Discussion in 'other anti-virus software' started by Logyn, Jan 22, 2006.
All what i can and will say: this test is complete nonsense. this test belongs not my favorites.
As I've noted in a similar thread, discussion is welcome. Preferably discussion that extends beyond a one liner and provides some context, though all opinions are welcome. However, blatant trolls and attempts to initiate a discussion with respect to moderation decisions will be removed without further comment.
I'm sad to see the censorship of comments favorable to this test. I myself am neutral -- but am always interested in test data and *meaningful* (uncensored) non-vitriolic comments.
My DrWeb didn't do so well, either. And I am dubious about the accuracy of the test with regard to that fact. However, I see no need to shoot the messenger & delete positive testimony without benefit of a fair trial.
Comments favorable to this test are fine. I don't agree with that assessment, but that's another matter.
However, clear baiting designed to generate little more than an emotional flamewar response is not appropriate. The posts being moderated could take a tact which would readily pass muster. They have deliberately chosen to pursue another route. The outcome is of their own making.
EDIT: BlueZannetti replied allready.
When reading the fine-print surrounding the test results, I find it strange that they are not yet sure if the tested malware are working samples?
How can you categorize programs on detection if you are not certain about the test set?
@Blue- I am in total agreement with your stated goals, & have a long-time respect for your judgment & impartiality. However, I feel that one-liner comments such as post #2 above "All what i can and will say: this test is complete nonsense" are equally unprofitable & somewhat inflammatory.
I means, virus.gr's latest test (linked in post #1 above) has an extensive statement of ostensibly technical data about how the test was structured & conducted. To me, a useful comment about the test should deal with that technical data in a more-or-less point-by-point manner. Namely -- is the statement false? How do we know? Is the stated methodology flawed? In what way?
I can pretty much accept cursory comments from established experts, such as Happy Bytes & IBK, but I find statements by the *rank & file* such as "this test is complete nonsense" are equally deserving of deletion as those which already have been removed.
P.S.- While I was writing this, the unregistered troll returned & reposted. My sympathies, Blue. I am NOT defending that sort of comments.
I always have and always will consider -- when it comes to the results of a test like this -- Kaspersky and it's clones to be a single entry. As such, this is how I view the results. With that in mind, it would seem that only three antivius engines were able to exceed 90% detection and with Nod close to 89%, I would say that is a good showing for Nod. AntiVir at 86% is most impressive I think.
1. Kaspersky Personal Pro version 5.0.390- 99.46%
a.) Kaspersky 2006 beta version 184.108.40.206- 99.46%
b.) F-Secure 2006 version 6.10.330 - 96.92%
c.) CyberScrub version 1.0 - 96.62%
d.) eScan Virus Control version 2.6.522.9 - 95.21%
2. McAfee version 10.0.27 - 94.80%
3. BitDefender version 9 - 90.75%
4. Nod32 version 2.50.41 - 88.79%
5. AntiVir version 6.32.00.51 - 86.55%
6. AntiVir version 6.32.00.51 - 86.55%
7. Norton Professional version 2006 - 85.17%
8. F-Prot version 3.16d - 84.96%
9. Dr. Web version 4.33 - 84.68%
10. Panda Titanium 2006 version 5.01.00 - 82.02%
No further comment, just a reminder.
You are talking in contradictions.
You accept cursory comments from "established" experts, but don't do the same from those people which are in your opinion not "established" and not an "expert".
BTW 1: i didn't knew you are so well informed about my skills...
Speaking with your own words: this is *rank & file*.
BTW 2: it's not my intention to flame, i just make transparency in your post about me.
Let's keep comments focused on the topic at hand. Thanks.
avg doing better than trend micro and avast?
These types of tests are fun to do on your own, when you can keep it in perspective that these may have a very large margin of error, but to publish the results as some official test.... If you want to have a test that can be used as some sort of authoritive word, then you gotta go all the way and analyze each sample before the test, not just throw it in there becuase some scanner detected it.
More on past tests (with responses by the tester).. this one doesn't look much different, IMO.
thanks for this reminder, i have read it now again and fortify me in my opinion
I share your opinion 100%.
Straight from Mr. VirusP's site:
"Introduction - What makes our test differ from other tests
Several antivirus programs have been developed to protect pc users against viruses, that both include both detection of the virus and repairing of the infected files, whenever it is possible. Unfortunately, once again, the dominant ones are those that have the best methods of advertisement and not the ones that "do their job best".
Why is this test different from all the others (e.g. pc magazines' antivirus tests)
This test was made by the only Greek virus collector, known as VirusP, webmaster of www.virus.gr, whose collection consists of approximately 245,000 virus samples (crc32 different files) and is one of the biggest virus collections worldwide. On the contrary, all other greek tests' database never exceeds the 6,000 virus samples, while internationally most tests' database doesn't exceed the 20,000 virus samples. So, if you take under consideration the number of both antivirus programs tested and unique virus samples used, you will understand that, statistically speaking, the results of the test would not be too different even if we used 95% of all computer viruses ever made."
Therefore again: i can't take his tests serious....
Very first time, I see this test. Is this test reliable ?
I always thought, the larger the test-bed, the more reliable the test results are.
Test-bed of av-comparatives August 2005 contains 421.171 threats.
Test-bed of virus-gr. contains 113,334 threats.
Is this virus-gr. test worth my time in the future ?
No, I think it is not worthy, it is still like in past, so the comments are always the same. If I would include all various garbage in the test-set like virus.gr does, than my test-set would contain some millions files.
Let's say diplomatic: read the opinions in this thread and make your own decision about reliability (or not)
I don't think so. If you outcluded these File = (BeOS, FreeBSD, Linux, Mac, Palm, OS2, Unix, BinaryImage, BAS viruses, MenuetOS) and MS-DOS = (MS-DOS viruses) categories, these results are not so bad with DrWeb either. Clones has been removed in this comparison.
1. -- 99.6 % -- Kaspersky Personal Pro v. 5.0.390 & Kaspersky 2006 beta v. 220.127.116.11
2. -- 92.9 % -- McAfee v. 10.0.27
3. -- 89.7 % -- BitDefender v. 9
4. -- 87.7 % -- Nod32 v. 2.50.41
5. -- 86.6 % -- MKS_VIR 2005
6. -- 85.5 % -- AntiVir v. 6.32.00.51
7. -- 83.6 % -- Dr. Web v. 4.33
8. -- 80.4 % -- Norton Professional v. 2006
9. -- 79.6 % -- F-Prot v. 3.16d
10. - 77.9 % -- Panda Titanium 2006 v. 5.01.00
11. - 76.8 % -- AVG v. 7.1.371
12. - 71.8 % -- PC-Cillin 2006 v. 14.00.1341
13. - 71.2 % -- Avast v. 4.6.744
14. - 67.3 % -- VBA32 v. 3.10.5
15. - 65.9 % -- Ewido 3.5
16. - 64.7 % -- UNA v. 1.83
17. - 64.4 % -- Norman v. 5.83.07
18. - 59.8 % -- Sophos Sweep v. 3.99
19. - 50.2 % -- a² Personal v. 1.6
20. - 47.3 % -- Vexira 2005 v. 5.001.32
Remember, there are a lot of people that say the Norton is a damn good av!
The results of this test are also flawed to a noticeable extent......Many AVs have switched places, and I still don't get how CyberScrub AV which has no extended database could be better than eScan which does have the extended database
Thanks. I stick to the av-comparatives in the future !!!
There are already unreliable tests enough on the net.
Yeesh.. I missed that part. How can 245k samples be representative of all malware ever made, especially when we don't know how many of those files are junk?
I found that missed part here: http://www.virus.gr/english/fullxml/default.asp?id=32&mnu=32
I just trust to tests where autor post names of all samples used.
For example VirusP could post Kaspersky LOG file and show us that his test is reliable.
Is there any reason of why to not post such log?
That wouldn't tell us if the sample is genuine working malware or not. Durin ghte KIS2006 beta I had several temp files detected as trojans when I was installing something that was definitely not malicious. Unless he gave all the samples to an actual malware analyst, there's no real way of telling.
Separate names with a comma.