New MRG Test #20 Real Time Test

Discussion in 'other anti-virus software' started by sourav_gho, Sep 3, 2009.

Thread Status:
Not open for further replies.
  1. sourav_gho

    sourav_gho Registered Member

    Joined:
    May 22, 2009
    Posts:
    141
    Hi,
    The following is the brief of tests. The tests used 60 different malwares. The first column is name of av, second total blocked, third total missed:

    Program Blocked Missed MRG Project#20
    a-squared 60 0 Passed
    Avast 58 2 Failed
    AVG 59 1 Failed
    AVIRA 60 0 Passed
    BitDefender 53 7 Failed
    Dr.Web 57 3 Failed
    eScan 52 8 Failed
    F-Prot 46 14 Failed
    Ikarus 60 0 Passed
    Kaspersky 60 0 Passed
    Microsoft (BETA) 57 3 Failed
    Nod32 58 2 Failed
    Norman 50 10 Failed
    Norton 58 2 Failed
    Panda 60 0 Passed
    Panda Cloud 60 0 Passed
    Prevx 60 0 Passed
    Spy Emergency 44 16 Failed
    Twister 58 2 Failed
    VIPRE 60 0 Passed
    COMODO 60 0 Passed
    F-Secure 60 0 Passed
    G DATA 60 0 Passed
    McAfee 59 1 Failed
    Online Armor++ 60 0 Passed

    Conclusion: Mixed Results.

    Results page: http://malwareresearchgroup.com/?page_id=2
     
    Last edited: Sep 3, 2009
  2. kasperking

    kasperking Registered Member

    Joined:
    Nov 21, 2008
    Posts:
    406
    "Pass or fail " is a subjective notion,esp when it comes to such tests,and should be thrown around with discretion.
     
  3. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
  4. sourav_gho

    sourav_gho Registered Member

    Joined:
    May 22, 2009
    Posts:
    141
  5. sourav_gho

    sourav_gho Registered Member

    Joined:
    May 22, 2009
    Posts:
    141
    Hey no offence, but I was jst saying what it could be conceived from this test
     
  6. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    Virus names used seem to be Kaspersky labeling isn't it?
     
  7. sourav_gho

    sourav_gho Registered Member

    Joined:
    May 22, 2009
    Posts:
    141
    Ok fine, if you think if you think it looks like labeling, I have edited my post no more mention of any names.
     
  8. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    On behalf of ESET I'd like to mention that:
    1, all files we've found to be dected as "Trojan.Ransom.Win32.SMSer.in" by any of the AV vendor are already detected. Since different malware families were detected in this name and we don't have the hash of the missed files, it's impossible to tell when exactly detection was added. The point is all these malware families are currently detected by generic signatures and no single file was missed.

    2, As for Trojan.Win32.Inject.ahhq, this one is intentionally undetected if we talk about the very same file. When executed, it simply does nothing malicious, just finds a specific window and ends. It may be a part of malware, but it's completely benign and thus not subject to detection.
     
  9. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    Thanks for the update Marcos. Always impressed with Nod32.
     
  10. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    It seems a bit odd to me to be directly comparing standalone AV products with integrated suites such as Online Armor ++ and CIS.For example BitDefender AV missed 7 samples,why not use their Internet Security product? Surely such a test should be like for like o_O
     
  11. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    Agree with you andyman. At the same time, although a small number of samples, it's interesting to see the difference between a small AV such as Twister, an up-and-coming VIPRE, compared to G-Data or so.

    Overall, I'd say all of the programs discussed on this forum and used by members did well.
     
  12. subset

    subset Registered Member

    Joined:
    Nov 17, 2007
    Posts:
    825
    Location:
    Austria
    Need more informations?

    Go to: hxxp://malwareresearchgroup.com/?page_id=4

    "For all general information about Malware Research Group please contact:"
    Info>at<MalwareResearchGroup.com
    Link: hxxp://mrg.ssupdater.com/info@malwareresearchgroup.com

    Cheers
     
  13. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    No surprises here. :thumbd:
     
  14. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    Haha another MRG test, here we go!
     
  15. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    this thread will probly span another 10 pages. :)
     
  16. progress

    progress Guest

    Well done BitDefender :rolleyes: Congratulations to Panda, great improvement :)
     
  17. subset

    subset Registered Member

    Joined:
    Nov 17, 2007
    Posts:
    825
    Location:
    Austria
    The gentlemen from MRG/SSUpdater preferred to remove the link from their site. :'(

    But it can still be found at the yahoo cache. :eek:

    mrg.ssupdater.png

    Cheers
     
  18. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    sneaky... :cautious:
     
  19. tipstir

    tipstir Registered Member

    Joined:
    Jun 9, 2008
    Posts:
    830
    Location:
    SFL, USA
    Again you leave out Rising RAV, if you do decide to test it change the defaults which have a lot of good features disabled and enable them all and set it high protection to high. I use AVIRA PE but also RAV under RIS 2009 on systems that need extra protection where AVIRA PE doesn't feature email protection. But good to see the APE catch everything you had thrown at it though! :)
     
  20. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    This does explain a lot about the strange methodology of this test. SSUpdater tests always included the likes of MBAM and SAS in an unrepresentative way too.:rolleyes:
     
  21. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Twister only missed 2! It is looking VERY promising, to my *twisted* way of thinking.:cool:

    However, my computer's main contraceptive continues to be Avira -- nonpareil!
     
  22. subset

    subset Registered Member

    Joined:
    Nov 17, 2007
    Posts:
    825
    Location:
    Austria
    As the results seem to be random, I don't think it depends on any defined methodology. :cautious:

    Cheers
     
  23. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    The strange methodology I'm referring too is the comparing of standalone AVs alongside full security suites with included HIPS.
     
  24. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    Very true.Dynamic testing is extremely time consuming though which is why most just tend to do on-demand scan tests upon a large number of static samples.

    Until someone comes up with an effective way to test a large number of currently active malware in a real-world way at best all these tests are a small indication of a product's capabilities and a great way to start a heated Wilders debate.:D
     
  25. CogitoTesting

    CogitoTesting Registered Member

    Joined:
    Jul 4, 2009
    Posts:
    901
    Location:
    Sea of Tranquility, Luna
    Hi ssj100

    Do you how long it will take to execute 60,000,000 samples one after the other? It could take weeks or probably months and there is a good possibility that the PC would crash even before you reach the 1,000th sample. Good Luck trying though. :D
     
Loading...
Thread Status:
Not open for further replies.