How good is your antivirus?

[dreamthief]

Since most would like to argue bout what is the best antivirus. I decided to open this thread solely for testing your preferred antivirus. This is a compilation of a group of hackers.

*************WARNING*************

THIS IS NOT FOR THE SCAREDY CATS. THERE ARE ALL VALID VIRUSES. DO NOT OPEN THEM OR EXTRACT THEM TO ANY LOCATION. SAFEST METHOD TO TEST YOUR ANTIVIRUS IS TO SCAN THE COMPRESSED FILE. I WILL NOT TAKE ANY RESPONSIBILITIES FOR YOUR ACTION.

Here's a link to download an archive file containing the viruses. READ THE WARNING BELOW BEFORE CLICKING HERE

TEST THIS AT YOUR OWN RISK

If you dare to take this challenge, do post the screenshots of the antivirus in action and please do not use any Photoshoping skills to manipulate the results.

Try to post at least the following information for others to evaluate

1) Program/scan engine version (Exm NAV 2004, AVG 6 Paid Version, SAV 9.0.0.338 and etc)

2) Any settings you changed

3) Screenshots (Optional as proof)

EDIT: Contrary to the filename which tells you 455 viruses, no it is not. Actual total is 593. If your antivirus detected them all, well done.

Edited June 28, 2004 by dreamthief

[twiglet]

Sophos AV

587 detected

[Kobra]

Interestingly enough.. Pest Patrol (one of my favorite programs).. Which is basically a Anti-Spyware/Keylogger/Dialer/Trojan program, detected 591 out of them.. Better than MOST AV products. Not bad for a anti spyware application eh? Thats why I love it!

AVK + Pest Patrol = Elite

[bilemke]

Thank you for starting the thread dreamthief. This has been very usefull. I have to find out what the 8 files my av missed are. BTW, Avast latest version. I actually switched from Norton AV 2003 (even tried 2004 briefly) because of the speed at which Avast updates.

Further Note (After reading every page of this thread): As some of these av programs find more viri then there are files, would it be advisable to test using "Delete Infected Files" (or whatever your av may have equivalent) and instead of looking at the number of viruses found, also be sure it deletes everyone of the supposedly infected files? :unsure:

Edited June 28, 2004 by bilemke

[Kobra]

and Avast is considered one of the slow ones in terms of definitions. :( At least compared to AVK which can update 10+ times a day.

I sent the Avast folks over 100 viruses it didn't detect 2 weeks ago, and none have been added yet. I sent them Axon.B about two weeks ago too, which they didn't bother to add to their database, and 2 of their customers got hit with it - as posted on the forums. Avast guys are great, but I think they just don't have the resources to keep up in the Antivirus business. Avast has some serious deficiencies on detection, and only 25K or so viruses in its database and NO heuristics, it misses a good bit of things out there. They seem to be down to about 2-3 updates a week, with only a few viruses with each update, definately not good!

Oh well.. I'd imagine AV business is a tough business, and requires a large analysis staff, and money to keep em going. I wouldn't expect a mostly free product to be able to keep up. :rolleyes:

[Ryanjmchale]

Are you the Kobra who reviewed AVK on wilder?

Extendia AVK is a double engine of Kav/Rav

Gdata is the euro version which is a double engine of Kav/Bitdefender

Rav definitions may end soon due to the fact that the company is gone as MS bought them out and both of then as far as i know only use Kav 4.5 engine, Wheras kav itself is obviously version 5 now :)

Edited June 28, 2004 by ^v

[Chrysalis]

using mcaffee v7 pro it did scan inside the archive but just listed it as 1 infected file.

virus defenitions 4.0.4369

scan engine 4.3.20

[Kobra]

Are you the Kobra who reviewed AVK on wilder?

Extendia AVK is a double engine of Kav/Rav

Gdata is the euro version which is a double engine of Kav/Bitdefender

Rav definitions may end soon due to the fact that the company is gone as MS bought them out and both of then as far as i know only use Kav 4.5 engine, Wheras kav itself is obviously version 5 :)w :)

I've got confirmation RAV definitions will continue for another 3+ years because of contractual obligations, and RAV support tells me that Microsoft is committed to keeping the RAV definition files up to the very latest. I've also chatted with Gdata, who says eXtendia AVK will continue with the KAV-RAV setup because it was what most customers preferred in a poll they took - but when the time comes to switch, they will move to the KAV+BitDefender setup at no extra charge to existing customers.

So good news all around for AVK.. Plus, its only $29, and $24 for each year renewal (as opposed to $50 for KAV5 - which has WAY less options/features). Updates come direct from KAV and RAV for it, so you don't suffer update lag or delays, and limited tech support for AVK can be aquired from Kaspersky - i've used them myself for AVK support questions pertaining to the KAV engine side of AVK.

Another nice thing, AVK doesn't suffer from some of the same lack of features KAV5 does. KAV products don't append AV notices to scanned emails - AVK does, it looks like this:

____________

Virus checked by eXtendia AntiVirus AVK

Version: AVK 14.0.1267 from 28.06.2004

Also, AVK offers way more options that KAV, deep exlusions, very extensive customization of how/why it scans, what it scans, where it scans, and exactly with what depth and detail it operates.

Regards

[Stian Farstad]

McAfee VirusScan 7.03 with 4370 definitions (dated: 25.06.2004)

589 detected

Also tested with McAfee VirusScan 2004 (version 8.0 build 41)

Same results

Sorry, no screenshots.

[mtrftw]

if someone could do this with the zone alarm av i would really appreciate it.

[Hypoxiaicon]

Norton Detected as soon as it was fully loaded. I then had to click loads of time untill i click dont alert me about this file. Then i have to Quaritine.

Then norton tell me some details around 267 where detected & delected i click finish and it kindly tell sme my computer is still infected.

And i paid ?45 for... what...:||

[Pink Floyd Veteran]

symantec corporate 9.0 found 589

same as you

[kombolcha]

NAV 2004

[Pink Floyd Veteran]

For Symantec AV Corp., does setting Bloodhound Heuristics detection

to Maximum level make difference?

not at all

I also disabled it and found the same number

[JustGeorge]

Wonder if the Microsoft AV product will use a double scan engine setup?

[Kobra]

Holy mother of god, Norton is only detecting 494 out of those 600ish?

As for Microsoft, they've already aquired RAV, but rumor has it, Microsoft is looking to get another company and combine assets for indeed, a double engine configuration. After being a AVK user for several months, I can attest personally to the double engine system being incredible. I have stuff pass either single engine all the time, that the other engine picks up.

Makes sense Microsoft might be looking at this type of system. Having a second layer of heuristics - especially different types of heuristics, is a pretty wise idea imho.

[JustGeorge]

How good is the bitdefender AV engine? Can it compare to the RAV engine?

[Stingray]

Not bad...

[Nautica]

Anyone test this with AVG 6.0?

I would love to know

[xplatinum]

Indeed I'm very surprised with the results.

I just switched from SAV9 to NOD32.

[imtoomuch]

Symantec AntiVirus Corporate Edition: 588 viruses found

[xplatinum]

Symantec AntiVirus Corporate Edition: 588 viruses found

That's weird because I scanned using the same thing and it didn't even find half of them.

With latest definitions and Heuristic to the max.

[Zirus]

My McAfee 7.1 Enterprise found 588 files... not bad at all.

[xplatinum]

I must have messed up somewhere... lol

[Zirus]

I wonder if there is a way to submit the viruses that our scanners don't reconize to McAfee and Symantec....

[blueshirt]

That's weird because I scanned using the same thing and it didn't even find half of them.

With latest definitions and Heuristic to the max.

Did you downloaded the virus definition from their site or through LiveUpdate? Their site has the latest definitions. LiveUpdate takes about every other day to update.