Dear visitor, welcome to AV-Comparatives Forum. If this is your first visit here, please read the Help. It explains in detail how this page works. To use all features of this page, you should consider registering. Please use the registration form, to register here or read more information about the registration process. If you are already registered, please login here.
Monday, June 2nd 2008, 6:28pm
Monday, June 2nd 2008, 8:39pm
I am seeking an explanation where in - obviously rouge men write malwares to target well known Av Products, but how does that explain how lesser known Av are able to detect them?it says "maybe"; its a possible explanation, but not an excuse.
rogue men may try to make sure that their main targets (users running well-known av products) do not detect the malware. ...
Monday, June 2nd 2008, 8:57pm
of course its possible, but due your question i am currently not sure if you understood what i mean: imagine that you are a bad guy and you want that your malware infects many users and in order to do that, you have kaspersky and symantec installed on some pc, because those are well-known and used products. you write a malware and then you tes it against those two products. you see that one (or both of them) detect the malware you wrote by heuristic etc. so you try to modify your code as long as it is no longer detected. due the changes, it is also well possible that also other products do not lomnger detect the malware, but you are satisfied because those two mainstream av's do not detect it and you start to spread it around. as it works, you generate more new variants and release them also. av's are all different and use different heuristics and detection methods, so it is well possible that you bypass the detection of some products and not some other products (because you just do not care about them or did not checked if they detect it).If one can write malwares that can evade Av's like norton, kaspersky but to be able to be detected by lesser know Av's, then your point can hold good - but is that even possible? Thats the issue i am raising ..
Thursday, June 12th 2008, 12:38pm
I still disagree with the view that Kapsersky and Aymantic performance was bad due to any possibilities that bad men wrote specific malwares and targeted them :you should read the report carefully, it contains all the answers you need to understand the results.
The reason why e.g. Kaspersky-based products and Symantec scored low this time is maybe that those well-known products are usually targeted by the bad guys which check if their malware is detected by those products before releasing them. As the time-frame was quite short this time, this may had this side-effect in the results.
Tuesday, June 17th 2008, 8:48pm
Although I agree with you for the fact of NOD32's detection, I do not find the link you provided as reliable (http://www.lightspeedsystems.com/Compare/AntivirusComparison.aspx)I have a question about the effectiveness of the detection antywirusa nod 32 noticed that for a long time occupies a prominent place in the various tests which did not translate on its effectiveness in everyday use, an active party member and warez torrent tested every 32 versions nod in the hope that it will be better and Every time it ended badly for the system simply can not detect much malwers and has been done not only with me many of his friends saw him installed various tests and sooner or later have problems with the computer where at much less evaluated antivirus nothing that has not taken place
Recently, I found the effectiveness of tests which seem to me personally more reliable than those where there is a nod in the forefront
me and acquaintances many times nod32 not detect mainly trojans end backdoors on pages where the type virustotal most programs do not have this problem, therefore, very surprised me is how so high note in my country, this is a very popular antivirus and cost 2 times as much as whether kaspersky even 3 times as much as gdata, and many people buy it just on the grounds that it is advertised as "light system" and is highly effective in detecting even the last is advertised as "intelligent" and the confirmation of the various tests are given, inter alia, av - comparatives
Tuesday, June 17th 2008, 8:51pm
I'm sorry for the messed-up formattinghave a question about the effectiveness of the detection antywirusa nod 32 noticed that for a long time occupies a prominent place in the various tests which did not translate on its effectiveness in everyday use, an active party member and warez torrent tested every 32 versions nod in the hope that it will be better and Every time it ended badly for the system simply can not detect much malwers and has been done not only with me many of his friends saw him installed various tests and sooner or later have problems with the computer where at much less evaluated antivirus nothing that has not taken place
Although I agree with you for the fact of NOD32's detection, I do not find the link you provided as reliable (http://www.lightspeedsystems.com/Compare/AntivirusComparison.aspx)For the simple fact that F-Secure uses the Same engine as Kaspersky, and it is virtually impossible for it to get such a huge difference in detection
Recently, I found the effectiveness of tests which seem to me personally more reliable than those where there is a nod in the forefront
http://www.lightspeedsystems.com/Compare…Comparison.aspx
I wonder what this think?
me and acquaintances many times nod32 not detect mainly trojans end backdoors on pages where the type virustotal most programs do not have this problem, therefore, very surprised me is how so high note in my country, this is a very popular antivirus and cost 2 times as much as whether kaspersky even 3 times as much as gdata, and many people buy it just on the grounds that it is advertised as "light system" and is highly effective in detecting even the last is advertised as "intelligent" and the confirmation of the various tests are given, inter alia, av - comparatives
Detections:
Kaspersky ->3458
F-Secure ->1442
F-Prot ->1596
In fact, since F-Secure includes other engines, it should have detected the same number or more malware samples.
Additionally, F-Secure uses also F-Prot's engine, and as you can see F-Prot detected a higher number of threats.
Therefore the test isn't reliable, in my opinion.
PS: I agree that spyware samples should be included in further tests, although today it's almost a standard using a dedicated anti-spyware product along with an anti-virus/security suite.
Monday, June 23rd 2008, 3:03pm
It also doesn't mention that heuristics were not used... (or am I looking in the wrong place?)But it was not mentioned [on lightspeedsystems] that heuristics were included.
about the statistics.
Sunday, May 19th 2013, 12:34pm
Go to the top of the page
