RobertLudlum
join:2005-01-20
656456
| reply to Wai_Wai
Re: Latest AV results from av-test.org
said by Wai_Wai  :said by bellgamin :Could this be the reason why WebWasher did so well, I wonder? It is because WebWasher uses AntiVir engine in this test, as someone told you in the previous post. Now why does WebWasher score higher than AntiVir? One reason I could think of is "Webwasher will report every UPX packed DLL as suspicious". Since this testbed only contains malware (no test about the accuracy of the scan result), Webwasher can detect every such malware while AntiVir can't. This may explain the discrepancy. lol. Webwasher uses two engines, Antivir and their own private one. That's why they scored a touch better. |
|
Wai_Wai
A Guy Who Enjoys Thumb-Up
join:2004-07-30
2 edits | reply to bellgamin
said by bellgamin :Could this be the reason why WebWasher did so well, I wonder? It is because WebWasher uses AntiVir engine in this test, as someone told you in the previous post.
Now why does WebWasher score higher than AntiVir? One reason I could think of is "Webwasher will report every UPX packed DLL as suspicious". Since this testbed only contains malware (no test about the accuracy of the scan result), Webwasher can detect every such malware while AntiVir can't. This may explain the discrepancy.
By the way, people should take the accuracy of the scan result into account. Theoretically an antivirus which flag everything as malicious can score 100% in this test, but this antivirus is totally useless in reality. Thus products with high number of false-positive should be used with care (so as to avoid deleting any innocent files). Here are the products with considerably more false positives:
- Dr.Web
- Fortinet
- VBA32
[Source: av-comparatives.org, research in VirusTotal and Jotti VirusScan]
Also note that some unheard AV products may be simply the clones of other well-known AVs. They either use one or multiple scan engines from other well-known AV (eg AVK, F-secure, TrustPort, Webwasher).
--
If you think my post is awesome, please vote for me 
If it's thread (created by me) -> Simply click on "Topic functions : thumbs up, news-worthy".
If it's reply -> click on the "thumb-up" icon under my reply.
I enjoy seeing a lot thumb-ups around me! |
|
Wai_Wai
A Guy Who Enjoys Thumb-Up
join:2004-07-30
3 edits | reply to Begemotik
said by Begemotik :One test confirms your observations? Wow . . . that's some opinion barometer you must have. You should read and quote carefully. I say "This test somehow confirms my observations." And I say observation"s" (which has a "s"). So there are other testing and test results which make me think so. I'm not making the conclusion from just 1 test (or this test) only.
Note that the test has the following testbed:
83.000 Worms
86.000 Bots
218.000 Trojans
79.000 Backdoors
It is known that NOD32 is bad at detecting trojans-like malware (and the rank of this test does give you some ideas how bad NOD32 is). What I'm saying is this is one of the evidence which proves this statement, but this is not the only one!
--
If you think my post is awesome, please vote for me
If it's thread (created by me) -> Simply click on "Topic functions : thumbs up, news-worthy".
If it's reply -> click on the "thumb-up" icon under my reply.
I enjoy seeing a lot thumb-ups around me! |
|
Begemotik
Premium
join:2004-12-16
Saint Marys, OH | reply to Wai_Wai
One test confirms your observations? Wow . . . that's some opinion barometer you must have. |
|
Wai_Wai
A Guy Who Enjoys Thumb-Up
join:2004-07-30
4 edits | reply to TAP
said by TAP :All freebies, AVG, AntiVir, avast! are always doing a very good results, they beat many (some beats all) well-known paid AV. Only AntiVir can match the best paid AVs. However it has more false positives than the average AVs.
Avast and AVG is out of the top 10.
AVG is not really a good AV (look at the result of AV Comparatives - it has never got the "advanced" or "advanced+" award, but it once got the "unclassified" award)
I sometimes wonder if NOD32 is overrated. This test somehow confirms my observations. It only ranks 12th. Too bad!
I am a bit hesitant about Fortinet. It may score high because it also generates many false positives. It tends to flag many innocent but runtime-packed executable as suspicious.
--
If you think my post is awesome, please vote for me
If it's thread (created by me) -> Simply click on "Topic functions : thumbs up, news-worthy".
If it's reply -> click on the "thumb-up" icon under my reply.
I enjoy seeing a lot thumb-ups around me! |
|
bellgamin
Kachunga
Premium
join:2003-01-12
Ewa Beach, HI
2 edits | reply to mers2
The 1st post in this thread quotes AV-Test's proponents as follows: "Beside over 83.000 worms the parasit collection consisted of more than 86,000 Bots, 218,000 Trojan horses and 79,000 Backdoors." Oddly enough, there is no mention of viruses whatsoever. Or did something get lost in translation?
It seems to me that the AV programs were tested against a test-bed of malware that usually is viewed as the province of AntiTrojan programs moreso than AntiVirus programs.
Could this be the reason why WebWasher did so well, I wonder? |
|
mers2
Premium,MVM
join:2004-03-20
USA
clubs:
 ·AT&T U-Verse
| reply to TAP
said by TAP :All freebies, AVG, AntiVir, avast! are always doing a very good results, they beat many (some beats all) well-known paid AV. Too bad and always bad for CA eTrust and ClamAV, where are their substantial improvements? ClamAV is a freeware project still in beta so it can be excused. CA eTrust, however is a commercial product and can't be cut the same amount of slack.
--
Team Discovery
|
|
TAP
join:2006-03-16 | reply to SpannerITWks
All freebies, AVG, AntiVir, avast! are always doing a very good results, they beat many (some beats all) well-known paid AV.
Too bad and always bad for CA eTrust and ClamAV, where are their substantial improvements? |
|
