dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
10949
share rss forum feed


Keizer
I'M Your Huckleberry
Premium,MVM
join:2003-01-20
reply to StraitShoot

Re: Kobra's Antivirus SHOWDOWN results.

said by StraitShoot:

How good can the firewall be? or the pop up blocker?

Heres a quote from one member from the Wilders forum on the firewall.

"I purchased AVK pro extendia Security Suite. and I bought this at 29$ from BoomerangSoftware. The suite implements a firewall (totally outdated, with no configuration and simple on or off tabs of the programs outbounding)",
Expand your moderator at work


Keizer
I'M Your Huckleberry
Premium,MVM
join:2003-01-20
reply to gt7697c

Re: Kobra's Antivirus SHOWDOWN results.

said by gt7697c:
I am confused.

2. Didn't M$ buy RAV, and EXtendia AVK uses the RAV engine, so who is going to be further developing this engine? If I should purchase this software package are there going to be any updates, will it have the same quality or lack thereof.


Exactly what I was wondering as well. Even at their website, they ask the question is this Microsofts future anti virus technology? (See screeny)

Its like the scan engine, or in this case one of them, is in limbo.

Keizer


Martinus
Premium
join:2001-08-06
EU

2 edits
reply to Kobra007

Kobra007 See Profile, that mem usage shown in your screenshots is very interesting.

Can you expand more on that? For instance:
- Is that with the two engines active in the RTM?
- Is that inmediately after boot or after a while of normal computer use?
- Any exclusions in the RTM?

It is also worth noticing that the service is using much less memory than the UI which normally would be minimized to a tray icon.

--
From the GSV "Ethics Gradient"



Wildcatboy
Invisible
Premium,Mod
join:2000-10-30
Toronto, ON
kudos:3
reply to Kobra007


OK folks, get back to the subject. This thread started as an AV test report and a bunch of you turned it into a useless and off topic discussion of what you bought and how much.
--
You can catch the Devil, but you can't hold him long.



squatpuke
Premium
join:2004-04-15
Flagstaff, AZ
reply to Kobra007

said by Kobra007:
Keeping in mind though, AVK does use the KAV+RAV engine, and you can run either/or in any configuration you want, so for example you could run RAV for on-access to get the speed, and run KAV+RAV Double-Mode for on-demand to get the incredible depth of scans.
This seems almost too good to be true...

Why hasn't this product been more hyped?

and finally, I guess I don't understand how it can use two engines of two different products for less than those actual products themselves...again, seems to good be true...like getting two AV's for the price of 1/2 of one.


dp
Premium,MVM
join:2000-12-08
Greensburg, PA
kudos:7

said by squatpuke:
This seems almost too good to be true...

Why hasn't this product been more hyped?

and finally, I guess I don't understand how it can use two engines of two different products for less than those actual products themselves...again, seems to good be true...like getting two AV's for the price of 1/2 of one.

Good question You even have the option to disable either of the 2 engines and use only one of them if that's your pleasure
--
Write your questions down on the back of a $20 dollar bill and send them to me


Martinus
Premium
join:2001-08-06
EU
reply to squatpuke

said by squatpuke:
...I guess I don't understand how it can use two engines of two different products for less than those actual products themselves...
Buying a licensing scheme of an engine is much cheaper than having a R&D team developing and maintaining it. So, actually the engine final cost is much less for eXtendia than for KAV. And if the licensing scheme is per units sold basis - as most are -, the more they sell, the more they pay and everybody's happy.
--
From the GSV "Ethics Gradient"


FF again

join:2003-06-13
Finland

2 edits
reply to Kobra007

To banana_man from FF again!

> Why hasn't this product been more hyped?

Obviously u have not visited at German language security web sites, almost every German security site had something about AntiVirenKit Pro (same as eXtendia AVK Pro) less than a year ago. There is not so much about F-secure either, both of those have excellent detecting rates.

The world isn't yet pure English only.

Best regards,
FF again!



Randy Bell
Premium
join:2002-02-24
Santa Clara, CA

1 edit

1 recommendation

FF again See Profile, I have often thought it a shame that excellent products like KAV and F-Secure have not penetrated the Western English-speaking markets -- Norton and McAfee still dominate, and probably will do so for some time to come. I guess it takes a lot of $$ investment to penetrate with effective marketing of your product, even if you have a comparable or superior product from a technical standpoint ..

.. Back on track, to Kobra: I think the next step in your testing is to try a much larger testbed than 321 samples. I would also be careful to leave out spyware {adware} -- confine the test to "classic" malware -- trojans, viruses, worms -- since not all AVs detect these expanded threats. One has to be careful because most AVs give a "trojan" name to spyware {adware} even though such samples are not true trojans in a classic sense: we run into that all the time at TrojanHunter Forum, as TH only detects trojans {and trojan-like code} that meets the old classic definition of a trojan. Good Luck with your testing ..
--
"But now abide faith, hope, love, these three; but the greatest of these is love." (1 Cor. 13:13)



Buddel
If it ain't broke, don't fix it.
Premium
join:2004-03-06
EU
kudos:3
reply to Kobra007

I agree with FF again. AVK is very popular over here. However, I dare say that both Norton and McAfee are even more popular with Germans. Why? Well, simply because they have enough €€ to dominate the AV markets in all four corners of the world.

Back to the subject: Kobra, thanks a lot for your hard work.:)



gate1975mlm
Premium
join:2001-09-30
Philadelphia, PA
kudos:8

Will eXtendia AntiVirus AVK work with Outlook Express?



Buddel
If it ain't broke, don't fix it.
Premium
join:2004-03-06
EU
kudos:3

said by gate1975mlm:
Will eXtendia AntiVirus AVK work with Outlook Express?

I used an older version of AVK by GData until a couple of months ago. It did work with OE. Dunno anything about the (new) Xtendia version though.


gate1975mlm
Premium
join:2001-09-30
Philadelphia, PA
kudos:8

Here is a very nice review about it »www.wilderssecurity.com/showthre···?t=33597


hescominsoon

join:2003-02-18
Brunswick, MD

1 edit
reply to Kobra007

*deletd*



utahusker

join:2000-09-05
Saint George, UT
reply to Kobra007

I purchased the $10 version. What engine does it use? I am thinking RAV, at least I hope so since my Astaro firewall includes KAV protection.


hescominsoon

join:2003-02-18
Brunswick, MD
Reviews:
·Comcast

1 edit

hey utahusker,

I run astaro as well..i have over 30 attachments blocked in the pop3 proxy..my virus pass-through has been zero for 3 months..here is the list(may not be feasible for everyone however)
1
ace

2
ade

3
adp

4
bas

5
bat

6
chm

7
cmd

8
com

9
cpl

10
crt

11
exe

12
hlp

13
hta

14
inf

15
ins

16
js

17
jsp

18
jse

19
msc

20
msi

21
pif

22
reg

23
scr

24
vb

25
vbe

26
vbs

27
zip

28
mdb

29
rar

30
bz2

31
gz

32
lha
--
God Bless
»www.emmanuelcomputerconsulting.com


StraitShoot
Who Loves Ya Baby? - Theo Kojak
Premium
join:2003-02-08
Clinton, MA
kudos:1
reply to Kobra007

How come you didn't rry Escan..?

»www.virusbtn.com/vb100/archives/···orld.xml
--
"In Every Revolution, There's One Man ... With a Vision!


Kobra007

join:2004-06-15
Longwood, FL

I tried eScan, and it caused me to reformat. So I tried it again, and had to reformat a second time. That product is an accident waiting to happen! Anyway, I got some updates:

Updated testing results, several additional products tested. Special note to the changes in first place. Notes on the changes:

Discovered and tested MKS-Vir2004, from Poland. Surprisingly, this one with caught every sample perfectly on Medium Heuristics. Specifically, nearly 50 samples were picked up Heuristically giving it a perfect score of 321/321. However, when I increased Heuristics to "Super Deep", it picked up an addition 10 more suspicious files. Upon further investigation, it was found that it was picking up signatures of hacktool utilities left over in some of the archives and flagging those files. Indeed, this is impressive. MKS-Vir2004 exhibits the most advanced detection algorithms i've ever seen, clearly it only had signatures for 271 of my samples, but through code emulation, it was able to pick up all 321 samples!! It clearly labeled the Heuristically found ones as things as "Likely Win32 Trojan" or "Highly Suspicious Acting File". In addition, its scanning speed was incredibly quick, and its memory footprint was quite small. Impressive! Furthermore, this is a full featured and fairly polished product that appears to update at least once per day, and tech support responded to me within 5-15 minutes on my emails. Unfortunately, it appears to not be available in the US for purchase at this time.

Tested other additional products, Antidote, PerAV, Vir.IT, FireAV, and VirusBuster. Results are below.

1a) MKS_Vir 2004 - 321/321 0 Missed - 100%
1b) eXtendia AVK - 321/321 0 Missed - 100%
2a) Kaspersky 5.0 - 320/321 1 Missed - 99.70% (with Extended Database ON)
2b) McAfee VirusScan 8.0 - 319/321 + 2 (2 found as joke programs - heuristically) - 99%
3) F-Secure - 319/321 2 Missed - 99.37%
4) GData AVK - 317/321 4 Missed - 98.75%
5) RAV + Norton (2 way tie) - 315/321 6 Missed - 98.13%
6) Dr.Web - 310/321 11 Missed - 96.57%
7) CommandAV + F-Prot + BitDefender (3 Way Tie) - 309/321 12 Missed - 96.26%
8) ETrust - 301/321 20 Missed - 93.76%
9) Trend - 300/321 21 Missed - 93.45%
10) Avast! Pro - 299/321 22 Missed - 93.14%
11) Panda - 298/321 23 Missed - 92.83%
12) Virus Buster - 290/321 31 Missed - 90.34%
13) KingSoft - 288/321 33 Missed - 89.71%
14) NOD32 - 285/321 36 Missed (results identical with or without advanced heuristics) - 88.78%
15) AVG Pro - 275/321 46 Missed - 85.66%
16) AntiVIR - 268/321 53 Missed - 83.48%
17) Antidote - 252/321 69 Missed - 78.50%
18) ClamWIN - 247/321 74 Missed - 76.94%
19) UNA - 222/321 99 Missed - 69.15%
20) Norman - 215/321 106 Missed - 66.97%
21) Solo - 182/321 139 Missed - 56.69%
22) Fire AV - 179/321 142 Missed - 55.76%
23) V3 Pro - 109/321 212 Missed - 33.95%
24) Per_AV - 75/321 - 246 Missed - 23.36%
25) Proland - 73/321 248 Missed - 22.74%
26) Sophos - 50/321 271 Missed - 15.57%
27) Hauri - 49/321 272 Missed - 15.26%
28) CAT Quickheal - 21/321 300 Missed - 6%
29) Vir_iT - 10/321 311 Missed - 3%
30) Ikarus - Crashed on first virus. - 0%



Keizer
I'M Your Huckleberry
Premium,MVM
join:2003-01-20

said by Kobra007:
I tried eScan, and it caused me to reformat. So I tried it again, and had to reformat a second time. That product is an accident waiting to happen!
Wow, I would think that for someone who runs tests like you do, that you would be running imaging software, instead of formatting.

Keizer

Kobra007

join:2004-06-15
Longwood, FL

Ok, re-imaged is what I meant actually. =) You know what I mean.. Either way, eSCAN caused me more headaches than it was worth, so I excluded out. Keep in mind, I don't ALWAYS test this crap, this is more a on-time thing. I probably won't do it again till I get around 10k samples.

Now if we can get some backing behind that MKS-Vir 2004, the most impressive detections i've seen in a AV yet. =)


alien8

join:2004-03-03
UK
reply to Kobra007

Hi,

What options did you use on ClamWin?

If your virus samples were contained in .eml files (for example) it may be worth forcing on the --mbox option.

It might also be worth, downloading the very latest command line build of ClamAV from here:

»clamav.or.id/

Cheers,

Steve



StraitShoot
Who Loves Ya Baby? - Theo Kojak
Premium
join:2003-02-08
Clinton, MA
kudos:1
reply to Kobra007

I trialed MKS Vir 2004... Pretty strong stuff.. How's ...
1. Tech support?
2. ICSA and other certification?
3. Nothing on Virus Bulletin
4. Not a very well AV...
--
"In Every Revolution, There's One Man ... With a Vision!



FF again

join:2003-06-13
Finland

1 edit

> 3. Nothing on Virus Bulletin

In my understanding after this above, Mks Vir 2004 is very SERIOUS product, no face lift efforts.

Bu seriously, look at my link.

»www.mks.com.pl/english.html

After this what happened, how is the future?

Best regards,
FF again!


Gavin_TH

join:2003-04-03
Australia

4 recommendations

reply to Kobra007

Since none are verified, that makes a much worse test. If you would like me to personally verify some of these samples you can IM me and I'll do my best to do so quickly for you. If you like I will also suggest samples which should not be included for various reasons. For example, why include JOKE programs. They are NOT VIRUSES - how many times do we have to say this when its related to a test and results which many new users might take without knowing the truth about the results.

Obviously making a much bigger test set is the other important thing to address, its not very useful unless you get a bigger test set and verify them ALL carefully.
--
Gavin Coe
DiamondCS Analyst
»www.diamondcs.com.au



Khaine

join:2003-03-03
Australia
reply to Kobra007

Thats a very generous offer Gavin, if I were you Kobra I would accept

A couple of questions for you :

How do you rate ClamAV ?

Have you considered testing rebased samples ?

And testing samples that have been packed multiple times ?



Name Game
Premium
join:2002-07-07
Grand Rapids, MI
kudos:7

3 edits
reply to Martinus

Re: Kobra's Antivirus SHOWDOWN results.-----------------------

said by Martinus:
said by squatpuke:
...I guess I don't understand how it can use two engines of two different products for less than those actual products themselves...
Buying a licensing scheme of an engine is much cheaper than having a R&D team developing and maintaining it. So, actually the engine final cost is much less for eXtendia than for KAV. And if the licensing scheme is per units sold basis - as most are -, the more they sell, the more they pay and everybody's happy.

Yup..and here is another new offering to throw in the pot. CyberScrub's other products are well respected.

CyberScrub AntiVirus

CyberScrub AntiVirus provides state of the art security protection for five years- at one low price. Our award winning technology ensures protection against viruses, worms and trojans backed by top customer support and value.

»www.cyberscrub.com/antivirus/index.php

"Is CyberScrub AntiVirus able to offer me the same level of protection as the products in the yellow or red boxes?

CyberScrub AntiVirus is powered by Kaspersky Lab. This means we utilize what is considered to be among the worlds most effective and secure technology."

»forum.gladiator-antivirus.com/in···ic=15767

--
Gladiator Security Forum »www.gladiator-antivirus.com/
Missing Kids
»www.missingkids.com/


JimIT

join:2003-06-25
Fort Worth, TX

2 recommendations

reply to Gavin_TH

Re: Kobra's Antivirus SHOWDOWN results.

said by Gavin_TH:
Since none are verified, that makes a much worse test. If you would like me to personally verify some of these samples you can IM me and I'll do my best to do so quickly for you. If you like I will also suggest samples which should not be included for various reasons. For example, why include JOKE programs. They are NOT VIRUSES - how many times do we have to say this when its related to a test and results which many new users might take without knowing the truth about the results.

Shh! You'll disturb the drama!


Randy Bell
Premium
join:2002-02-24
Santa Clara, CA
reply to Gavin_TH

said by Gavin_TH:
.. why include JOKE programs. They are NOT VIRUSES ..
Also, ADWARE or SPYWARE programs -- many AVs don't detect these, forex NAV only started detecting these expanded threats in the 2004 version. {Joke programs are also part of Symantec expanded threats}.
--
"But now abide faith, hope, love, these three; but the greatest of these is love." (1 Cor. 13:13)


FF again

join:2003-06-13
Finland
reply to Kobra007

Just scanned Mks Vir 2004 against my 1378 infected archived samples, 1155 detections with standard heuristics. Against 851 VIRUSES, 87.1 %, against 394 trojan like malware, 86.0 % and against 133 Riskware, 56.4 %, total protection 83.8 % compared to BitDefender 7.2 Free, 86.1 % and eXtendia (KAV + RAV), 92.7 %. Still just after eXtendia (KAV + RAV), (KAV) and (RAV) and BDF 7.2 Free. The second best against riskware.

I thought that I scanned with advanced heuristics, but when I had AH on, the result was 6 detections more, 1155 compared 1161, unfortunately not checked where those 6 detections were in my categories.

Best regards,
FF again!