MRG Effitas Static Flash Tests 2011

Mark · Sep 20, 2011

http://malwareresearchgroup.com/2011/08/17/mrg-effitas-flash-tests-%E2%80%93-update/

...
To help give greater statistical relevance, we will include a static component to the flash tests. Twice each month, we will test using 100,000 malicious samples which are less than 72 hours old. Whilst static testing does not always assess efficacy as accurately as dynamic, it remains a convenient way to get a loose indication of performance against a large number of samples.
...

http://forums.malwareresearchgroup.com/viewtopic.php?f=18&t=627

This project is starting, we will update this post with the methodology which we will be using. Here is the final list of participants, there will be no further changes in this year (2011).

1. Avast Antivirus Professional
2. AVG Antivirus
3. Avira Antivir Premium
4. BitDefender Antivirus
5. Emsisoft Anti-Malware
6. Eset Nod32
7. F-Secure Antivirus
8. G Data Antivirus
9. Immunet Protect Plus
10. Kaspersky Antivirus
11. McAfee VirusScan Plus
12. Microsoft Security Essentials
13. Norton Antivirus
14. Panda Cloud Antivirus
15. Sunbelt VIPRE Antivirus Premium

Deleted member 178 · Sep 20, 2011

all the big ones are there, except Comodo as usual...

Jack · Sep 20, 2011

Interesting test and with such a high number of malware samples it should also be accurate.
Quick question : Why isn't COMODO tested?

HeffeD · Sep 20, 2011

Jack said:
Quick question : Why isn't COMODO tested?

If this is a paid test, Comodo doesn't agree with most of these testing organizations testing methodology because they focus too much on detection instead of prevention. Comodo's stance has always been that prevention is more important than detection. As such, they don't see the point of paying for a test that doesn't accurately test their products strongest points.

Hungry Man · Sep 20, 2011

Makes sense.

eXPerience · Sep 20, 2011

It's not paid, it's because of an already old fight Comodo and the MRG, my leaving from Comodo had partly to do with that (well that actually was the reason they needed to demote me, cause they had nothing else...)
The methodology is correct and the test are performed fairly.

Comodo will not be tested officially.

eXp

win7holic · Sep 20, 2011

i believe ,in future comodo will join on this test.

Deleted member 178 · Sep 20, 2011

maybe they will wait v6 when all powerful features will be added.

Mark · Sep 21, 2011

First, Comodo would need to make an official apology: http://forums.malwareresearchgroup.com/viewtopic.php?p=1395#p1395.

Valentin N · Sep 21, 2011

Mark said:
First, Comodo would need to make an official apology: http://forums.malwareresearchgroup.com/viewtopic.php?p=1395#p1395.

Melih said that they modified the results; they got one test result and another on the homepage which was different from what COMODO got , or something like that... If that is true then comodo does the right thing by not apologizing and not taking part of such tests.

win7holic · Sep 21, 2011

i thought same with valentine, but it's probably.
but, we don't know about what happen on there?
right? so, i can't say anything.

Deleted member 178 · Sep 21, 2011

All this affair is about "playing on the words", MRG feels it is a failure because the pop up dont "explicitly" tell it is a threat, Comodo tell it is a not a fail because it was detected and sandboxed.

IMO, if sandboxed it is not a threat anymore; at that moment CIS was not designed to be user-friendly and be used by beginners, an advanced users will recognize it as a threat.

jamescv7 · Sep 21, 2011

Seems its like Bluepoint is no longer join from flash test. Remembered that having no missed samples before.

Valentin N · Sep 21, 2011

If I remember write it's not about play with words; Someone is lying in order to protect themselves or one another bad rep. I personally believe that COMODO wouldn't lie and make such accusation; comodo would then only lose.

Slightly off-topic but relevant...... Some comodo member where saying comodo got bypassed and that comodo didn't acknowledge that, well... a few days ago a comodo member founds a malware that did bypass CIS (I got surprised). Comodo investigated it and guess what they acknowledged that got bypassed and thanked the member.

Tom172 · Sep 30, 2011

MRG Flash Test 30/09/2011 Part 1

Threat Names: Buzus, Carberp, Monder, Ruskill

Infection Vector: HTTP

Operating System: Windows 7 32-bit

http://malwareresearchgroup.com/2011/09/30/mrg-flash-test-90092011-part-1/

MRG Flash Test 30/09/2011 Part 2

MRG Flash Test 30/09/2011 Part 2
Posted on September 30, 2011
Threat Names: SpyEye, TDSS, VBInject, Zeus

Infection Vector: HTTP

Operating System: Windows 7 32-bit

http://malwareresearchgroup.com/2011/09/30/mrg-flash-test-90092011-part-2/

Deleted member 178 · Sep 30, 2011

oh ! F-Secure fails vs TDSS...surprising, SAS too but that is not a surprise, it fails many times before. disappointed by MSE heavy failure, even Immunet did better.

Search

Search

MRG Effitas Static Flash Tests 2011

Mark

New Member

Deleted member 178

Jack

Administrator

HeffeD

Level 1

Hungry Man

New Member

eXPerience

Level 1

win7holic

New Member

Deleted member 178

Mark

New Member

Valentin N

Level 2

win7holic

New Member

Deleted member 178

jamescv7

Level 85

Valentin N

Level 2

Tom172

Level 1

Deleted member 178

You may also like...