ПРОЕКТЫ 


  АРХИВ 


Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 

  СТАТЬИ 


  ПЕРСОНАЛЬНОЕ 


  ПРОГРАММЫ 



ПИШИТЕ
ПИСЬМА














     АРХИВ :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] Сравнение антивирусов



Производят двойственное впечатление, так как результаты про эвристикам сильно 
различаются и несколько неожиданны


http://www.virus.gr/english/fullxml/default.asp?id=82
    *
      he test was made on 15-25 August 2006, using Windows XP Professional SP1 
on a P4 2800 Mhz, 512MB DDRAM.
    *
      All programs tested had the latest versions, upgrades and updates and 
they were tested using their full scanning capabilities e.g. heuristics, full 
scan etc. The default settings of each program were not used, in order for each 
program to achieve its maximum detection rate. Because of this, there is a 
possibility for the tested programs to detect a few false positives.
    *
      The 147184 virus samples were chosen using VS2000 according to Kaspersky, 
F-Prot, Nod32, Dr.Web, BitDefender and McAfee antivirus programs. Each virus 
sample was unique by virus name, meaning that AT LEAST 1 antivirus program 
detected it as a new virus.
    *
      ALL virus samples were unpacked and the only samples that were kept were 
the ones that were packed using external-dos-packers (that means not winzip, 
winrar, winace etc).
    *
      The virus samples had the correct file extension using a special program 
(Renexts) and were unique, according to checksum32 filesize.
    *
      Most of the virus samples used were not previously replicated at the time 
the test was made, which means that some of them, although probably only a few, 
may be false positives. The procedure of testing each and every virus sample is 
still under process.
    *
      The programs MKS_VIR , PER and IPArmor were not tested because there was 
no english demo version available.
    *
      The programs WinAntivirus , Anti-Hacker Expert , Command , Extendia AVK , 
GDATA AVK , BOClean , VET and Freedom were not tested because there was no demo 
version available.
    *
      Thourough mode was not used in VBA32 due to extremely slow scan process.
    *
      Advanced heuristics were not used in Tauscan due to extremely slow scan 
process.
    *
      VirusBuster uses the exact same engine as Vexira.
    *
      TheShield uses the exact same engine as VirobotExpert.
    *
      Avira uses the exact same engine as AntiVir.
    *
      Fire uses the exact same engine as Solo.
    *
      MKS_VIR uses the exact same engine as ArcaVir.
    *
      BullGuard uses the exact same engine as BitDefender free edition.
    *
      The program InVircible did not include a "typical" scanner-function and 
could not be tested.
    *
      The program V-Catch checks only mail accounts and could not be tested.
    *
      The program PC Tools kept crashing while testing the samples.
    *
      DOS-Based scanners were not tested.

    The following file types were used.

    SH, ELF, COM, EXE, PL, BAT, PRC, DOC, XLS, BIN, MDB, IMG, PPT, VBS, MSG, 
VBA, OLE, HTM, INI, SMM, TD0, REG, CLASS,

    HTA, JS, VI_, URL, PHP, WMF, HLP, XML, SCR, PIF, SHS, WBT, CSC, MAC, DAT, 
CLS, STI, INF, HQX, XMI, SIT.

    The virus samples were divided into these categories, according to the type 
of the virus : 

    *
      File = BeOS, FreeBSD, Linux, Mac, Palm, OS2, Unix, BinaryImage, BAS 
viruses, MenuetOS.
    *
      MS-DOS = MS-DOS viruses.
    *
      Windows = Win.*.* viruses.
    *
      Macro = Macro, Multi and Formula viruses.
    *
      Malware = Adware, DoS, Constructors, Exploit, Flooders, Nukers, Sniffers, 
SpamTools, Spoofers, Virus Construction Tools, Droppers, PolyEngines.
    *
      Script = ABAP, BAT, Corel, HTML, Java, Scripts, MSH, VBS, WBS, Worms, 
PHP, Perl, Ruby viruses.
    *
      Trojans-Backdoors = Trojan and Backdoor viruses.

    Rank

    1. Kaspersky version 6.0.0.303 - 99.62%

    2. Active Virus Shield by AOL version 6.0.0.299 - 99.62%

    3. F-Secure 2006 version 6.12.90 - 96.86%

    4. BitDefender Professional version 9 - 96.63%

    5. CyberScrub version 1.0 - 95.98%

    6. eScan version 8.0.671.1 - 95.82%

    7. BitDefender freeware version 8.0.202 - 95.57%

    8. BullGuard version 6.1 - 95.57%

    9. AntiVir Premium version 7.01.01.02 - 95.45%

    10. Nod32 version 2.51.30 - 95.14%

    11. AntiVir Classic version 7.01.01.02 - 94.26%

    12. ViruScape 2006 version 1.02.0935.0137 - 93.87%

    13. McAfee version 10.0.27 - 93.03%

    14. McAfee Enterprise version 8.0.0 - 91.76%

    15. F-Prot version 6.0.4.3 beta - 87.88%

    16. Avast Professional version 4.7.871 - 87.46%

    17. Avast freeware version 4.7.871 - 87.46%

    18. Dr. Web version 4.33.2 - 86.03%

    19. Norman version 5.90.23 - 85.65%

    20. F-Prot version 3.16f - 85.14%

    21. ArcaVir 2006 - 83.44%

    22. Norton Professional 2006 - 83.18%

    23. AVG Professional version 7.1.405 - 82.82%

    24. AVG freeware version 7.1.405 - 82.82%

    25. Panda 2007 version 2.00.01 - 82.23%

    26. Virus Chaser version 5.0a - 81.47%

    27. PC-Cillin 2006 version 14.10.1051 - 80.90%

    28. VBA32 version 3.11.0 - 79.12%

    29. ViRobot Expert version 4.0 - 76.22%

    30. UNA version 1.83 - 75.44%

    31. Rising AV version 18.41.30 - 73.60%

    32. Sophos Sweep version 6.0.2 - 69.48%

    33. Ikarus version 5.19 - 63.22%

    34. Antiy Ghostbusters version 5.1.3 - 61.55%

    35. Digital Patrol version 5.00.12 - 54.29%

    36. Vexira 2006 version 5.002.45 - 52.66%

    37. V3Pro 2004 version 6.1.1.2.640 - 52.38%

    38. Ewido Premium version 4.0.0.172 - 51.27%

    39. Ewido freeware version 4.0.0.172 - 51.27%

    40. ClamWin version 0.88.4 - 51.23%

    41. E-Trust version 7.2.0.0 - 50.36%

    42. ZoneAlarm with VET Antivirus version 6.5.722.000 - 44.65%

    43. A Squared Anti-Malware version 2.0 - 43.28%

    44. A Squared Free version 2.0 - 43.28%

    45. Zondex Guard version 5.4.2 - 41.73%

    46. Comodo version 1.0.0.4 - 41.02%

    47. Solo 4.0 version 3.1.0 - 40.83%

    48. Protector Plus version 7.2.H03 - 37.04%

    49. Quick Heal version 8.00 - 33.66%

    50. PC Door Guard version 4.2.0.35- 24.13%

    51. AntiTrojan Shield version 2.1.0.14 - 24.11%

    52. VirIT version 6.1.9 - 21.39%

    53. Trojan Hunter version 4.2.924 - 13.44%

    54. Trojan Remover version 6.5.1 - 8.00%

    55. Tauscan version 1.70.1414 - 7.70%

    56. The Cleaner version 4.2.4319 - 6.03%

    57. Hacker Eliminator version 1.2 - 1.70%

    58. Abacre version 1.4 - 0.00%

    Heuristics-only detection   
    (includes only antivirus software that allowed heuristics NOT to be used 
during the scan)

    What are heuristics: They analyze the code of each file with generic 
methods and detect new viruses that have not yet been included in the virus 
database of the antivirus software.

    Why are heuristics important: Because they help the antivirus software to 
discover a new unknown virus and thus protect the pc from being infected, even 
though the specific virus has not yet been included in the virus database of 
the antivirus software. 

    Rank Antivirus - Detected using only heuristics (this is the total of 
samples that would not be detected by each antivirus if heuristics were not 
used and not the total of samples that are detected by each antivirus using 
heuristics!)

    1 Nod32 2.51.30 - 41503
    2 Vba32 3.11.0 - 32911
    3 VirIT 6.1.9 - 16469
    4 AVG 7.1.405 Professional - 13624
    5 AVG 7.1.405 freeware - 13624
    6 Rising AV 18.41.30 - 12214
    7 McAfee 10.0.27 - 10708
    8 Ikarus 5.19 - 7191
    9 F-Prot 6.0.4.3 beta - 6247
    10 Ukrainian National Antivirus 1.83 - 5506
    11 ArcaVir 2006 - 4987
    12 Digital Patrol 5.00.12- 4760
    13 Panda 2007 2.00.01- 4191
    14 Norton 2006 Professional - 4004
    15 Trojan Hunter 4.2.924 - 3766
    16 AntiVir 7.01.01.02 Premium - 3697
    17 AntiVir 7.01.01.02 Classic - 3594
    18 Dr. Web 4.33.2 - 3575
    19 Norman 5.90.23 - 3272
    20 F-Prot 3.16f - 2493
    21 McAfee Enterpise 8.0.0 - 991
    22 Sophos Sweep 6.0.2 - 869
    23 BullGuard 6.1 - 511
    24 BitDefender 8.0.202 freeware - 511
    25 AntiTrojan Shield 2.1.0.14 - 386
    26 BitDefender 9 Professional - 353
    27 ZoneAlarm 6.5.722.000 with VET Antivirus - 124
    28 PC Door Guard 4.2.0.35 - 52
    29 eScan 8.0.671.1 - 45
    30 Comodo 1.0.0.4 - 0
    31 Quick Heal 8.00 - 0

    DETAILED TEST RESULTS (.rar compressed file)




 




Copyright © Lexa Software, 1996-2009.