other AV test results from av-comparatives

Macstorm · Mar 6, 2007

I thought Ikarus would rank 1st. in total average

I'm surprised they are not 'so good' detecting backdoors, trojans and other malware (70%) but really impressive (and winner) regarding to Windows viruses, macros, worms, scripts and others (89%).

MalwareDie · Mar 6, 2007

Firecat said:

Question: Why does Rising do so badly in AV-comparatives test, when it had got 90% in the recent PC-Welt tests performed by AV-test.org?

Surely there has to be a good reason. Maybe its because they are lacking in detection of older malware?
Click to expand...

My theory is that PC-Welt tests use many unsuitable samples and that is why Fortinet gets such a high result on it but scores so much lower which applies to rising's detection rate. Also the last PC-welt test only tested trojans, backdoors, bots, and one other thing while AV-comparatives tests more than just those types of malware. I persoanlly don't trust any tests except those at av-comparatives.

Primrose · Mar 7, 2007

Firecat said:

Question: Why does Rising do so badly in AV-comparatives test, when it had got 90% in the recent PC-Welt tests performed by AV-test.org?

Surely there has to be a good reason. Maybe its because they are lacking in detection of older malware?
Click to expand...

Yes..and with the utmost respect for those that code AV product and design the engines..also to those that do testing like IBK and other Labs..and then even those who do help collect malware and badboys..the reality is that the detection rate and scores on any Comparsions can be predicted quite accurately by many who understand just what kind of zoo files will be used in those tests. The designers already know and if they want to improve their scores in some areas..they can load in the detection of the older malware.
Just ask the Inspector

I think it important though, to concentrate today on the polymorphic packer and those badboys within that group..to me the leaders of the AV pack are the ones IBK has given good overall marks. And I congratulate him on his fair testing, openness and categories.

*****************************

"Among the large amount of malwares we view, we have seen a few this week that were heavily obfuscated by some sort of "polymorphic packer." Interestingly, unlike the results of most packers/protectors, the application code wasn't just decrypted and executed from a section, but rather was executed onto the heap. The applications were apparently compiled in Visual C++ and didn't have any position-independent code. (The code needs to be loaded at a given address; otherwise, it won't be able to execute correctly.)"

http://www.websense.com/securitylabs/blog/blog.php?BlogID=112

MalwareDie · Mar 7, 2007

Primrose said:

Yes..and with the utmost respect for those that code AV product and design the engines..also to those that do testing like IBK and other Labs..and then even those who do help collect malware and badboys..the reality is that the decetion rate and scores on any Comparsions can be predicted quite accurately by many who understand just what kind of zoo files will be used in those tests. The designers already know and if they want to improve their scores in some areas..they can load in the detection of the older malware.
Just ask the Inspector

I think it important though, to concentrate today on the polymorphic packer and those badboys within that group..to me the leaders of the AV pack are the ones IBK has given good overall marks. And I congratulate him on his fair testing, openness and categories.

*****************************

"Among the large amount of malwares we view, we have seen a few this week that were heavily obfuscated by some sort of "polymorphic packer." Interestingly, unlike the results of most packers/protectors, the application code wasn't just decrypted and executed from a section, but rather was executed onto the heap. The applications were apparently compiled in Visual C++ and didn't have any position-independent code. (The code needs to be loaded at a given address; otherwise, it won't be able to execute correctly.)"

http://www.websense.com/securitylabs/blog/blog.php?BlogID=112
Click to expand...

I agree with everything that i understood

Log in or Sign up

other AV test results from av-comparatives

Macstorm Registered Member

MalwareDie Registered Member

Primrose Registered Member

MalwareDie Registered Member

Log in or Sign up

other AV test results from av-comparatives

Macstorm Registered Member

MalwareDie Registered Member

Primrose Registered Member

MalwareDie Registered Member

Useful Searches