=============================== File 6HCMP32.TXT ------------------------------- Comparison of Detection Quality of 32-Bit Scanning Engines: (Win-98 / Win-NT / Win-2000) =============================== Formatted with non-proportional font (Courier) The following tables summarize the respective detection rates of products on different 32-bit platforms (Windows 98, Windows-NT, and Windows-2000 respectively, concerning products with results on ALL platforms). Products with identical detection quality for both instantiations of 32-bit engines are marked with "*". Comparative tables: ------------------- Table Comp.M1v: Detection of Zoo Macro viruses Table Comp.M1f: Detection of Zoo Macro viral files Table Comp.M2v: Detection of ITW Macro viruses Table Comp.M2f: Detection of ITW Macro viral files Table Comp.M3m: Detection of Zoo Macro Malware Table Comp.S1v: Detection of Zoo Script viruses Table Comp.S1f: Detection of Zoo Script viral files Table Comp.S2v: Detection of ITW Script viruses Table Comp.S2f: Detection of ITW Script viral files Table Comp.S3m: Detection of Zoo Script Malware Table Comp.M1v: Detection Quality of Zoo Macro Viruses: ======================================================= ====== Detection Quality ========= W32 results Scanner Win-NT % Win-2k % Win-98 % match -------------------------------------------------------------- Testbed 6762 100.0 6762 100.0 6762 100.0 -------------------------------------------------------------- ANT 6566 97.1 --- --- 6587 97.4 AVA 6604 97.7 6604 97.7 6605 97.7 AVG 6651 98.4 6651 98.4 6651 98.4 * AVK 6762 100.0 6762 100.0 6762 100.0 * AVP 6761 100.0 6761 100~ 6761 100~ * AVX 6703 99.1 --- --- 6703 99.1 * CMD 6760 100.0 6760 100~ 6760 100~ * DRW 6725 99.5 6725 99.5 6725 99.5 * DSE --- --- --- --- 6610 97.8 - FPR 6760 100.0 6760 100~ 6760 100~ * FPW 6760 100.0 6760 100~ 6760 100~ * FSE 6762 100.0 6762 100.0 6762 100.0 * IKA 6451 95.4 --- --- --- --- - INO 6755 99.9 6755 99.9 6755 99.9 * NAV 6726 99.5 6726 99.5 6731 99.5 NVC 6751 99.8 6751 99.8 6751 99.8 * PAV 6762 100.0 6762 100.0 6762 100.0 * QHL 0 0.0 --- --- 0 0.0 * RAD 6726 99.5 --- --- --- --- (*) RAV 6726 99.5 6726 99.5 6726 99.5 * SCN 6762 100.0 6762 100.0 6762 100.0 * VSP 1 0.0 1 0.~ 1 0.~ * -------------------------------------------------------------- (*) Remark: concerning RAD/RAV, see 8problms.txt. Table Comp.M1f: Detection Quality of Zoo Macro viral objects: ============================================================= ====== Detection Quality ========= W32 results Scanner Win-NT % Win-2k % Win-98 % match -------------------------------------------------------------- Testbed 21677 100.0% 21677 100.0% 21677 100.0% -------------------------------------------------------------- ANT 20811 96.0 --- --- 20853 96.2 AVA 21202 97.8 21202 97.8 21206 97.8 AVG 21387 98.7 21387 98.7 21387 98.7 * AVK 21674 100.0 21674 100~ 21674 100~ * AVP 21673 100.0 21673 100~ 21673 100~ * AVX 21474 99.1 --- --- 21474 99.1 * CMD 21672 100.0 21672 100~ 21672 100~ * DRW 21574 99.5 21574 99.5 21574 99.5 * DSE --- --- --- --- 20971 96.7 - FPR 21672 100.0 21672 100~ 21672 100~ * FPW 21672 100.0 21672 100~ 21672 100~ * FSE 21677 100.0 21677 100.0 21677 100.0 * IKA 20723 95.6 --- --- --- --- - INO 21651 99.9 21651 99.9 21651 99.9 * NAV 21495 99.2 21495 99.2 21520 99.3 NVC 21622 99.7 21622 99.7 21622 99.7 * PAV 21674 100.0 21674 100~ 21674 100~ * QHL 0 0.0 --- --- 0 0.0 * RAD 21546 99.4 --- --- --- --- (*) RAV 21545 99.4 21545 99.4 21545 99.4 * SCN 21677 100.0 21677 100.0 21677 100.0 * VSP 1 0.0 1 0.~ 1 0.~ * -------------------------------------------------------------- (*) Remark: concerning RAD/RAV, see 8problms.txt. Table Comp.M2v: Detection Quality of ITW Macro Viruses: ======================================================= ====== Detection Quality ========= W32 results Scanner Win-NT % Win-2k % Win-98 % match -------------------------------------------------------------- Testbed 143 100.0% 143 100.0% 143 100.0% -------------------------------------------------------------- ANT 142 99.3 --- --- 142 99.3 * AVA 143 100.0 143 100.0 143 100.0 * AVG 143 100.0 143 100.0 143 100.0 * AVK 143 100.0 143 100.0 143 100.0 * AVP 143 100.0 143 100.0 143 100.0 * AVX 143 100.0 --- --- 143 100.0 * CMD 143 100.0 143 100.0 143 100.0 * DRW 143 100.0 143 100.0 143 100.0 * DSE --- --- --- --- 140 97.9 - FPR 143 100.0 143 100.0 143 100.0 * FPW 143 100.0 143 100.0 143 100.0 * FSE 143 100.0 143 100.0 143 100.0 * IKA 142 99.3 --- --- --- --- - INO 143 100.0 143 100.0 143 100.0 * NAV 143 100.0 143 100.0 143 100.0 * NVC 143 100.0 143 100.0 143 100.0 * PAV 143 100.0 143 100.0 143 100.0 * QHL 0 0.0 --- --- 0 0.0 * RAD 143 100.0 --- --- --- --- (*) RAV 143 100.0 143 100.0 143 100.0 * SCN 143 100.0 143 100.0 143 100.0 * VSP 0 0.0 0 0.0 0 0.0 * -------------------------------------------------------------- (*) Remark: concerning RAD/RAV, see 8problms.txt. Table Comp.M2f: Detection Quality of ITW Macro viral files: ========================================================== ====== Detection Quality ========= W32 results Scanner Win-NT % Win-2k % Win-98 % match -------------------------------------------------------------- Testbed 1308 100.0% 1308 100.0% 1308 100.0% -------------------------------------------------------------- ANT 1294 98.9 --- --- 1294 98.9 * AVA 1305 99.8 1305 99.8 1305 99.8 * AVG 1308 100.0 1308 100.0 1308 100.0 * AVK 1308 100.0 1308 100.0 1308 100.0 * AVP 1308 100.0 1308 100.0 1308 100.0 * AVX 1308 100.0 --- --- 1308 100.0 * CMD 1308 100.0 1308 100.0 1308 100.0 * DRW 1308 100.0 1308 100.0 1308 100.0 * DSE --- --- --- --- 1275 97.5 - FPR 1308 100.0 1308 100.0 1308 100.0 * FPW 1308 100.0 1308 100.0 1308 100.0 * FSE 1308 100.0 1308 100.0 1308 100.0 * IKA 1299 99.3 --- --- --- --- - INO 1308 100.0 1308 100.0 1308 100.0 * NAV 1308 100.0 1308 100.0 1308 100.0 * NVC 1305 99.8 1305 99.8 1305 99.8 * PAV 1308 100.0 1308 100.0 1308 100.0 * QHL 0 0.0 --- --- 0 0.0 * RAD 1302 99.5 --- --- --- --- (*) RAV 1302 99.5 1302 99.5 1302 99.5 * SCN 1308 100.0 1308 100.0 1308 100.0 * VSP 0 0.0 0 0.0 0 0.0 * -------------------------------------------------------------- (*) Remark: concerning RAD/RAV, see 8problms.txt. Table Comp.M3m: Detection Quality of Zoo Macro Malware: ======================================================= ====== Detection Quality ========= W32 results Scanner Win-NT % Win-2k % Win-98 % match -------------------------------------------------------------- Testbed 683 100.0% 683 100.0% 683 100.0% -------------------------------------------------------------- ANT 606 88.7 --- --- 612 89.6 AVA 584 85.5 584 85.5 586 85.8 AVG 584 85.5 584 85.5 584 85.5 * AVK 682 99.9 682 99.9 682 99.9 * AVP 682 99.9 682 99.9 682 99.9 * AVX 630 92.2 --- --- 630 92.2 * CMD 676 99.0 676 99.0 676 99.0 * DRW 622 91.1 622 91.1 622 91.1 * DSE --- --- --- --- 580 84.9 - FPR 676 99.0 676 99.0 676 99.0 * FPW 676 99.0 676 99.0 676 99.0 * FSE 682 99.9 682 99.9 682 99.9 * IKA 612 89.6 --- --- --- --- - INO 653 95.6 647 94.7 653 95.6 NAV 596 87.3 596 87.3 596 87.3 * NVC 660 96.6 660 96.6 660 96.6 * PAV 683 100.0 683 100.0 683 100.0 * QHL 0 0.0 --- --- 0 0.0 * RAD 663 97.1 --- --- --- --- (*) RAV 662 96.9 663 97.1 663 97.1 SCN 683 100.0 683 100.0 683 100.0 * VSP 1 0.1 1 0.1 1 0.1 * -------------------------------------------------------------- (*) Remark: concerning RAD/RAV, see 8problms.txt. Table Comp.S1v: Detection Quality of Zoo Script Viruses: ======================================================== ====== Detection Quality ========= W32 results Scanner Win-NT % Win-2k % Win-98 % match -------------------------------------------------------------- Testbed 588 100.0% 588 100.0% 588 100.0% -------------------------------------------------------------- ANT 481 81.8 --- --- 481 81.8 * AVA 174 29.6 174 29.6 198 33.7 AVG 370 62.9 370 62.9 370 62.9 * AVK 588 100.0 588 100.0 588 100.0 * AVP 588 100.0 588 100.0 588 100.0 * AVX 412 70.1 --- --- 412 70.1 CMD 552 93.9 548 93.2 552 93.9 DRW 561 95.4 561 95.4 561 95.4 * DSE --- --- --- --- 429 73.0 - FPR 558 94.9 556 94.6 556 94.6 FPW 556 94.6 556 94.6 556 94.6 * FSE 588 100.0 588 100.0 588 100.0 * IKA 457 77.7 --- --- --- --- - INO 559 95.1 552 93.9 559 95.1 NAV 554 94.2 554 94.2 554 94.2 * NVC 537 91.3 537 91.3 537 91.3 * PAV 588 100.0 588 100.0 588 100.0 * QHL 1 0.2 --- --- --- --- - RAD 485 82.5 --- --- --- --- - RAV 1 0.2 485 82.5 485 82.5 (*) SCN 587 99.8 587 99.8 587 99.8 * VSP 494 84.0 494 84.0 494 84.0 * -------------------------------------------------------------- (*) Remark: concerning RAD/RAV, see 8problms.txt. Table Comp.S1f: Detection Quality of Zoo Script viral files: ============================================================ ====== Detection Quality ========= W32 results Scanner Win-NT % Win-2k % Win-98 % match -------------------------------------------------------------- Testbed 1079 100.0% 1079 100.0% 1079 100.0% -------------------------------------------------------------- ANT 835 77.4 --- --- 837 77.6 AVA 380 35.2 380 35.2 444 41.1 AVG 727 67.4 727 67.4 727 67.4 * AVK 1079 100.0 1079 100.0 1079 100.0 * AVP 1079 100.0 1079 100.0 1079 100.0 * AVX 730 67.7 --- --- 730 67.7 * CMD 987 91.5 980 90.8 987 91.5 DRW 992 91.9 992 91.9 992 91.9 * DSE --- --- --- --- 753 69.8 - FPR 994 92.1 991 91.8 991 91.8 FPW 989 91.7 989 91.7 989 91.7 * FSE 1076 99.7 1076 99.7 1077 99.8 IKA 812 75.3 --- --- --- --- - INO 1022 94.7 995 92.2 1022 94.7 NAV 984 91.2 984 91.2 984 91.2 * NVC 960 89.0 960 89.0 960 89.0 * PAV 1079 100.0 1079 100.0 1076 99.7 QHL 1 0.1 --- --- --- --- - RAD 800 74.1 --- --- --- --- - RAV 1 0.1 800 74.1 800 74.1 (*) SCN 1077 99.8 1077 99.8 1077 99.8 * VSP 835 77.4 835 77.4 835 77.4 * -------------------------------------------------------------- (*) Remark: concerning RAD/RAV, see 8problms.txt. Table Comp.S2v: Detection Quality of ITW Script Viruses: ======================================================== ====== Detection Quality ========= W32 results Scanner Win-NT % Win-2k % Win-98 % match -------------------------------------------------------------- Testbed 19 100.0% 19 100.0% 19 100.0% -------------------------------------------------------------- ANT 19 100.0 --- --- 19 100.0 * AVA 18 94.7 18 94.7 18 94.7 * AVG 19 100.0 19 100.0 19 100.0 * AVK 19 100.0 19 100.0 19 100.0 * AVP 19 100.0 19 100.0 19 100.0 * AVX 19 100.0 --- --- 19 100.0 * CMD 19 100.0 18 94.7 19 100.0 DRW 19 100.0 19 100.0 19 100.0 * DSE --- --- --- --- 10 52.6 FPR 19 100.0 19 100.0 19 100.0 * FPW 19 100.0 19 100.0 19 100.0 * FSE 19 100.0 19 100.0 19 100.0 * IKA 18 94.7 --- --- --- --- - INO 19 100.0 19 100.0 19 100.0 * NAV 19 100.0 19 100.0 19 100.0 * NVC 19 100.0 19 100.0 19 100.0 * PAV 19 100.0 19 100.0 19 100.0 * QHL 1 5.3 --- --- --- --- - RAD 18 94.7 --- --- --- --- (*) RAV 0 0.0 18 94.7 18 94.7 SCN 19 100.0 19 100.0 19 100.0 * VSP 17 89.5 17 89.5 17 89.5 * ----------------------------------------------------------- (*) Remark: concerning RAD/RAV, see 8problms.txt. Table Comp.S2f: Detection Quality of ITW Script viral files: ============================================================ ====== Detection Quality ========= W32 results Scanner Win-NT % Win-2k % Win-98 % match -------------------------------------------------------------- Testbed 110 100.0% 110 100.0% 110 100.0% -------------------------------------------------------------- ANT 109 99.1 --- --- 109 99.1 * AVA 99 90.0 99 90.0 100 90.9 AVG 107 97.3 107 97.3 107 97.3 * AVK 110 100.0 110 100.0 110 100.0 * AVP 110 100.0 110 100.0 110 100.0 * AVX 110 100.0 --- --- 110 100.0 * CMD 109 99.1 108 98.2 109 99.1 DRW 110 100.0 110 100.0 110 100.0 * DSE --- --- --- --- 72 65.5 - FPR 109 99.1 109 99.1 109 99.1 * FPW 109 99.1 109 99.1 109 99.1 * FSE 110 100.0 110 100.0 110 100.0 * IKA 101 91.8 --- --- --- --- - INO 110 100.0 110 100.0 110 100.0 * NAV 110 100.0 110 100.0 110 100.0 * NVC 110 100.0 110 100.0 110 100.0 * PAV 110 100.0 110 100.0 110 100.0 * QHL 1 0.9 --- --- --- --- - RAD 106 96.4 --- --- --- --- (*) RAV 0 0.0 107 97.3 107 97.3 SCN 110 100.0 110 100.0 110 100.0 * VSP 87 79.1 87 79.1 87 79.1 * -------------------------------------------------------------- (*) Remark: concerning RAD/RAV, see 8problms.txt. Table Comp.S3m: Detection Quality of Zoo Script Malware: ======================================================== ====== Detection Quality ========= W32 results Scanner Win-NT % Win-2k % Win-98 % match -------------------------------------------------------------- Testbed 30 100.0% 30 100.0% 30 100.0% -------------------------------------------------------------- ANT 0 0.0 --- --- 0 0.0 * AVA --- --- --- --- 0 0.0 - AVG 5 16.7 5 16.7 5 16.7 * AVK 30 100.0 30 100.0 30 100.0 * AVP 30 100.0 30 100.0 30 100.0 * AVX 3 10.0 --- --- 3 10.0 * CMD 16 53.3 16 53.3 16 53.3 * DRW 9 30.0 9 30.0 9 30.0 * DSE --- --- --- --- 23 76.7 - FPR 16 53.3 16 53.3 16 53.3 * FPW 16 53.3 16 53.3 16 53.3 * FSE 30 100.0 30 100.0 30 100.0 * IKA 8 26.7 --- --- --- --- - INO 19 63.3 19 63.3 19 63.3 * NAV 11 36.7 11 36.7 11 36.7 * NVC 2 6.7 2 6.7 2 6.7 * PAV 30 100.0 30 100.0 30 100.0 * QHL 1 3.3 --- --- --- --- - RAD 25 83.3 --- --- --- --- (*) RAV 0 0.0 25 83.3 25 83.3 (*) SCN 30 100.0 30 100.0 30 100.0 * VSP 6 20.0 6 20.0 6 20.0 * -------------------------------------------------------------- (*) Remark: concerning RAD/RAV, see 8problms.txt.