New VirusP 8-2004 published!

Discussion in 'other anti-virus software' started by Firefighter, Sep 1, 2004.

Thread Status:
Not open for further replies.
  1. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
  2. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    Once again! With MKS_VIR 2004, only KAV engined av:s were better against trojans & backdoors than MKS (eXtendia Pro - 99.90 %, MKS_Vir 2004 - 95.71 % and the second best non KAV based av, RAV 8.6.105 - 89.33 %). Good job with MKS!

    All these, even that MKS was not within those reference av:s (Kaspersky, F-Prot, RAV, Nod32, Dr.Web, Sophos, BitDefender, E-Trust and McAfee) from where one of these checked each sample as "infected". As we know, these reference av:s have some advantage in the results they don't actually deserve.

    Best regards,
    Firefighter!
     
    Last edited: Sep 1, 2004
  3. hbkh

    hbkh Registered Member

    Joined:
    Jan 15, 2004
    Posts:
    128
    Location:
    Ohio, USA
    Am I the only one slightly worried about the lack of details in this comparative? For example: If you download the detailed report (and read it :D ) it give a section called Performance and give you a number but fails to tell what the number implies? minutes? seconds? Also, there is a * next to "Windows" repeatly thoughout the report but no further notation of what the * is for? There are no specifics on the file versions or sig versions. Its things like that, that worry me. Just my honest opinion (I don't doubt the results are accurate but they way it is displayed could be much better) :)

    hbkh

    PS. I too am very impressed with MKS, maybe we finally found out what the polish are good at. :D
     
  4. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    To everyone from Firefighter!

    Big steps forwards,

    NOD detected + 6,92 %

    MKS detected + 5.96 %


    About the same,

    BitDefender detected + 0,24 %


    and finally a step backwards,

    DrWeb detected - 1,98 %


    comparing this test to VirusP 10-2003!


    Best regards,
    Firefighter!
     
  5. profhsg

    profhsg Registered Member

    Joined:
    May 18, 2004
    Posts:
    145
    As far as NOD32 is concerned, I'd take the results from the test with a grain, no make that a ton, of salt. The author of the test used NOD32 version 1.840 to test. Given that the version is now 2 major revisions behind (current version 2.12) and has not been updated since April 2004, the test results should have virtually no relevance to the NOD32 that exists today. Indeed, given the use of NOD32 v. 1.840, I'm surprised that the product did as well as it did.
     
  6. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    But you fail to mention that KAV 4.5 is the clear winner and that mks rated only number 15 in the test at 89.45%. That ain't so good...not at all bad, a lot better than other popular av, but not great like you imply. KAV 4.5 is the world's best AV without a doubt. It rated 99.09% and KAV 5.0 was number 5 where you would expect it to be the same or better than 4.5.
     
  7. se7engreen

    se7engreen Registered Member

    Joined:
    Feb 6, 2004
    Posts:
    369
    Location:
    USA
    I guess it's not suprising that KAV based scanners took the top 6 places. Some things that did suprise me are:
    Norton 2004 places better than SAV 9 o_O
    Norman VC did terrible
    Norton scored better than Panda, Bitdefender, Dr.Web, NOD32, and Avast :eek:

    And what's the deal with NOD32? Is that really the program version or is that the virus database version?
     
  8. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    NOD32 - v.1.840 (20040811) It's the virus database version...NOT the version of NOD32 which is now at 2.12.2.
     
  9. profhsg

    profhsg Registered Member

    Joined:
    May 18, 2004
    Posts:
    145

    If this is accurate, I stand corrected. However, the author of the test should make clear that it's the database version, not the software version, which is being used.
     
  10. TAG97

    TAG97 Registered Member

    Joined:
    Feb 10, 2002
    Posts:
    616
    Location:
    Connecticut USA
    Nice Site o_O

    "Why collect computer viruses?



    Why should someone collect computer viruses


    Why not? Why collect stamps or cinema tickets?

    Viruses are programs with a - usually - limited expiration date and therefore can indeed be considered collectable items.

    Collecting viruses is the nearest and safest thing next to having the knowledge to make them.

    The publicity that has been given to them - especially after the latest CIH, Melissa, LoveYou-Worm, Klez, Tanatos, Opasoft attacks - has made computer viruses kinda fascinating to the pc users.

    The people you get to meet - both collectors and coders - are, at least, interesting and clever.

    You have the chance to learn many things about them. Consequently, you learn how to protect your computer even better.

    Viruses are the forbidden fruit for the pc users.

    The fact that you will tell your friends that you collect viruses, makes you look like a mysterious man, in a weird but cool kinda way.

    Collecting viruses doesn't necessarily make you a bad person ... as long as you don't use them to infect other people's computers :)

    Nowadays you can find computer viruses easily at the Internet.

    You realize that you collect things that could erase your hard disk, only with one more click of the mouse. It's like playing with fire, a game only a few pc users have the guts to play ..."
     
    Last edited: Sep 1, 2004
  11. MNKid

    MNKid Guest

    Yawn...

    He tests viruses with outdated programs. Now THAT'S reliable!
     
  12. msanto

    msanto Registered Member

    Joined:
    Aug 12, 2004
    Posts:
    214
    So why does NOD32 do so well at Virus Bulletin and so poorly here?
     
  13. hbkh

    hbkh Registered Member

    Joined:
    Jan 15, 2004
    Posts:
    128
    Location:
    Ohio, USA
    How do you figure? Keeping in mind that the test itself was most likely done a while go, it just been taking some time to compile results. After all, thats a lot of data! :)

    Cheers,
    hbkh
     
  14. kloshar

    kloshar Registered Member

    Joined:
    Oct 12, 2003
    Posts:
    279
    Location:
    Europe, Slovenia, Bre?ice
    Big congratiolations to F-secure! It is really product worth of usage. I think it is even better than KAV. Great, really great!

    Little bit dissapointed with BitDefender and very, very dissapointed with Norman.

    What is going on?!
     
  15. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    To Mele20 from Firefighter!

    When MKS_VIR 2004 scored 89.45 % total, in my mind it's better than I never expect in a test like this. The most common nasties, backdoors & trojans, only KAV engines scored better.

    File = BeOS, FreeBSD, Linux, Palm, OS2, Unix, BinaryImage, BAS viruses - 34.39 %.

    Don't know about their importance in my WinXP Home system!


    MS-DOS = MS-DOS and HLL*. viruses - 83.74 %.

    If the most were MS-DOS viruses as I expect, the same as above! Not detected new MS-DOS definitions in DrWeb's database this year.


    Malware = DoS, Constructors, Exploit, Flooders, Hoax, Jokes, Nukers, Sniffers, Spoofers, Virus Construction - 87.72 %.

    Only KAV engined av:s and those two Nortons had considerable better results.

    In other 4 different categories MKS scored over 90 %. For me these results are more than enough when the most important category is closest the absolute top ever (after KAV's of course).

    Best regards,
    Firefighter!
     
    Last edited: Sep 1, 2004
  16. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    To msanto from Firefighter!

    You maybe don't know that VirusBulletin samples are known before the test if you want to check out that and make your homework.

    http://www.wildlist.org/WildList/RTWL.htm

    So, why bother tests like that VB, when you can collect much more other definitions in the mean time? But about NOD, in my mind NOD has reacted against tests like this more than expected during these last 10 months. See my post nr. 4 in this thread.

    Best regards,
    Firefighter!
     
  17. negative creep

    negative creep Registered Member

    Joined:
    Aug 30, 2004
    Posts:
    17
    Location:
    Netherlands
    Wormguard stopped me opening the excel files in the downloadable .rar compressed file on the site. :eek:

    Risk Assessment: Medium

    *> Suspicious strings detected.
    WormGuard has found a few strings in this file that are suspicious.

    *> Contains suspicious string: virus
    LINE=...n Shield 1.4.0.9"..eScan 2003 Virus Control 2.6.484.8....
     
  18. negative creep

    negative creep Registered Member

    Joined:
    Aug 30, 2004
    Posts:
    17
    Location:
    Netherlands
    If I read it correctly. The anti-trojan scanners did very bad. TDS-3 only found about half of the trojans/backdoors. Kav found nearly all.

    In this test Kav 4.5 did better than 5.0.

    Correct me if I'm reading this wrong.
     
  19. lynchknot

    lynchknot Registered Member

    Joined:
    Jun 26, 2004
    Posts:
    904
    Location:
    SW WA
    4.5.0.58? - 4.5.0.104 was just released
     
  20. wizard

    wizard Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    818
    Location:
    Europe - Germany - Duesseldorf
    Because VB tests are serious and focus on matters that really count?

    I don't want to repeat all the discussions about the quality of tests like those from VirusP because we had plenty threats about this in the past. But who cares about tests which are purely based on old or exotic malware? What does that say actually about a scanner's ability to protect me from todays (or maybe even tomorrows) threats?

    What counts is the detection of those viruses which are actually spreading and not the detection of samples that only exits in somebodies private collections.

    wizard
     
  21. tazdevl

    tazdevl Registered Member

    Joined:
    May 17, 2004
    Posts:
    837
    Location:
    AZ, USA
    FYI, BitDefender 8 is out. Might want to give it a try with your testing.
     
  22. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    To Wizard from Firefighter!

    I'm not saying that VirusP tests are the only truth but something strange happened after these last two VirusP tests to some known av-programs. Although they have not scored to the absolute top, they have significantly improved their detecting rates in a test like this. Why? Maybe all these sampless aren't crap files then, some real nasties were there that they had to be covered!

    VB has basicly two different areas, which brakes up the whole credibility to the test as a whole.

    1. The test samples are already known BEFORE the test.

    They don't RANDOMLY pick their tested NEW widespread threats to their tests.

    2. The most possible threats are outside of their tests, backdoors and trojans.

    Over 80 % of DrWeb's new definitions this year were backdoors and trojans. They are sure ALIVE threats.

    Someone may have done that kind of conclusion, that VirusBuster with their last VB history, 7 PASSSED in a row in VB, offers better protection than Command AntiVirus, only 2 PASSED in a row with their last VB history.


    Best regards,
    Firefighter!
     
    Last edited: Sep 2, 2004
  23. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Oh my, here come the NOD-nannies to shoot down any test other than VB. ;)

    Quoted from introduction to VirusP's test results...
     
  24. virusgr

    virusgr Guest


    Thanks mate, seems like some people ALWAYS deny to read the info .. :p

    And, how come no-one has mentioned that NOT only KAV-based av get more than 92% in many categories .. ? Doesn't this mean that at least 93%(!) of the files are not crap .. o_O? As i recall, last time some had said most of the samples tested were crap :p
     
  25. Q Section

    Q Section Registered Member

    Joined:
    Feb 5, 2003
    Posts:
    771
    Location:
    Headquarters - London & Field Offices -Worldwide
    Hmmmm.......It seems like about 94.74% of a recent poll* decided they did not want just one programme to do all the work of security. As always - a layered defense is the most desirable and wise.

    The majority of the marketplace does not want what the very small (5.26%) minority seems to be wishing for.

    No offense firefighter but what security company will be likely to develop one super-duper programme for all ones' security needs since there is practically no market for it?

    It is great that students are trying to learn about virii (Antony Petrakis for example - author of the "test" in question) and perhaps they can one day contribute something relevant to the discussion but until then.....

    *Poll size not very large.
     
Loading...
Thread Status:
Not open for further replies.