3 edits | Heuristics av-test 10-2003 by checkvir.com! Hi everyone. Here it is!
Checkvir.com 10-2003, Heuristics av-test:
»www.checkvir.com/index.php?CN=3.3.19&CIE=1
----Heuristics scan --- Heuristics scan
----Before Updating -- After Updating
----ITW [27]- New; - ITW [27]- New;
-------------- not ITW ----------- not ITW
-1.-- 3 ----- 320 ----- 27 ----- 1 066 -- DrWeb for Win 95-XP 4.29a / 4.29c
-2.-- 2 ----- 251 ----- 27 ----- 1 054 -- F-secure Anti-Virus 5.40 (Build 8232) / 5.41
-3.-- 1 ----- 161 ----- 27 ----- 1 078 -- Panda Antivirus Platinum 7.0.2 maxim heur. / 7.0.4
-4.-- 1 ----- 159 ----- 27 ----- 1 081 -- Kaspersky Anti-Virus 4.0.5.35 / 4.5.0.58
-5.-- 1 ----- 142 ----- 27 ----- 1 081 -- VirusBuster for Win 4.0 (Build 11) / 4.3 (Build 13)
-6.-- 1 ----- 125 ----- 27 ----- 1 078 -- Panda Antivirus Platinum 7.0.2 medium heur. / 7.0.4
-7.-- 1 ----- 110 ----- 27 ----- 1 072 -- eTrust AV 6.0.97 / 7.0.139 (Ino)
-8.-- 0 ----- 108 ----- 27 ----- 1 065 -- Norton AntiVirus 2003 9.05.15 high h. / 2004 10.0.0.109
-9.-- 1 ----- 105 ----- 27 ----- 1 081 -- NOD32 v.1.538 / v.1.538 updated
10.-- 0 ----- 105 ----- 27 ----- 1 068 -- Norton Corporate Edition 8.00.9374 / 8.1.0.825
11.-- 0 ----- 105 ----- 27 ----- 1 065 -- Norton AntiVirus 2003 9.05.15 base h. / 2004 10.0.0.109
12.-- 0 ------ 47 ----- 27 ----- 1 070 -- eTrust AV 6.0.97 / 7.0.139 (Vet)
13.-- 0 ------ 41 ----- 27 ----- 1 003 -- Norman VC 5.00.2180.1 / 5.1.2600.1106
---------------------------------------------------------------------------------- ---------- --------------------
xxxxxxxxxxxxxxxxxx 27 ----- 1 079 -- TrendMicro OfficeScan xxx / v5.5
xxxxxxxxxxxxxxxxxx 27 ----- 1 055 -- F-secure Anti-Virus xxx / Client Security 5.50 (Build 570)
* NOD32, the same results with standard and deep heuristics!
** VirusBuster, the same results with high and paranoid heuristics!
Best regards,
FF again! |
|
| Folks familiar with my past skepticism about heuristics may faint to hear me say this, but .. in correspondence and sharing samples with a knowledgable friend who uses NOD32, along with the many posts here at BBR .. I have concluded that {for me at least, in my view} NOD32 leads the pack in heuristics. I'm actually surprised NAV does as well as it is showing here in your test; I have never regarded the "bloodhound" heuristics as NAV's "strong suit", in fact my AV of choice usually scores poorly in heuristics. I'm also quite surprised to see KAV's score: KAV has outstanding detection {the best} and the largest database; but I didn't think KAV's heuristics were too good .. but I could be wrong and am subject to correction. Thanks for publishing these interesting results! 
--
"But now abide faith, hope, love, these three; but the greatest of these is love." (1 Cor. 13:13) |
|
1 edit | reply to FF again
To Randy Bell from FF again!
Maybe u refer the NOD advanced heuristics, which is not available in all scanning modes in NOD and all environments?
Advanced heuristics was not tested by checkvir.com. But DrWeb's heuristics was not so bad, some 29.15 % detected!
Best regards,
FF again! |
|
 StraitShootWho Loves Ya Baby? - Theo KojakPremium
join:2003-02-08
Clinton, MA
kudos:1 | said by FF again:
To Randy Bell from FF again!
But DrWeb's heuristics was not so bad, some 29.15 % detected!
Well, I'm a dummy!
How did you come up with that "%"?... I can't make sense out of anything on that study...:p:p  :D
--
I'm Mad With Power! |
|
 Name GamePremium
join:2002-07-07
North Myrtle Beach, SC
kudos:6 | reply to FF again
Maybe this will help...:D
»www.wilderssecurity.com/index.ph···id=21227
--
Gladiator Security Forum »www.gladiator-antivirus.com/ Missing Kidshttp://www.missingkids.com/ |
|
| reply to FF again
To StraitShoot from FF again!
Maybe counting this (3+320)/(27+1081)!
Best regards.
FF again! |
|
 VampirefoPremium,MVM
join:2000-12-11
Huntington, WV
kudos:1 | reply to FF again
Seems like an OK test, I didn't see McAfee listed though.
--
Spam Officially Legal |
|
 muf9Captain of the axePremium
join:2003-01-04
uk
1 edit | reply to FF again
Let me see if i read this correct. The first two numbers are the amount the AV detected first scan relying mainly on heuristics. The second set of numbers are after the AV is updated so includes the signatures for the viruses.
So Dr web detected 3 in the wild viruses and 320 zoo viruses relying mainly on heuristics.
Then Dr Web was updated with latest defs and the detection was 27 in the wild viruses and 1066 zoo viruses.
Is that it, or am i barking up the wrong tree?
muf |
|
StraitShootWho Loves Ya Baby? - Theo KojakPremium
join:2003-02-08
Clinton, MA
kudos:1 | reply to FF again
So, according to what Firefighter says...
Dr. Web - 29.15%
F-Secure - 23.33%
Panda - 14.66% (maxmimum Heuistics)
KAV - 14.40%
VirusBuster - 12.91%
Etrust 10.10%
NAV 2003 High Bloodhound 9.89%
NOD32 - 9.57%
Is THAT What it comes down to?
--
I'm Mad With Power! |
|
| reply to FF again
To Muf from FF again!
I think the same as u! The first test was made before those viruses were detected overall. With all those tests heuristics option was on.
Best regards,
FF again! |
|
VampirefoPremium,MVM
join:2000-12-11
Huntington, WV
kudos:1 | reply to StraitShoot
Seems about right, One AV (VirusBuster) I don't know anything about it, the other AV's I would say as far as Heuristic Detection goes the order is correct.
--
Spam Officially Legal |
|
muf9Captain of the axePremium
join:2003-01-04
uk
1 edit | reply to FF again
I also do not know much about Virusbuster. Although i have seen it for sale in PCWorld which has the largest chain of shops selling pc equipment & software in the UK. So it's obviously commercially available rather than internet only.
Seems to be improving in the VB test since it's earlier failures.
»www.virusbtn.com/vb100/archives/···ster.xml
Maybe one to look out for?
muf |
|
|
|
| reply to FF again
To Muf from FF again!
Because checkvir.com and VirusBuster are both Hungarians, there may be a bit correlation!
Best regards,
FF again! |
|
| reply to FF again
A&A
Abbas.5660
Accept.3773
Account_Avenger.873
Aforia.656
Aiwed.852
Alabama
Alexe.1287
Alfons.1344
Algerian
Amazon.500
Ambulance
Amoeba
Anarchy.6503
Andreew.932
Angels.1571
Annihilator.673
Another_World
Anston.1960
Anthrax
Anticad.4096.A
....
and so on...
point me please to a "new virus but not itw" in the year 2003.
I repeat it: We are speaking about a heuristics test in the year 2003 and not in the year 1996.
For your notes, the Ambulance virus (alias RedX) was detected back in 1990. Same with almost all other stuff in this "high quality" testbed. And of course, this test was ok. Sure it was. If you use DOS Scanners like TAV or MC Afee for DOS. Most of the actual AV's do not even have a DOS Heuristics because it's not really important anymore.
---> Fazit: Bullshit of it's best.
--
Live Video Stream from home!
Here you can watch me at home in realtime.  |
|
| NOD32 is the leader in heuristic's scanning, that test, far beyond scientific as it is, doesn't even use the latest version of NOD32, or even use its heurisitic capabilities to its full capacity. |
|
VampirefoPremium,MVM
join:2000-12-11
Huntington, WV
kudos:1 | said by dos9:
NOD32 is the leader in heuristic's scanning, that test, far beyond scientific as it is, doesn't even use the latest version of NOD32, or even use its heuristic capabilities to its full capacity.
Leader ? No I am sorry they are not even close to the leaders, Nod's heuristic's is at the bottom almost non existent, they could just remove it from the scanner no one would miss it.
Can you name a virus or post a link to a virus in an IM to me that Nod can detect via heuristic that other AV's don't detect.
What was the last virus you detected using only Nod's heuristic's scanner?
--
Spam Officially Legal |
|
ghost16825Use security metricsPremium
join:2003-08-26 | reply to FF again
As expected - massive failure rates. Don't kid yourself on AV capabilities. |
|
1 edit | reply to Vampirefo
said by Vampirefo:
What was the last virus you detected using only Nod's heuristic's scanner?
I have a friend whom I share samples with, who has detected some new trojan downloaders and servers heuristically, that NAV didn't detect until I submitted to SARC. I agree with FF again  {FutureFriend} that NOD would do much better if AH had been included in the quoted results. I have changed my thinking on this issue, that's why I figured some might be surprised to hear it.
--
"But now abide faith, hope, love, these three; but the greatest of these is love." (1 Cor. 13:13) |
|
| reply to dos9
said by dos9:
NOD32 is the leader in heuristic's scanning, that test, far beyond scientific as it is, doesn't even use the latest version of NOD32, or even use its heurisitic capabilities to its full capacity.
can the leader NOD32 detect this?
--
hit any user to continue |
|
VampirefoPremium,MVM
join:2000-12-11
Huntington, WV
kudos:1 | reply to Randy Bell
Yes, with AH I have even said would bring Nod's results up among the Leaders, but AH is not tested nor should it ever be included in any test Until Nod adds it for selection.
AH is a hidden option and until Nod decides to unhide it no tester should waste time on it, Nod has it hidden for a reason.
--
Spam Officially Legal |
|
