AV Test and Best AV

Discussion in 'other anti-virus software' started by kareldjag, Feb 11, 2005.

Thread Status:
Not open for further replies.
  1. kareldjag

    kareldjag Registered Member

    Nov 13, 2004

    I consider "best AV or AV1 VS AV2" as endless discussions.

    Even with serious AV test, we can't demonstrate with scientifics argumentations and methodology which one is really the best.
    It's better to be prudent and impartial.

    ***Serious AV tests:

    * *http://www.av-test.org/

    * *http://agn-www.informatik.uni-hamburg.de/vtc/

    * *http://www.virus.gr/english/fullxml/default.asp

    * *http://www.av-comparatives.org/

    * * http://www.icsalabs.com/html/communities/antivirus/labs.shtml

    * *http://www.virusbtn.com/vb100/archives/products.xml?table

    ***Why it's difficult to evaluate antivirus softwares and why some AV test are more serious than others?


    ***How to choose an AV?
    A beginning of answer, but with a little bit subjectivity:



    My Disclaimer:don't trust any reviews.
    Their tests are not as scientific, independent and impartial as they could claim.

    ***Why don't we try our personal tests?

    Here an easy test.

    Fistly, we have to choose some files to test scan engines.

    On the Eric Howes pages for instance(not really dangerous test files):

    http://www.spywarewarrior.com/uiuc/soft7a.htm (leaktest rubric)

    Here's my choice:

    -Firewar:firewall killer demonstrator,
    -Whatsec:AV killer demonstrator,
    -NoisyBear: (java applet based on eicar, the last one): http://www.attac.net/tester.html

    *The test could be made firstly with zip archive, and after with Tar.bz2 archive (or one of your choice).

    We just have to submit these files on Jotti's site:


    *Here the result:

    -1-Firewar.zip:infected, exept :AVG/Fortinet/Norman,
    -2-Firewar.tar:infected, exept:AVG/F-Prot/Fortinet/Nod32/Norman

    -3-Whatsec.zip:infected, exept:AVG/Fortinet,
    -4-Whatsec.tar:infected, exept:AVG/F-Prot/Fortinet/mks-vir/Nod32,

    -5-NoisyBear.zip:infected, exept:Antivir/AVG/Clam AV/Nod32/Norman,
    -6-NoisyBear.tar:infected, exept:Antivir/AVG/Clam AV/F-Prot/Fortinet/mks.vir/Nod32/Norman.

    I just want to demonstrate that we only definer which AV is the best for only one parameter (here ability to scan archives).

    There's too many parameters (capacity of eradication, heuristic/behaviour engine, ability to find known or unknown virus, compressed files etc...) to have a definitive conclusion about which is the best or not.

    But with all AV tests, we just can analyze results to elaborate a list of very good Antivirus:in alphabetic order:

    **AVK (german version),
    **Pc-Cillin (Trend Micro).

    There's also good others ones which are rarely tested like AV without signatures (Viguard and Invircible), or antivirus with integritry checkers like SOLO or IntegityMaster.

    I have no one to defend or to recommend.

    ***Finally:Many best antivirus, NO best ONE.
    The best antivirus is the one which is good for your using:according to:

    -your knowledge's level (newbie or advanced user),
    -kind of surf (risky or not),
    -and so on...

    If it could help some users to be more neutral . ;)

    Best Regards

Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.