Personal (No Professional) Antivirus Test

Discussion in 'other anti-virus software' started by RaLX, Feb 28, 2003.

Thread Status:
Not open for further replies.
  1. RaLX

    RaLX Registered Member

    Joined:
    Jan 22, 2003
    Posts:
    50
    Please don't flame me, only want to share with you my personal antivirus test, if it doesn't allowed or something like that then delete the post:

    28/02/03

    Total 200 Archives in 55 Folders

    NAV 2003    Scanned 210, 202 Infected = 202 Total
    PC-CIllin2003 Scanned 200, 200 Infected = 200 Total
    Kaspersky 4 Scanned 205, 200 Infected = 200 Total
    Drweb 4.29 Scanned 201, 196 Infected + 3 Suspicious + 1 Infected Modified = 200 Total
    RAV 8 Scanned 224, 197 Infected + 1 Suspicious = 198 Total
    NOD32 1.368 Scanned 200, 192 Infected = 192 Total
    AVAST4 Scanned 202, 175 Infected = 175 Total
    AVG 6    Scanned 203, 131 Infected = 131 Total

    All products updated today, the virus is a mix of trojans, vbs, worms and win32 virus, all relatively recent not sure if ITW.
     
  2. JimIT

    JimIT Registered Member

    Joined:
    Jan 22, 2003
    Posts:
    1,035
    Location:
    Denton, Texas
    Interesting!

    A little confusing, though. How many actual pieces of malware were there? NAV, I take it, had 2 fp's?

    Can you break down the test a little more? :D
     
  3. I'm not going to flame you... :D, but if you don't mind me asking, what's your point?

    Without being a little more specific as to what the malware was, sure, NAV would find older outdated virii that NOD32 wouldn't. However, both passed the latest VB100. I presently use both.

    Some of the AV's have weaknesses with trojans. Some have Script blocking built in (NAV). Most of the Wilders faithful is well versed with the advantages and disadvantages of each program...

    Without more specifics, I'm afraid the test wouldn't hold water...

    I did not flame you, right? ;)
     
  4. RaLX

    RaLX Registered Member

    Joined:
    Jan 22, 2003
    Posts:
    50
    My point is only think what would happened if I receive any of that viruses using that AV's, no matter if it were backdoors, trojans or whatever, were 200 virus files that I found and scanned it with that AV's, no so much details because is the user view, no professional view.

    Here is the tree file tested, many of this is received by mail or P2P file share:

    02938056.INI
    0E207E63.BAT
    1.exe
    26FDED1A.EXE
    277A9239.BAT
    2E439491.EXE
    6ee1c90a.exe
    960ECC95.EXE
    alco.pif
    Anthrax.exe
    BAIT.EXE
    baivietmoi.gif.exe
    binladen.exe
    Bored.vbs
    Britney.chm
    caifanes.chm
    CALC.EXE
    CHTHON.EXE
    cmpld1.EXE
    cmpld2.EXE
    CodeGreen.exe
    codered.exe
    Codered2.exe
    Crystal.a1.vbs
    docworm.exe
    Empire.248.EXE
    energy.exe
    Eraser.vbs
    Eternity.A.8704.exe
    F0SF0R0.EXE
    F302E1F6.EXE
    F98F8A3E.BAT
    FlashPla.exe
    Friends.exe
    ******.scr
    fuckosama.vbs
    GEMINI.EXE
    gone.scr
    HD_Fixing.exe
    HTML.Stertor.html
    ID.exe
    invalid.EXE
    I-Worm.Avalon.vbs
    I-Worm.Choke.exe
    I-Worm.Croatia.vbs
    I-Worm.Embrion.exe
    I-Worm.Enviar_(11).EXE
    I-Worm.Fiume.doc
    I-Worm.Hybris.c.exe
    I-Worm.Noon.vbs
    I-Worm.Repah.a.EXE
    I-Worm.rous.a.EXE
    I-Worm.WinXP.vbs
    jimmy.EXE
    JOSS.EXE
    Kallisti.doc
    KANBAN.EXE
    ketamine.EXE
    LaraCroft.theme
    lastword.exe
    Like_A_Virgin.MP3.vbs
    LUCIFERX.EXE
    madafaka.vbs
    MadTraxD3D.exe
    Mbop!.vbs
    Mbop!-Vbs.vbs
    MLINK32.EXE
    movie.avi.pif
    movie.exe
    nach.EXE
    neo.exe
    NEOKILLER.vbs
    next.EXE
    NortonAntivirus2002FullDonwloader+SerialKey.exe
    NOTEPAD.EXE
    OperacionTriunfo.scr
    optiz.js
    orange.exe
    OU812.EXE
    Parrot.scr
    PawPaw.bat
    Penfold.2133.bat
    pet_tick.vbs
    Pexpress.exe
    Platnico.txt.shs
    PLEXAR.EXE
    PORN_Madonna.JPEG.vbs
    PussyTweak.exe
    QTM.COM
    Raptor V.vbs
    readme.eml
    Revelation_2.1.exe
    sargo.vbs
    SEGAX.EXE
    setup32.exe
    SEX_za_neupucene.htm
    sexyPHAGE.GIF.pif
    Shakira.chm
    Sharp.exe
    singlung.exe
    SOLITON.BAT
    Stress.vbs
    SuperNova.exe
    Sys.602.bat
    Taichi.exe
    taker.exe
    trood.exe
    Troodon.exe
    VBS.Trojan.Zirkov.vbs
    VBS.VbsDoc.vbs
    VICTIM.EXE
    VS008642.COM
    VS035415.COM
    VS035448.EXE
    VS038237.PIF
    w32.mimee.eml
    W32.Trilisa.C.scr
    W32.Trilisa.D.scr
    w32linda32.EXE
    wargames.exe
    Welcomb.vbs
    Win32.Alma.2414.EXE
    Win32.Alma.5319.EXE
    Win32.iwing.exe
    Win32.Mix.EXE
    Win32.Revaz.exe
    Win95.Caw.1335.EXE
    WinREG.Wow.reg
    WM.Larva.doc
    WM.Mikrob.doc
    WM.Spiroheta.doc
    wordpass.vbs
    worm.exe
    worms.exe
    WTC.exe
    WV32.EXE
    www.symantec.com.vbs
    XFW.exe
    XTC.EXE
    Yap.exe
    yell0w.exe
    ZekeZip.bat
    zerg.exe
    ziplung.exe
    Abraxas.1171\Abraxas.1171.com
    Abraxas.1200.a\Abraxas.1200.a.com
    Abraxas.1214\Abraxas.1214.com
    Abraxas.Cleton.1508\Abraxas.Cleton.1508.com
    Abraxas.Cleton.1518\Abraxas.Cleton.1518.com
    Anna\Anna.com
    Bat.Jumper.Trojan\FunnFaCTOR.bat
    deadday\deadday.exe
    dome\dome.vbs
    Eternity.B.7168\Eternity.B.7168.exe
    Eternity.B.7168\infected_file.exe
    Ginger.2247\Ginger.2247.com
    Ginger.2691\Ginger.2691.com
    I-Worm.America\America.COM
    I-Worm.BadtransII\Me_nude.MP3.scr
    I-Worm.Energy.f\SygatePatch.exe
    I-Worm.Fireburn\I-691D~1.VBS
    I-Worm.Gokar.A\I-WORM~1.EXE
    I-Worm.Kazus\I-Worm.Kazus.exe
    I-Worm.Magistrar.b\I-Worm.Magistrar.b.exe
    I-Worm.MyLife.e\mylife_e.exe
    INF.DelBios\Delreg.inf
    infis\30CB0B5D.EXE
    jasemin\Jasemin.EXE
    jethro\bait.EXE
    JPGvirus\proof.exe
    JS.Prawn.A@mm\DAWN.JS
    JS.Trojan.Seeker-based\dlcounter[1].js
    Kristen\Kristen.vbs
    lena\lena.EXE
    Trojan.BAT.Tuber\Help4u.bat
    TrojanDropper.Win32.BigJack\patcher.exe
    Uncensored\Uncensored.jpg.exe
    VBS.LaMEr0nE\VBS.LaMEr0nE.vbs
    VBS.RTFinfo\1nfo.vbs
    VBS.Solved\vbs.solved.vbs
    VBS.Timofonica\I-A93F~1.VBS
    Win2k.Dob\dob.EXE
    Win32.bubica.A\IEpatch.exe
    Win32.BugBear@mm\I-Worm.Tanatos.exe
    Win32.Cichosz\cichosz.EXE
    Win32.Gnuman.Worm\GNUTEL~1.EXE
    Win32.Hotriga\h0rtserver.exe
    Win32.Hotriga.dr\h0rtclient.exe
    Win32.IKX\Win32.IKX.exe
    Win32.Pet_Tick.M\Kevlar.exe
    Win32.Zaushka@mm\Win32.HLLP.Zaushka.Worm.exe
    Win95.Boza.c\Win95.Boza.c.(intended).exe
    Win95.Cerebrus\CEREBRUS.EXE
    Win95.Evil\Win95.Evil.962.exe
    Win95.Lud.Hill\Win95.Lud.Hill.401.exe
    Win95.MarkJ\Win95.MarkJ.826.exe
    Win95.Mmorf\2m.EXE
    Worm.Super.393\Worm.Super.393.com
    X14\LAB.EXE
    Zippy\Zippy.exe
     
  5. sig

    sig Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    716
    Also, as previously discussed here, some AV's are better at archive scanning than others. Just because a virus isn't detected in an archive does not necessarily mean that it wouldn't be detected when unzipped.
     
  6. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,475
    Location:
    The Netherlands
    RaLX,

    In essence, an antivirus has been designed to do just that: coping with viruses. Apart from KAV/AVP and to some extend Dr.Web, there's no way to rely on an antivirus to be on the safe side for other malware as well - and IMHO one could not expect such an overall protection from any specific antivirus either.

    As for KAV/AVP and Dr.Web: I've stated this before, and will repeat it once more: personally, I'm all for a layered defense: a separate top notch ITW antivirus in conjunction with a top notch antitrojan. This way, whenever one app has been put out of business for one reason or another, at least the system isn't totally vulnerable for all malware on the spot.

    regards.

    paul
     
  7. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    I think what RaLX posted has some value for some people.No claim was made that any one product excelled. It was just information about how things worked on his/her computer.
    The results shown were along the lines of what I would expect to see. Nothing professional here and no claim to such. Just another piece of information to add to the picture.
    Having noted it was a mixed bag of bad guys and knowing that all AVs do not go after all known trojans, it really indicates to me, that what we generally discuss here about the various AVs is backed up by this.
    I think it does, to a point, show the need for anti trojan software also.
    So I say thanks for the effort. You did not try to prove anything to anybody, just did some tests and shared the results for people to use or discard as they see fit.
    It is important to note though, if anyone new to security sees the results of the programs tested here, they should not get the impression that one program will protect them adequately all around. :)
     
  8. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    To RaLX from Firefighter!

    Is it possible to send us a list of missed files per program?


    Best Regards,
    Firefighter!
     
  9. JimIT

    JimIT Registered Member

    Joined:
    Jan 22, 2003
    Posts:
    1,035
    Location:
    Denton, Texas
    I second that! I think it's cool to see how the different av's work on a "typical" users machine. It always makes me wonder how an av would fare against malware if it was installed on my box--and it's difficult to get an idea based on all the "lab tests".

    Thanks for doing some of the "legwork", Ralx--even if it was only for grins! :D
     
  10. RaLX

    RaLX Registered Member

    Joined:
    Jan 22, 2003
    Posts:
    50
    To Firefighter from RaLX

    Sorry I didn't take a note of each file missed because my intention was merely numerical results.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.