Malware-Test Lab: Antivirus Comparison Report (February 26, 2007)

Discussion in 'other anti-virus software' started by sai7sai, Feb 26, 2007.

Thread Status:
Not open for further replies.
  1. Stefan Kurtzhals

    Stefan Kurtzhals AV Expert

    Joined:
    Sep 30, 2003
    Posts:
    702
    IBK, how dare you to critize those experts! :rolleyes:

    Hey, while we are posting screenshots, please post some of the Avira option dialog (which options were enabled) - and one of the NOD32 options. I am sure the guys at ESET want to have a laugh too.
     
  2. sai7sai

    sai7sai Registered Member

    Joined:
    May 3, 2006
    Posts:
    21
    Location:
    Taiwan
    It is wrong, you need remove duplicate entries.
     
  3. plantextract

    plantextract Registered Member

    Joined:
    Feb 13, 2007
    Posts:
    392
    this should be done by the testers, remove duplicate files, (if they are 100% identical), test for corrupted files (i don't know what those 160.000 warnings are but i assume some are regaring file reading or unpacking errors)
     
  4. sai7sai

    sai7sai Registered Member

    Joined:
    May 3, 2006
    Posts:
    21
    Location:
    Taiwan
    Configuration settings for the scan:
    Jobname..........................: Manual Selection
    Configuration file...............: F:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\PROFILES\folder.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: off
    Scan boot sector.................: on
    Boot sectors.....................: I:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Scan all files...................: All files
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Skipped archive types............: BSD Mailbox, Netscape/Mozilla Mailbox, Eudora Mailbox, Squid cache, Pegasus Mailbox, MS Outlook Mailbox,
    Macro heuristic..................: on
    File heuristic...................: high
    Different risk categories........: +GAME,+JOKE,+PCK,+SPR,
     
  5. Stefan Kurtzhals

    Stefan Kurtzhals AV Expert

    Joined:
    Sep 30, 2003
    Posts:
    702
    While waiting for those screenshots, sai7sai, how did you actually test if the samples were functional? I mean, beside the usual "ok, KAV detects it, let's put it into the collection" test. :rolleyes:
     
  6. sai7sai

    sai7sai Registered Member

    Joined:
    May 3, 2006
    Posts:
    21
    Location:
    Taiwan
    The duplicate files have been removed, all sample fles have different SHA1 values. In here, I meant log file has duplicate entries.
     
  7. sai7sai

    sai7sai Registered Member

    Joined:
    May 3, 2006
    Posts:
    21
    Location:
    Taiwan
    All samples are scanned by multiple scanners, if they detect it (it is possible, it is a false positive), we put it into Virus Bank.
     
  8. CJsDad

    CJsDad Registered Member

    Joined:
    Jan 22, 2006
    Posts:
    618
    64 hours to scan Avira?? :eek: :eek:

    Over 2 1/2 days to complete a scan, you'll be scanning forever just to keep up with the most recent release of malware.
     
  9. Schouw

    Schouw AV Expert

    Joined:
    Jan 4, 2004
    Posts:
    29
    Location:
    Netherlands
    More than 10% difference for one engine, nice. :)
    AOL got tested one week later than KAV. That explains the difference between those two.
    By default AOL and KAV scan for AdWare, but not for RiskWare.

    The most logical explanation for eScan's results is that it didn't scan for AdWare.

    Including an error margin really doesn't make the lack of "fixed" bases any less professional, sorry.

    Oh well, if a 15 year old kid which stumbles across some lame XSS can be called a security expert, you guys can be called antivirus/virus/testing experts.

    Better luck next time. :)
    Although luck shouldn't have anything to do with it of course. ;)
     
  10. sai7sai

    sai7sai Registered Member

    Joined:
    May 3, 2006
    Posts:
    21
    Location:
    Taiwan
    That is why we spent much time to complete this testing. I guess the problem is File heuristic is set to High.
     
  11. extratime

    extratime Registered Member

    Joined:
    Oct 14, 2005
    Posts:
    100
    Hilarious! I needed a good laugh today.
     
  12. Macstorm

    Macstorm Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    2,631
    Location:
    Sneffels volcano
    I think the test publisher doesn't even know what scanning engines are being used by AV vendors :rolleyes:
     
  13. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    I aint got no problem with his results. (burp):rolleyes: :gack:
     
  14. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    You must be joking. I´ve scanned 200,000 files (some really big archives/sfx/executables, so lots of unpacking) in a little more than an hour with a Duron 800 MHz.
     
  15. SteveS335

    SteveS335 Registered Member

    Joined:
    Jan 16, 2007
    Posts:
    43
    So did anyone interact with the scanner when there was a popup?, or just when they noticed that the timer was running and the scanner was waiting for a reaction.
     
  16. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    No, I think its the old, Eenie meanie minie moe, method.:cool:
     
  17. Stefan Kurtzhals

    Stefan Kurtzhals AV Expert

    Joined:
    Sep 30, 2003
    Posts:
    702
    Or someone produced the settings *after* the test was performed? But then, of course the scan can take 64 hours if someone manually handled the dialogs all the time. :rolleyes:
     
  18. EQ2

    EQ2 Registered Member

    Joined:
    Jan 25, 2007
    Posts:
    39
    I think this is very funny report,because Chinese Rising is very bad.In China,most people can hate it
     
  19. EQ2

    EQ2 Registered Member

    Joined:
    Jan 25, 2007
    Posts:
    39
    Rising can not clean&Delete most viruses of variety,so Kaspersky is more popular than Rising in China
     
  20. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    i still think i am correct in saying, they have worked out the detection rates purely on "scanned files minux infected files", which will show kaspersky and nod32 in bad light, thats for sure.

    also stefen, i have to agree with "avira is slow scanning.........." extremlely slow, BUT.....when scanning infected malware, the test of the scan was 'obviously' checked on the scanning of 'X malware', and not on a mb scan of clean files, in my own testing ive noticed that avira is, by far... the slowest AV at scanning infected malware.
     
  21. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Well, IBK´s numbers are the opposite.
    Antivir and NOD 32 are at the top of on-demand scanning speed.
     
  22. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    Sorry Chris, I just finished testing it against Nod, Dr Web and it beat both, set to scan all files. Didnt include Kav, as I didnt want to wait all year.
     
  23. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    lucas AND trjam,

    you did not read my post properly,

    avira is the slowest scanning of infected malware, IBK's scanning speed test is done on a more realistic clean pc or clean set of files, say... 100mb.

    if you scan 100mb of clean files with avira, im sure it will be the fastest, but as i said, if you scan 100mb of infected files with avira, by far the slowest, this is why it says this in the test.
     
  24. IBK

    IBK AV Expert

    Joined:
    Dec 22, 2003
    Posts:
    1,865
    Location:
    Innsbruck (Austria)
    scanning speed is measured on clean files, not over malware collections.
    edit: C.S.J. was faster in replying
     
  25. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    i understand that IBK, im just stating why the test says avira is slow.....

    the test was not done on clean files, therefore avira is the slowest. :rolleyes:
    -------
    and im pretty sure they are working percentages out by scanned files (minus) infected and using that for the percentage, instead of getting the percentage from the files remaining in the test-set.

    yayyy, i solved the mystery :D
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.