Embed Size (px)
Citation preview
http://www.malware-test.com
Copyright © 2007 Malware-Test Lab. All rights reserved. 1
Antivirus Detection Comparison Report (20070628)
Revision History Revision No. Revised By Date of Change Description 1.0 Samplas June 28, 2007 Create this document. 1.1 Samplas July 5, 2007 Add other antivirus softwares.
http://www.malware-test.com
Copyright © 2007 Malware-Test Lab. All rights reserved. 2
Contents
Revision History..............................................................................................1 Test Summary ................................................................................................3 Issues with Vendors........................................................................................5 Contact Information........................................................................................9 Appendix A: Test Platform and Testing Subjects ............................................. 10 Appendix B: Testing Methodology.................................................................. 21
http://www.malware-test.com
Copyright © 2007 Malware-Test Lab. All rights reserved. 3
Test Summary In this report, the terminology, malware, includes virus, trojan, worm, backdoor, spyware, adware, dialer, keylogger, hack tool and so on. The samples we use are collected daily from Honeypot, the total malware count is 267,287, total file size is about 34,156 MB. The following table shows detection rate and scan performance for antivirus software:
Software Name Detection Rate
Files Detected
Scan Time (Sec)
Scan Speed (MB/Sec) Remark
Fortinet FortiClient Consumer Edition 3.0.400 92.87% 248225 9177 3.72 AVIRA Premium Security Suite 7.0 89.75% 239897 4126 8.28 Turn on SkipEventDB BitDefender Internet Security v10 85.93% 229680 15654 2.18 Norman Virus Control Plus 5.90 81.99% 219136 96121 0.36 F-Secure Internet Security 2007 77.38% 206820 20704 1.65 Incomplete scan log ZoneAlarm Security Suite 7.0 76.50% 204471 ? ? Incomplete scan log MicroWorld eScan Internet Security 9.0 76.14% 203507 34813 0.98 AOL Active Virus Shield (Free) 75.97% 203049 17183 1.99 Kaspersky Internet Security 6.0 75.95% 203017 17080 2.00 AVIRA AntiVir PersonalEdition Classic 7.0 (Free) 75.51% 201841 4069 8.39 Turn on SkipEventDB ClamWin Free Antivirus 0.90 (Free) 74.63% 199481 18034 1.89 BitDefender 8 Free Edition (Free) 72.49% 193744 20154 1.69 Rising Antivirus 2007 71.60% 191381 36179 0.94 ALWIL avast Professional 4.7 65.19% 174246 6139 5.56 Trend Micro Internet Security 2007 (China Pattern) 64.77% 173127 231660 0.15
Trend Micro Client Server Messaging Security for SMB 3.6 (China Pattern) 64.77% 173127 13363 2.56 Kingsoft Internet Security 2007 63.11% 168691 8404 4.06 Symantec Norton Internet Security 2007 62.63% 167403 261849 0.13 Incomplete scan log Filseclab Twister Anti-TrojanVirus V7 62.59% 167300 10136 3.37 F-Prot Antivirus 3.16f 62.07% 165904 64860 0.53
Trend Micro Client Server Messaging Security for SMB 3.6 (Global Pattern) 61.16% 163466 10514 3.25 Incomplete scan log Jiangmin Antivirus KV2007 59.39% 158743 11507 2.97 McAfee Internet Security 2007 58.96% 157601 246000 0.14 Cannot save scan log AhnLab V3 Internet Security 2007 Platinum 57.61% 153984 7740 4.41 Incomplete scan log Webroot Spy Sweeper with Antivirus 5.5 56.52% 151067 22302 1.53 Error: log too large for display CA Internet Security 2007 54.67% 146132 4238 8.06 ESET NOD32 2.7 54.29% 145123 4292 7.96 Panda Internet Security 2007 45.20% 120825 ? ? Incomplete scan log Sunbelt CounterSpy V2 ? ? ? ? Application hang Microsoft Windows Live OneCare 1.6 ? ? ? ? Application hang Dr.Web Antivirus 4.33 ? ? ? ? Application error PC Tools Antivirus 3.1 (Free) ? ? ? ? Application error Source: Malware-Test Lab (http://www.malware-test.com)
http://www.malware-test.com
Copyright © 2007 Malware-Test Lab. All rights reserved. 4
If you want to verify our test result, we provide the following data, please feel free to contact us: � All malware files’ SHA1 value. � All antivirus scan logs.
http://www.malware-test.com
Copyright © 2007 Malware-Test Lab. All rights reserved. 5
Issues with Vendors In this testing, some antivirus softwares cause following problems: � Dr.Web Antivirus 4.33 (Application Error)
http://www.malware-test.com
Copyright © 2007 Malware-Test Lab. All rights reserved. 6
� Filseclab Twister Anti-TrojanVirus V7 (Application Error)
� McAfee Internet Security 2007 (Error)
� PC Tools Antivirus 3.1 (Application Error)
http://www.malware-test.com
Copyright © 2007 Malware-Test Lab. All rights reserved. 7
� Sunbelt CounterSpy V2 (Application Hang)
http://www.malware-test.com
Copyright © 2007 Malware-Test Lab. All rights reserved. 8
� Webroot Spy Sweeper with Antivirus 5.5 (Session log file too large for display)
http://www.malware-test.com
Copyright © 2007 Malware-Test Lab. All rights reserved. 9
Contact Information If you have any questions or suggestions about this report or test methodology, please feel free to contact us. E-Mail: [email protected]
http://www.malware-test.com
Copyright © 2007 Malware-Test Lab. All rights reserved. 10
Appendix A: Test Platform and Testing Subjects Malware-Test Lab uses the following specification in producing any data presented in this document. � OS: Windows XP Profession, English or Traditional Chinese Version with
Service Pack 2. � Test Machine: DELL Dimension C521 with AMD Athlon 64x2 Dual-Core
CPU 3800+ with 1GB RAM. � The settings/configurations of antivirus software are set to all files scan with
max settings except for heuristic scan (turn on with default setting, the majority are medium).
� Antivirus softwares are updated on June 22, 2007 US time. List of Antivirus vendors to be tested and their setting at the time being tested: � AhnLab V3 Internet Security 2007 Platinum
� ALWIL avast Professional 4.7
� Avira AntiVir PersonalEdition Classic 7.0
http://www.malware-test.com
Copyright © 2007 Malware-Test Lab. All rights reserved. 11
� Avira Premium Security Suite 7.0
� CA Internet Security Suite 2007
http://www.malware-test.com
Copyright © 2007 Malware-Test Lab. All rights reserved. 12
� Fortinet FortiClient Consumber Edition 3.0.400
� Kaspersky Internet Security 6.0
http://www.malware-test.com
Copyright © 2007 Malware-Test Lab. All rights reserved. 13
� AOL Active Virus Shield
� ESET NOD32 Antivirus 2.7
� Rising Antivirus 2007
� Trend Micro Internet Security 2007 (China Pattern)
http://www.malware-test.com
Copyright © 2007 Malware-Test Lab. All rights reserved. 14
� Trend Micro Client Server Messaging Security for SMB 3.6 (China
Pattern, Traditional Chinese Edition)
� Trend Micro Client Server Messaging Security for SMB 3.6 (Global
Pattern, Traditional Chinese Edition)
� Panda Internet Security 2007
http://www.malware-test.com
Copyright © 2007 Malware-Test Lab. All rights reserved. 15
� Webroot Spy Sweeper with Antivirus
� BitDefender 8 Free Edition
http://www.malware-test.com
Copyright © 2007 Malware-Test Lab. All rights reserved. 16
� ClamAV Version 0.90
� MicroWorld eScan Internet Security 9.0
� McAfee Internet Security 2007
http://www.malware-test.com
Copyright © 2007 Malware-Test Lab. All rights reserved. 17
� Norman Virus Control Plus 5.90
� a
http://www.malware-test.com
Copyright © 2007 Malware-Test Lab. All rights reserved. 18
� Jiangmin Antivirus KV2007
� ZoneAlarm Security Suite 7.0
� Kingsoft Internet Security 2007
http://www.malware-test.com
Copyright © 2007 Malware-Test Lab. All rights reserved. 19
� PC Tools Antivirus 3.1 (Free)
� Filseclab Twister Anti-TrojanVirus V7
� F-Secure Internet Security 2007
http://www.malware-test.com
Copyright © 2007 Malware-Test Lab. All rights reserved. 20
� Microsoft Windows Live OneCare 1.6
� Dr.Web Antivirus 4.33
http://www.malware-test.com
Copyright © 2007 Malware-Test Lab. All rights reserved. 21
Appendix B: Testing Methodology
Please refer to http://www.malware-test.com for detailed test methodology.
