Is MKS-Vir 2005 better than Kaspesky?

J

Jenna Jameson

REPORT:
Discovered and tested MKS-Vir2005, from Poland. Surprisingly, this one with
caught every sample perfectly on Medium Heuristics. Specifically, nearly 50
samples were picked up Heuristically giving it a perfect score of 321/321.
However, when I increased Heuristics to "Super Deep", it picked up an
addition 10 more suspicious files. Upon further investigation, it was found
that it was picking up signatures of hacktool utilities left over in some of
the archives and flagging those files. Indeed, this is impressive.
MKS-Vir2005 exhibits the most advanced detection algorithms i've ever seen,
clearly it only had signatures for 271 of my samples, but through code
emulation, it was able to pick up all 321 samples!! It clearly labeled the
Heuristically found ones as things as "Likely Win32 Trojan" or "Highly
Suspicious Acting File". In addition, its scanning speed was incredibly
quick, and its memory footprint was quite small. Impressive! Furthermore,
this is a full featured and fairly polished product that appears to update
at least once per day, and tech support responded to me within 5-15 minutes
on my emails. Unfortunately, it appears to not be available in the US for
purchase at this time.

1a MKS_Vir 2005 - 321/321 0 Missed - 100%
1b eXtendia AVK - 321/321 0 Missed - 100%
2a Kaspersky 5.0 - 320/321 1 Missed - 99.70% (with Extended Database ON
2b McAfee VirusScan 8.0 - 319/321 + 2 (2 found as joke programs -
heuristically - 99%
3 F-Secure - 319/321 2 Missed - 99.37%
4 GData AVK - 317/321 4 Missed - 98.75%
5 RAV + Norton (2 way tie - 315/321 6 Missed - 98.13%
6 Dr.Web - 310/321 11 Missed - 96.57%
7 CommandAV + F-Prot + BitDefender (3 Way Tie - 309/321 12 Missed - 96.26%
8 ETrust - 301/321 20 Missed - 93.76%
9 Trend - 300/321 21 Missed - 93.45%
10 Avast! Pro - 299/321 22 Missed - 93.14%
11 Panda - 298/321 23 Missed - 92.83%
12 Virus Buster - 290/321 31 Missed - 90.34%
13 KingSoft - 288/321 33 Missed - 89.71%
14 NOD32 - 285/321 36 Missed (results identical with or without advanced
heuristics - 88.78%
15 AVG Pro - 275/321 46 Missed - 85.66%
16 AntiVIR - 268/321 53 Missed - 83.48%
17 Antidote - 252/321 69 Missed - 78.50%
18 ClamWIN - 247/321 74 Missed - 76.94%
19 UNA - 222/321 99 Missed - 69.15%
20 Norman - 215/321 106 Missed - 66.97%
21 Solo - 182/321 139 Missed - 56.69%
22 Fire AV - 179/321 142 Missed - 55.76%
23 V3 Pro - 109/321 212 Missed - 33.95%
24 Per_AV - 75/321 - 246 Missed - 23.36%
25 Proland - 73/321 248 Missed - 22.74%
26 Sophos - 50/321 271 Missed - 15.57%
27 Hauri - 49/321 272 Missed - 15.26%
28 CAT Quickheal - 21/321 300 Missed - 6%
29 Vir_iT - 10/321 311 Missed - 3%
30 Ikarus - Crashed on first virus. - 0%
 
N

null

REPORT:
Discovered and tested MKS-Vir2005, from Poland. Surprisingly, this one with
caught every sample perfectly on Medium Heuristics. Specifically, nearly 50
samples were picked up Heuristically giving it a perfect score of 321/321.
However, when I increased Heuristics to "Super Deep", it picked up an
addition 10 more suspicious files. Upon further investigation, it was found
that it was picking up signatures of hacktool utilities left over in some of
the archives and flagging those files. Indeed, this is impressive.
MKS-Vir2005 exhibits the most advanced detection algorithms i've ever seen,
clearly it only had signatures for 271 of my samples, but through code
emulation, it was able to pick up all 321 samples!! It clearly labeled the
Heuristically found ones as things as "Likely Win32 Trojan" or "Highly
Suspicious Acting File". In addition, its scanning speed was incredibly
quick, and its memory footprint was quite small. Impressive! Furthermore,
this is a full featured and fairly polished product that appears to update
at least once per day, and tech support responded to me within 5-15 minutes
on my emails. Unfortunately, it appears to not be available in the US for
purchase at this time.

1a MKS_Vir 2005 - 321/321 0 Missed - 100%
1b eXtendia AVK - 321/321 0 Missed - 100%
2a Kaspersky 5.0 - 320/321 1 Missed - 99.70% (with Extended Database ON
2b McAfee VirusScan 8.0 - 319/321 + 2 (2 found as joke programs -
heuristically - 99%
3 F-Secure - 319/321 2 Missed - 99.37%
4 GData AVK - 317/321 4 Missed - 98.75%
5 RAV + Norton (2 way tie - 315/321 6 Missed - 98.13%
6 Dr.Web - 310/321 11 Missed - 96.57%
7 CommandAV + F-Prot + BitDefender (3 Way Tie - 309/321 12 Missed - 96.26%
8 ETrust - 301/321 20 Missed - 93.76%
9 Trend - 300/321 21 Missed - 93.45%
10 Avast! Pro - 299/321 22 Missed - 93.14%
11 Panda - 298/321 23 Missed - 92.83%
12 Virus Buster - 290/321 31 Missed - 90.34%
13 KingSoft - 288/321 33 Missed - 89.71%
14 NOD32 - 285/321 36 Missed (results identical with or without advanced
heuristics - 88.78%
15 AVG Pro - 275/321 46 Missed - 85.66%
16 AntiVIR - 268/321 53 Missed - 83.48%
17 Antidote - 252/321 69 Missed - 78.50%
18 ClamWIN - 247/321 74 Missed - 76.94%
19 UNA - 222/321 99 Missed - 69.15%
20 Norman - 215/321 106 Missed - 66.97%
21 Solo - 182/321 139 Missed - 56.69%
22 Fire AV - 179/321 142 Missed - 55.76%
23 V3 Pro - 109/321 212 Missed - 33.95%
24 Per_AV - 75/321 - 246 Missed - 23.36%
25 Proland - 73/321 248 Missed - 22.74%
26 Sophos - 50/321 271 Missed - 15.57%
27 Hauri - 49/321 272 Missed - 15.26%
28 CAT Quickheal - 21/321 300 Missed - 6%
29 Vir_iT - 10/321 311 Missed - 3%
30 Ikarus - Crashed on first virus. - 0%

I just tried the mks on-line scanner on a larger unscientific
collection containing 2,771 files. It scanned only 2,547
of the files and alerted on 1,759. Kav scanned them all
and alerted on 2,492 files. Lotsa junk and duplicates in
there. Some day I might get around to spending 3,000 fun
packed hours refining my sample collections. Or I might
just erase the whole lot of them.

I'm sure your little sampling is much better than mine, and
you've made sure all your samples are viable. I suggest
you come back and report again when you've increased
the number of uniquely different viable and tested samples
to at least 50,000 and preferably to 100,000 .... sorted into
several categories. Then your test would definitely mean
something, and be of interest. Don't forget to include
false positive and scan speed comparisons as well. And
specify the scanner versions , option settings, OS
and test machine details.

Art




http://home.epix.net/~artnpeg
 
J

Jenna Jameson

Fair comment.

I still use Kaspersky, because of the hourly updates.

MKS_Vir only updates once per day, and eXtendia AVK is a terrible resource
hogger because of it's "double scanning engine".

Also, I have always found Kaspersky's technical support to be excellent.
 
J

Jari Lehtonen

MKS_Vir only updates once per day, and eXtendia AVK is a terrible resource
hogger because of it's "double scanning engine".

How was MKS_Vir's resource usage compared to Kaspersky's?
Jari
 
D

Dingley Mellowcreme

It's about the same!
In my experience, and I own licenses to KAV 5.0 Personal and Business
Optimal Windows Workstation as well as MKS_Vir 2005 and its non-Polish
derivative, ArcaVir 2005, I would say KAV BOWW is the more complete
AV/Trojan/Malware killer.

This is not to say the "Vir" programs are weak . . . just not as strong
at "total" protection as KAV.
 
Top