Jump to content


Photo

Antivirus tests


  • Please log in to reply
74 replies to this topic

#51 Cesky.A

Cesky.A

    Member

  • Full Member
  • Pip
  • 15 posts

Posted 14 August 2004 - 10:45 PM

I tried BitDefender Free Edition.It detected 7 trojans compared to avast!'s 5 and AVG's 0.
I know this is very stupid since my post is so short but this is the best I can do.I'm no pro,just a noob.
One more thing,I hope you guys don't consider this as spam since I'm talking crap all the time.

Edited by Cesky.A, 14 August 2004 - 11:06 PM.


#52 Nytron

Nytron

    Advanced Member

  • Full Member
  • PipPipPip
  • 214 posts

Posted 27 August 2004 - 01:33 PM

:wave: Hello Trilobite
Just wanted to say "Thank You" for this fascinating thread that you put a lot of effort into creating... Hope your job search is going well :cool:

#53 Trilobite

Trilobite

    Malware Hunter

  • Trusted Advisor
  • PipPipPipPipPip
  • 711 posts

Posted 28 August 2004 - 10:04 AM

@Nytron
Youíre welcome.

These tests started as a quick experiment with 6 trojans and quickly grew as I picked up more and more infections. I never expected this thread to receive in excess of 10,000 views. :blink: I hope to expand on these tests when I have more time with various other AV packages and maybe a few trojan scanners that people have suggested as well as including more infected test files.

:wave:

#54 Guest_Joey1_*

Guest_Joey1_*
  • Guests

Posted 31 August 2004 - 04:18 PM

I have been busy recently and havenít had the time to run any new tests with other AV programs and probably wonít have time to update the scans for a while. Not to mention that several of the AV trial versions have expired. I will make note of all of the requested AV programs and if time permits, I will test them.

I still do not have any word on the recovery of the crashed hard diskÖthe bulk of the several thousand infected files were stored on it and we have been working on finding the backups of that drive and on the data recovery of that drive.

Thanks for creating this very interesting thread :cool:

#55 JRosenfeld

JRosenfeld

    Advanced Member

  • Full Member
  • PipPipPip
  • 143 posts

Posted 01 September 2004 - 06:37 PM

Trilobite,

@ Alya,
I didnít see any difference between the regular and extended Kaspersky databases. The detection is still very good with the regular database.

QUOTE 
I disinfected several computers using KAV and accumulated 391 viruses in my KAV "Infected" folder from these disinfections.


Viruses, Trojans and malware in general are very easy to pick up this way. This is how I obtained a lot of mine. But then again, these types of files donít exactly hide. By nature, most of them self replicate and attempt to infect other systems.


If indeed 'a lot' of your test files were obtained from KAV "infected" folder, would that not skew the results in favour of KAV?

(just a question for clarification , not meant to attack or belittle your great work :-))

#56 Trilobite

Trilobite

    Malware Hunter

  • Trusted Advisor
  • PipPipPipPipPip
  • 711 posts

Posted 02 September 2004 - 09:16 AM

I think it was Alya who used this method.

I picked up most of mine through using a variety of different AV scans, not just one. Some of them I picked up just because they looked suspicious. (i.e.: email attachments, files with obviously wrong files sizes, files with the wrong icon, and files with double extensions.)

Edited by Trilobite, 02 September 2004 - 09:17 AM.


#57 AntiSpam

AntiSpam

    Member

  • Full Member
  • Pip
  • 24 posts

Posted 02 September 2004 - 09:55 AM

Tribolite,no offense since I'm just a noob here and asking you to do me a favour.Would you mind adding Trend Micro's PC-cillin and Tech-Protect Virus Protection System to your long list?

http://www.tech-pro.net/software.html

Edited by AntiSpam, 02 September 2004 - 09:56 AM.


#58 Trilobite

Trilobite

    Malware Hunter

  • Trusted Advisor
  • PipPipPipPipPip
  • 711 posts

Posted 04 September 2004 - 11:39 AM

@AntiSpam,
No offense taken. :wave:
All comments, recommendations, suggestions, requests and complaints are welcome.

I have been busy recently and havenít had the time to run any new tests with other AV programs and probably wonít have time to update the scans for a while. I will make note of all of the requested programs and if time permits and if they have a trial version, I will test them.

#59 AntiSpam

AntiSpam

    Member

  • Full Member
  • Pip
  • 24 posts

Posted 12 September 2004 - 09:15 AM

Many thanks.I've tested out Tech-Protect Virus Protection System.Well...it doesn't work on my NTFS file system.Blame it on F-Secure's DOS Scanner.They won't cooperate like what they(F-Secure)said on their website.By the way,I've noticed avast! mistaken some programs as trojans.One of their in-the-wild function or whatever?

#60 device manager

device manager

    Member

  • New Member
  • Pip
  • 1 posts

Posted 03 October 2004 - 10:34 PM

Trilobite, you've done a very nice job with the AV roundup. When you have time would you mind testing Panda Platinum v7 which is free for 1yr. when you register using the link I've provided. :D

I can only hope that it is as efficient as Titanium. :ph34r:

#61 Trilobite

Trilobite

    Malware Hunter

  • Trusted Advisor
  • PipPipPipPipPip
  • 711 posts

Posted 08 October 2004 - 09:37 AM

I probably will not add Panda Platinum v7 to my testing. I have already tested one Panda AV product and they most likely both use the same virus definitions. The primary differences between AV programs from the same company are usually user interface, licensing, on-demand and scheduling options. If they both use the same virus definitions, then their detection rates should be the same.

For example, McAfee sells/produces the following antivirus programs (non-inclusive list):

VirusScan
VirusScan Professional
Internet Security
VirusScanģ Enterprise 8.0i
VirusScan Command Line Scanners
CleanBoot
VirusScan AsaP
GroupShield
PortalShield
WebShield

I have used and beta tested several of these programs and all of those have used the same virus definition dat file. Consequently, their detection rates were the same.

#62 Schadenfroh

Schadenfroh

    Member

  • Full Member
  • Pip
  • 14 posts

Posted 20 October 2004 - 08:30 PM

If anyone is interested in how much memory these antivirus apps use, i wrote up a little review of them (although i did subsititue the free version in for a few). Thanks trilobyte for letting me use the results of your tests in the review.
A chart with a side by side comparison of the antivirus applications memory usage is on the last page.

Linked

#63 macaroo

macaroo

    Advanced Member

  • Full Member
  • PipPipPip
  • 169 posts

Posted 21 October 2004 - 09:59 AM

If anyone is interested in how much memory these antivirus apps use, i wrote up a little review of them (although i did subsititue the free version in for a few).  Thanks trilobyte for letting me use the results of your tests in the review.
A chart with a side by side comparison of the antivirus applications memory usage is on the last page.

Linked

View Post


Outstanding review of the current AV products on the market. A good follow up on work preiviously done on this subject.

#64 Mr Bob

Mr Bob

    Member

  • Full Member
  • Pip
  • 15 posts

Posted 28 November 2004 - 04:41 PM

I am going to purchase an AV program sometime within the next week or so, and wondered which to get.

I was happy to see your post, but think it isn't that good of an idea to base my decision on just one person who conducted the tests. Where else can we see results for these programs?

Do you have any final conclusions about these?

How come you used the Kaspersky Personal and not PersonalPro, or even both?

Great review on each product, a lot of us are greatful for the time it took to prepare this :)

#65 Swandog46

Swandog46

    Forum Deity

  • Emeritus
  • PipPipPipPipPip
  • 10,190 posts

Posted 28 November 2004 - 05:12 PM

Mr Bob,

I use Symantec Corporate Edition, which is of course outstanding, but if you don't feel like paying for an anti-virus client (which I certainly would not have, if I had not gotten a subscription for free), AVG makes an excellent free anti-virus client, available for download here:
http://free.grisoft....2/lng/us/tpl/v5

I have never used Kaspersky, but Symantec products and AVG products are both excellent!
Hope this helps :D

#66 Mr Bob

Mr Bob

    Member

  • Full Member
  • Pip
  • 15 posts

Posted 28 November 2004 - 05:23 PM

No that doesn't help- a little bit more confused now too

AVG, according to this test, was a real piece of crap. 69% detection is not good at all.

I don't mind paying $50 or so to get something that is almost twice as good as the free clients out their. To me, it is worth a small investment.

#67 Swandog46

Swandog46

    Forum Deity

  • Emeritus
  • PipPipPipPipPip
  • 10,190 posts

Posted 28 November 2004 - 06:14 PM

Mr. Bob,

Sorry for the confusion then. Please note that the version of AVG tested was AVG Professional 7.0, dated 7-29-04, which corresponds roughly to AVG Free Version 6.0. Since then the program has been updated to an entirely new Free Version 7.0, with many enhancements, and so the 69% is probably no longer an accurate measure of detections (and it is questionable whether it was ever an accurate measure). I happen to have used AVG personally and found it quite effective, especially the new versions. Plus, it is free --- if the free program were the best in existence, the "paid" companies would not stay in business.

For paid programs, I like Norton/Symantec, as I said (although I would probably not choose to pay for antivirus software). As a result of Trilobite's excellent testing, you might favor Panda or Kaspersky as well. You can see the test results for yourself and make up your own mind. :D

Edited by Swandog46, 28 November 2004 - 07:37 PM.


#68 Mr Bob

Mr Bob

    Member

  • Full Member
  • Pip
  • 15 posts

Posted 28 November 2004 - 06:26 PM

Much less confused, but I still haven't made up my mind 100% yet.

Let's just hope Kaspersky will reply to my sales ? with info about a student discount!

Thanks for the information :)

#69 Swandog46

Swandog46

    Forum Deity

  • Emeritus
  • PipPipPipPipPip
  • 10,190 posts

Posted 28 November 2004 - 07:38 PM

Sure :D
Sorry for the trouble.

#70 Trilobite

Trilobite

    Malware Hunter

  • Trusted Advisor
  • PipPipPipPipPip
  • 711 posts

Posted 28 November 2004 - 08:37 PM

Howdy Mr Bob, Swandog46.

I know there are other tests out on the internet that may or may not show a significant difference from my tests, unfortunately I donít know their web addresses right off hand. Google or yahoo might help there.

There can be a lot of variation in the tests due to a number of factors such as AV definition dates, type and amount of test files, testing errors, who is conducting the test and were they fully awake that dayÖ ;)
The test files that I used represent less than 10% of viruses existing in the wild. This alone could skew testing results in one direction or other.

Do you have any final conclusions about these?

Not really. Ironically, I am still using the same antivirus programs (Norton and McAfee) that I was using before starting these tests. There are a lot of factors to consider before deciding which AV program is best. This test only shows the detection abilities of these programs, not how they perform overall. For example, on my primary system, I was running McAfee. It has great virus and Trojan detection, unfortunately it almost constantly wanted to connect to the internet and it slowed my system to a crawl. Processes that should only take 20 minutes to finish would take 4 hours even with active monitoring disabled! Another AV program took an exceedingly long time to scan my test system (sorry I donít remember which one). Another AV program had numerous and extremely annoying popups (I think it was Panda, but I canít be sure).
The final decision is up to you. All I can say is that all of these programs work, and they all have their drawbacks.

How come you used the Kaspersky Personal and not PersonalPro, or even both?

I generally donít test two AV programs that use the same definition files. Plus I can not afford to purchase each program just to use for testing, therefore I use trial versions of the AV programs. I donít know if PersonalPro is offered as a trial version.

Great review on each product, a lot of us are greatful for the time it took to prepare this

Thanks :blush2:

#71 Mr Bob

Mr Bob

    Member

  • Full Member
  • Pip
  • 15 posts

Posted 28 November 2004 - 09:08 PM

I just downloaded the PersonalPro trial, and currently am trying it out right now.

My system is pretty well bloated with programs that I have installed/uninstalled over the last 6 months.

It is hard to try out this software before I reformat my hard drive.

What do you suggest I do?

I get my new hard drive sometime this week, and will install a fresh copy of XP Pro. Should I install the OS, connect to WindowsUpdate, get updates, then install some sort of AV?

I think I am set on either PersonalPro, McAfee, or Norton. If I install any of them on my new hard drive, and uninstall them after I am done testing, couldn't that lead to problems down the road?

The main programs I use is Adobe Photoshop, Flash/Dreamweaver MX 2004, and Office XP. Of course there are a few small ones such as UltraEdit, FileZilla, but I doubt these would slow my system down much at all.

If this helps at all, this is my system:
ASUS P4P800-E Deluxe
Intel P4 478 3.0Ghz 800 FSB w/HT
Seagate 120GB Barracuda SATA Hard Drive
ATI All-In-Wonder 9800 Pro 128 MB
NEC 8x DVD+RW/-RW Drive
Sony 48x DVD/CD+-RW Drive
PC3200 1GB (2x512MB) Dual-Channel Optimized 400 MHz - CAS 2.0
Raidmax Scorpio 868 ATX w/ 420W PSU
Sony 1.44 Internal Floppy
Intel Ambient v.92 56K Modem

#72 Trilobite

Trilobite

    Malware Hunter

  • Trusted Advisor
  • PipPipPipPipPip
  • 711 posts

Posted 29 November 2004 - 10:53 AM

If it were my system, I would install the antivirus program before connecting to the internet. Then I would update the virus definition files, install the windows updates and lastly I would scan the system with Ad-Aware just to be sure nothing infected the system before the updates were installed.
One thing to consider if you are going to reformat and reinstall, most legal versions of both Windows XP and Office XP require activation. If you reformat and reinstall, you might have to reactivate them. If you have previously installed them using the same CD keys then you might need to telephone Microsoft in order to reactivate.

Installing software and then uninstalling software always leaves the potential for problems down the road. Most of the time no problems show up, but sometimes they do occur. I do not know of any particular problems uninstalling Kaspersky, McAfee or Norton. After my last round of tests on my test system, I reformatted and restored the system with a HDD image.

If you install more than one AV program at a time, it is very important that you only run one of them at any one time. This includes active scans and background monitoring. Running more than one scan at a time can cause system lockups, file access errors, false positives, false negatives, and can potentially corrupt files.

#73 Mr Bob

Mr Bob

    Member

  • Full Member
  • Pip
  • 15 posts

Posted 29 November 2004 - 03:42 PM

Great advice.

I must say Kaspersky's IU is pretty bad compared to NAV. I noticed I had to finished scanning (took 6 hours for 110GB) in order for me to do anything with the viruses it found.

The only viruses it found were ones that were displayed in e-mail messages.

I would really just prefer to install NAV 2005 on the new HD, but the results you showed me lead me to Kaspersky. I ran Norton 2003 fine for 6 months, but figured since it is time to install a new HD.

Of course, detection rate isn't everything... But it should play an important role on determining which AV to go with.

I wouldn't want to base my decision on just the UI itself. I also prefer to make my purchase based in the US mainly because of the support and fact that I know I can speak to someone that speaks my own language...

#74 Alya

Alya

    Member

  • Full Member
  • Pip
  • 12 posts

Posted 02 April 2005 - 01:25 AM

Mr Bob
Kaspersky Personal Pro interface is uncomparably better than Norton. You do not have to finish scanning to do anything with the viruses- it's all configurable thru the settings. You can delete viruses as you go. Or rename them. Or quarantine them. Or do nothing, just log their names/locations in the report. Or ask you about each virus individually. It's VERY VERY configurable - it's the most configurable antivirus available on the market. But it's very complex for an average user to figure out how to configure it.

#75 drhardlove

drhardlove

    Member

  • Full Member
  • Pip
  • 18 posts

Posted 08 April 2005 - 05:12 AM

Hi Trilo and everybody else contributing in this thread.

Thx a lot for U'r effort. :D

I have also made PC Security a big issue in my PC life.

I have been running Norton System works 2003 for 2 years now. I Have of course had some protection from it, but I'm not to sure that I'll continue using it(my subscription is ending in 20 days).

I have used some of the online scanners that is around, and when first running trend after I had tried to clean with NA and lots of Anti.spystuff etc. Trend micro livescan still could clean out a few more. :huh:

I was impressed and decided that I would buy their AV solution on expiering of NA, but then I ran into trouble again, and this time I ran everything I knew, including these two, but when I downloaded Kaspersky trial version It found a lot more :gack: So now I'm quite hot on Kaspersky. I havent tried McAfee yet, but I have a feeling it must be these two witch is the better choise.

To Bob I have to say that I'd rather run a scan for 6 hours and have it clean, than running a quick scan and still be infected. :worm:

:worm: :worm: :worm: :worm: :worm: :worm: :worm: :worm:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button