Testing methodologies concerning scan engines

Discussion in 'other anti-virus software' started by SystemJunkie, Jan 4, 2007.

Thread Status:
Not open for further replies.
  1. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    not always, it was a time nod was best, but I made several tests and the most effective scan engine is in my opinion actually Bit Defender then comes nod.
    And the rest is far away from both, except dr.web if it wouldn´t have so much false positives.
    [We are talking about stand alone scan engines, otherwise GData would stay at the top of position.]

    Oh I forgot one newcomer: AntiVir reached top 5 in my last test. Really enhanced, except the guard, that has problems with false positives and syscrashes.

    In above poll Nod is best, thats logical, kaspersky is far away from nod, pro´s don´t talk about symantec, they only have money but lacks of scan power.
     
  2. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Re: NOD32 2.7 Vs Symantec AV Corp 10 Vs Kaspersky 6

    Would be interesting to know your testing methodologies.
     
  3. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    Re: NOD32 2.7 Vs Symantec AV Corp 10 Vs Kaspersky 6

    Usual unpacked malware, crypted, packed, crypted and packed malware, special stealthed to test scan power.

    Nods advanced heuristic is easier to circumvent then kaspersky, bit defender actually one of the strongest, maybe the strongest and deepest heuristic available, but we should not forget Antivir which made big steps.
     
  4. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Re: NOD32 2.7 Vs Symantec AV Corp 10 Vs Kaspersky 6

    Are you saying that the unpacking engine of NOD 32 is actually weak?
    What about VBA32, Norman Sandbox, F-Prot 6?
     
  5. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Re: NOD32 2.7 Vs Symantec AV Corp 10 Vs Kaspersky 6

    :eek:

    Gimme a proof, this is simply nonsense.
     
    Last edited: Jan 5, 2007
  6. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    Re: NOD32 2.7 Vs Symantec AV Corp 10 Vs Kaspersky 6

    I guess they are more weak, but did not test them all, F-Prot is not that good, VBA don´t know, Norman was alltime weak scanner, but don´t know actual capabilities.

    No, nonsense, you just have to know the method,
    I would not say that if it weren´t so, maybe it is not always the case but in my testfield it is so.

    If I would show the proof you would directly adapt your tool, the only one who would take profit were eset so why should I do that?

    If no one would make money with it I would tell you everything I know.
    But the problem of capitalism is that we have some winner and some loser.

    That is far away from fairness thus far away from what our originator wanted.
     
    Last edited: Jan 5, 2007
  7. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    You are gotta be kidding me? Right?


    tD
     
  8. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Hello,
    Junkie, I think you have made some pretty bold statements. Care to put them to a reality test?
    Mrk
     
  9. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    Just the statements alone, have no validity. Anyone who comes here knows the real answers and stengths of these vendors. Bit while good, is still not as good as several mentioned. That may hold true in your thoughts, or forum. (BitD):rolleyes:
     
  10. Wolfe

    Wolfe Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    160
    Ahhh...the laughing stock of all places - explains it all. An amateur, guilty of spamming fairly all boards on the web, even kicking IBK from www.av-comparatives.org out...

    As sad for SOFTWIN/BitDefender getting that much amateurish and bad publicity. They do deserve better...
     
  11. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    erm...

    if your talking of unpacking, drweb is the best at this, even better than the top-detection rate companys.

    we just have to work just a bit on detection, and a bit on false positives and no doubt it could be a A+ av.
     
  12. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    Re: NOD32 2.7 Vs Symantec AV Corp 10 Vs Kaspersky 6

    Some people just think stupid things,others actually put them down for others to read!
     
  13. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    In my tests dr.web was always into the top 5 of best avs, but they still have some lacks as I mentioned and you stated. I could tell you atleast 3 packers dr web don´t know, but bit defender / kav knows, so be careful what you tell.

    In terms of finding bodyless viruses dr.web might be the best actually.
     
  14. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Hello,
    Please elaborate.
    What is your testing regime? What do you do? How do you test? What is the test machine? What is the malware sample group? And so forth.
    Mrk
     
  15. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    ha, all avs aint perfect and i could easily find more than 3 that dr.web and others find that kaspersky or bitdefender do not, also i know bitdefender isnt kown for FP's, in my own testing.. id dissagree with that that, although i do agree its still a great av. :cautious:

    and this is concerning engines, not detection.... dr.webs detection might not be as good as your kasperskys etc, but the engine for unpackers is certain up there, and in my opinion top dog for it.
     
    Last edited: Jan 5, 2007
  16. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina

    Yep, that is the 60 million dollar question.:rolleyes:
     
  17. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    well i have some bitdefender and kaspersky misses with packed malware, but dont know where to send them too,

    bitdefender especially missed reminants of mydoom which is not good, as did clam, etrust and microsoft, but i cant be bothered sending to all, but bitdefender i will as its a decent company, any link?

    also there are more with bitdefender, im a bit suprised as my own testing doesnt really match with bitdefenders high standard, heres just one e.g i know i aint allowed to post the results, but can i link it just to give one example?

    http://www.virustotal.com/vt/en/resultadof?be6354fd415c431c81d9de7ef75707e3

    i'll send a couple to bitdefender if someone knows a link, as i do like them.
     
    Last edited: Jan 5, 2007
  18. Londonbeat

    Londonbeat Registered Member

    Joined:
    Sep 21, 2006
    Posts:
    350
    Post #7 HERE
    virus_submission[AT]bitdefender.com
    newvirus[AT]kaspersky.com

    Londonbeat
     
  19. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    ta very much

    sent them,

    i had problems with dr.web blocking the outgoing mail, but unticking scan archives in email sorted the problem.
    See here
     
    Last edited: Jan 5, 2007
  20. Inspector Clouseau

    Inspector Clouseau AV Expert

    Joined:
    Apr 2, 2006
    Posts:
    1,329
    Location:
    Maidenhead, UK
    LOL! That makes you the perfect Antivirus Troll! Can u explain to me in technical detail how a Guard (The Filesystem Monitor itself) can have/produce false postives?
     
  21. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    I think he means that in the normal process of spider guard cheking files opened, that it detected what it thought to be malware that turned out to be a FP. Could be wrong though.:rolleyes:
     
  22. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    When are you going to update your blog? :D ;)
     
  23. Durad

    Durad Registered Member

    Joined:
    Aug 13, 2005
    Posts:
    591
    Location:
    Canada
    Show it to Marcos and if this is true we will donate you a licence of any antivirus software you want :)
     
  24. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    EVEN BIT DEFENDERo_O:D :D :D
    I think you are safe.

    Jerry
     
  25. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    Send all undetected samples to support@bitdefender.com with some detailed info. :)

    I suppose this statement was made based simply on packing, crypting, repacking and all that stuff?
     
Loading...
Thread Status:
Not open for further replies.