New VIRUS.GR virus report! Best on the net!

[Tokar]

http://www.virus.gr/english/fullxml/default.asp?id=69&mnu=69

2-16 April 2005 (NEW!!!)

-The test was made on 02-16 April 2005, using Windows XP Professional SP1 on a P4 2600 Mhz, 512MB DDRAM.

-All programs tested had the latest versions, upgrades and updates and they were tested using their full scanning capabilities e.g. heuristics, full scan etc.

-The 91202 virus samples were chosen using VS2000 according to Kaspersky, F-Prot, RAV, Nod32, Dr.Web, Sweep, BitDefender and McAfee antivirus programs. Each virus sample was unique by virus name, meaning that AT LEAST 1 antivirus program detected it as a new virus.

-ALL virus samples were unpacked and the only samples that were kept were the ones that were packed using external-dos-packers (that means not winzip, winrar, winace etc).

-The virus samples had the correct file extension using a special program (Renexts) and were unique, according to checksum32 filesize.

-Most "fake" virus samples were removed, as well as "garbage" files.

-The program PER was not tested because there was no english demo version available.

-The programs Extendia AVK , BOClean , VET , Titan , RisingAV and Freedom were not tested because there was no demo version available.

-The program InVircible did not include a "typical" scanner-function and could not be tested.

-The program V-Catch checks only mail accounts and could not be tested.

-The following file types were used.

BAT, ΒΙΝ, CLA, CLASS, CLS, COM, CSC, DAT, DOC, ELF, EML, EXE, HLP, HQX, HTA, HTM, IMG, INF, INI, JS, MAC, MDB, MSG, OLE, PHP, PIF, PL, PPT, PRC, REG, SCR, SH, SHS, SMM, STI, TD0, TPU, VBA, VBS, WBT, XLS, XMI, XML.

The virus samples were divided into these categories, according to the type of the virus :

File = BeOS, FreeBSD, Linux, Palm, OS2, Unix, BinaryImage, BAS viruses, MenuetOS viruses.

MS-DOS = MS-DOS and HLL*. viruses.

Windows = Win.*.* viruses.

Macro = Macro and Formula viruses.

Malware = Adware, DoS, Constructors, Exploit, Flooders, Hoax, Jokes, Nukers, Sniffers, Spoofers, Virus Construction Tools, Virus Tools, Corrupted, Droppers, Intended, PolyEngines.

Script = BAT, Corel, HTML, Java, Scripts, VBS, WBS, Worms, PHP, Perl viruses.

Trojans-Backdoors = Trojan and Backdoor viruses.

Rank

1. Kaspersky Personal Pro version 5.0.20 - 99.28%

2. AVK version 15.0.5 - 97.93%

3. F-Secure 2005 version 5.10.450 - 97.55%

4. eScan Virus Control version 2.6.518.8 - 96.75%

5. Norton Corporate version 9.0.3.1000 - 91.64%

6. Norton Professional version 2005 - 91.57%

7. McAfee version 9.0.10 - 89.75%

8. Virus Chaser version 5.0 - 88.31%

9. BitDefender version 8.0.137 - 88.13%

10. CyberScrub version 1.0 - 87.87%

11. Panda Platinum 2005 version 9.01.02 - 87.75%

12. Arcavir - 87.73%

13. MKS_VIR 2005 - 87.70%

14. RAV version 8.6.105 - 87.26%

15. F-Prot version 3.16b - 87.07%

16. Panda Titanium version 4.01.02 - 86.27%

17. PC-Cillin 2005 version 12.1.1034 - 85.98%

18. Nod32 version 2.12.4 - 85.66%

19. Command version 4.92.7 - 84.92%

20. AntiVir version 6.30.00.17 - 84.50%

21. Avast version 4.6.623 - 76.65%

22. Dr. Web version 4.32b - 78.71%

23. Sophos Sweep version 3.91 - 73.79%

24. UNA version 1.83 - 73.49%

25. BullGuard version 4.5 - 70.24%

26. Norman version 5.80.05 - 65.32%

27. Ikarus version 5.16 - 60.97%

28. AVG version 7.0.308 - 54.07%

29. E-Trust version 7.0.5.3 - 52.35%

30. ZoneAlarm with VET Antivirus version 5.5.062.011 - 52.32%

31. Vexira 2005 version 5.0.56 - 51.74%

32. VirusBuster 2005 version 5.0.147 - 51.51%

33. Solo 3.0 version 2.7.1 - 49.16%

34. Fire version 2.7 - 48.86%

35. ClamWin version 0.83 - 48.44%

36. Digital Patrol version 5.00.08 - 48.10%

37. V-Buster Pro - 46.33%

38. Protector Plus version 7.2.G01 - 45.81%

39. V3Pro 2004 - 38.87%

40. Ewido version 3.0 - 38.67%

41. ViRobot Expert version 4.0 - 38.10%

42. Quick Heal version 7.03 - 37.75%

43. VirScan Plus version 14.703 - 36.20%

44. MR2S version 2.0.104 - 35.05%

45. RHBVS version 4.60.821 - 32.96%

46. A Squared 2 version 1.6 - 25.37%

47. VirIT version 5.2.10 - 22.83%

48. TDS version 3.2.0 - 21.09%

49. Wave version 2.0 - 16.49%

50. AntiTrojan Shield version 1.4.0.15 - 11.91%

51. PC Door Guard version 3.0.0.15- 11.91%

52. Trojan Hunter version 4.2.908 - 10.19%

53. Tauscan version 1.70.1414 - 6.99%

54. Trojan Remover version 6.3.6 - 6.67%

55. The Cleaner version 4.1.42.52 - 6.28%

56. IP Armor version 5.46.0703 - 2.77%

57. Hacker Eliminator version 1.2 - 2.67%

58. Anti-Hacker & Trojan Expert 2003 version 1.6 - 0%

DETAIL TEST RESULTS (.rar compressed file)

[DedPixel]

Not that I use it, but I would think nod32 would have done better than that. I've always liked Kaspersky however. Good to know it does so well. :cool:

F-prot did better than I thought it would. It's a fast little AV.

[kombolcha]

kaspersky :happy:

[Johnston]

what about kaspersky personal?? :crazy:

[Rix]

what about kaspersky personal??  :crazy:

585821049[/snapback]

1. Kaspersky Personal Pro version 5.0.20 - 99.28%

[HoochieMamma]

Bah TM that far down, its better then Norton thats for sure.

[Johnston]

1. Kaspersky Personal Pro version 5.0.20 - 99.28%

585821057[/snapback]

thats the pro edition of it tho, i mean just the personal edition.

there's bount to be a differenece in how much it picks up surely?

[Gowcra]

Interesting............

[em3]

Maybe NOD32 will do better when v2.5 is finished. :/

[bl4nk]

Oh damn, I might uninstall BitDefender and install Shaw Secure(rebranded F-Secure) since my ISP gives away free licences to customers. :)

[McLaren_F1]

doesnt change my mind. still using NOD32 Beta;)

[Bobster]

I'm still using Norton, I think it's great :)

[lnmnky]

Oh dear, poor Avast.

What's the best free one on that list?

[Favorable7404]

This doesn't make sense any more to me either in Windows or Linux.

[L3thal Veteran]

Very interesting results, to say the least. I believed NOD32 was the best, even though I don't use it, but I guess I was mistaken.

[giga Veteran]

For some reason, I don't really trust that site. Virus bulletin is what I've always checked.

http://www.virusbtn.com/vb100/archives/products.xml?eset.xml

[[bear]]

Mine did pretty good. - Norton Corporate version 9.0.3.1000 - 91.64%

(better known as symantec antivirus) Hopefully that new version 10 will make it even better.

[User6060]

i can't understand how NOD32 did so poorly. aren't they supposed to boast 100% detection rates? 2.5 is coming out though so they better get themselves in gear to put them on top.

[acedriver]

they said there are few problems with the test and calculations.

http://www.wilderssecurity.com/showthread.php?t=77033

[Cyber Dog]

I just personally decided to try NOD32 this past week since so many people say they like it. It's nice, but it does *not* have the best detection rate ever. I tested it against a collection of virii and it missed many small-time viruses that competitors found.

[Hekx]

http://www.wilderssecurity.com/showthread.php?t=77033

I wouldn't take much notice of these tests.

How comes at least two of the products that utilise the same engine are so wildly different in detection rate?

I have no doubt KAV is very likely to be one of the best AV products, but that is probably the only truth I can see in those tests. I'm not even going to ask why anti-trojan products are considered anti viral. :p

[akaladis Veteran]

ah :) greek site :yes:

[theyarecomingforyou]

I just personally decided to try NOD32 this past week since so many people say they like it.  It's nice, but it does *not* have the best detection rate ever.  I tested it against a collection of virii and it missed many small-time viruses that competitors found.

585822593[/snapback]

Were they actual viruses, or test viruses? NOD32 does not detect fake viruses and WILL NOT detect them at all (this is by design) - that is why some reviews give it a bad score.

I would imagine the score for NOD32 is not great because of fake viruses (it only say "most" were removed) and/or not detecting adware.

[Cyber Dog]

Were they actual viruses, or test viruses? NOD32 does not detect fake viruses and WILL NOT detect them at all (this is by design) - that is why some reviews give it a bad score.

I would imagine the score for NOD32 is not great because of fake viruses (it only say "most" were removed) and/or not detecting adware.

585822659[/snapback]

They were actual viruses I collected "in the wild" so to speak. The heuristics engine detected a great number of them which is a plus, but when you put the complete misses together with the number of heuristics hits, it seemed clear that the actual detection database itself was rather lacking.

[Hekx]

I think the reason that the detection database is less as if an AV supplier were to add every virus to its database, the intensity of the resource demands of the product would be extremelly high. It is usually up to those behind the product to choose the severity of the threats. With NOD32, I see the heuristics as the first line defence with rules aiding as a backup.

One interesting thing brought up in the Wilder's thread was if all of the AVs were licensed or trialed. I know with NOD, a lot of the default settings are insufficient. I am not even sure heuristics are enabled off-the-shelf. A lot of other products do have limited availability in trial/shareware items, for example: ewido paid can scan inside of archives while the free solution cannot.

I am not greatly surprised with the results, a lot of the test samples were malware/trojans, while IMO, it does usually take seperate products to provide greater protection in specialised areas (AVs for virus, ATs for trojans, etc). I would however, be interested in seeing the test categorised more so with anti-trojans being used solely on virus, solely on malware or a similar structured approach.