to best AV, but it always shows up in the top few when tested.

    I have used it for a year in the paid version, and see no reason to change with each test that is published. In fact BD seems to be getting better all the time. I just renewed mine, and appreciate the fact that they permit me to use the same key for my second home computer, at no additional cost.

    I think BD is a much overlooked top AV. The price is also less than the other top AVs I think.

    Jerry
     
  23. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    I've always held BitDefender in a very high regard, and it was the toughest choice for me to choose between BitDefender and NOD32 last year, if you remember. ;)

    But does Softwin really allow you to use a single license of BitDefender on two PCs? Wow! :)
     
  24. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    HI Firecat,
    Yes they do, and I was pleasantly surprised. It gives me another reason to stay with BD. It also runs well on my machine.

    This AM I downloaded and installed BD9, and entered the key. It worked, but I had not uninstalled Avast. I had disabled it, but that was not enough, and whe I rebooted the programs would not all reload, and it froze to a large extent. I finally had to turn off the power, rebooted with the same result. The next time I uninstalled Avast, rebooted, and all is well.

    Two AVs always cause me problems. I knew of the problems, but thought I could get by with disabling one until I had the other installed and working. I was wrong.
    Still living and still learning - albeit slowly.

    Regards,
    Jerry
     
  25. Sputnik

    Sputnik Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    1,198
    Location:
    Москва
    I had my choise for BitDefender, and never regret. It's good software, with great detection. The interface is also absolutly fitting my needs. Clean simple, but still offering lots of options. And all this for a price wich can't be beat.

    About using a single license on two computers, I'm not so sure about that. I will try to find out more about it :)
     
Loading...
Thread Status:
Not open for further replies.