Eset Thailand - NOD32 Antivirus Software - Compared Proactive Detection

Products
About NOD32 NOD32 Key Features 64-bit Protection Compare Antivirus Products *Compared Proactive Detection* NOD32 vs The Competition NOD32 Enterprise Edition NOD32 for Workstations NOD32 for Email Servers NOD32 for File Servers Dell Storage Servers Promotion

Home

Compare Antivirus Products

Compared Proactive Detection

Which security product stops the most zero-day threats?

When new viruses, worms and other malicious attacks strike, traditional signature-based technology is insufficient. Every minute you wait for an update is another minute that your comptuer and network are vulnerable to damage, infection, or identity theft. ThreatSense Heuristics closes the window of vulnerability by safely identifying and stopping malware as it runs on your computer.

NOD32 has consistently been rated as the best protection against zero-day outbreaks and attacks by the world's leading antivirus testing organizations.

www.av-comparatives.org is an Austrian research lab that performs retrospective tests.
www.virustotal.com produces a newsletter listing vendors that detect outbreaks as they occur.

AV-Comparatives
The independent testing institution AV-Comparatives.org is an antivirus research project coordinated by Andreas Clementi with the support of the Innsbrucker Kompetenzzentrum / Computernotdienst. The AV-Comparatives.org “Retrospective/Proactive Test” compared 11 different antivirus products’ abilities to proactively identify the increasing complexity and zero-day nature of today’s threats. The stringent testing used recent In-the-Wild samples and a variety of other malware, Trojans, viruses and worms affecting Windows and other operating systems. To effectively test the products for proactive detection, the organization used new malware samples, and tested them against the products without updating the antivirus signature.

The November study revealed that of the eight new viruses that have been released In-the-Wild in the preceding three months, customers of Symantec, Trend Micro and Kaspersky had proactive detection for none of these threats, leaving them at risk until the vendors could provide a signature update. McAfee customers were only protected from a single virus without updating. ESET’s NOD32 customers were protected four times more often against new viruses, and 95% more often across all new samples used in the test, including In-the-Wild threats, backdoors, Trojans and other malware. This is the second study conducted by AVComparatives.org on this topic in 2005. Over the course of both studies, NOD 32 proactively detected 50 out of 59 In-the-Wild samples used, or 85%. More details can be found at http://www.av-comparatives.org/ The graph shows the accuracy of heuristic-based detection and the performance of several antivirus vendors' products. The data is derived by determining whether or not a given antivirus product detects a new virus without requiring a signature update. If it does, then heuristic detection has succeeded (note: in some cases, well-written signatures can detect future variants).

VirusTotal.com
This independent consulting firm based in Spain performs real-time analysis of malware outbreak detection across a wide range of antivirus vendors. And as you can see from the graph below, NOD32 has by far the highest detection rate, and the fastest performance (tested separately by Virusbulletin). In fact, NOD32 is on average, 2-10 times faster than the competition.

See the table below for complete accounting of how antivirus vendors products detected major worm outbreaks

Worm Outbreaks	ESET NOD32	Kaspersky	McAfee	Norman	Panda	Symantec	Trend Micro
Proactive Detection Rate (%)	87%	13%	33%	60%	53%	7%	0%
Number Detected out of 15	13	2	5	9	8	1	0
Win32/Bagle.AH (2004-07-19)	X			X
Win32/Bagle.AI (2004-08-09)	X	NA	X	X	X	NA
Win32/MyDoom.T (2004-08-16)	X		X	X
Win32/Bagle.AJ (2004-09-01)			X	X	X	X
Win32/Netsky.B1 (2004-10-13)	X	X		X
Win32/Bagle.AS (2004-10-29)	X
Win32/Bagle.AU (2004-10-29)	X
Win32/Sober.I (2004-11-19)
Win32/Pawur.A (2004-11-22)	X
Win32/Zafi.D (2004-12-14)	X		X		X1	NA
Win32/Bagle.AW (2005-01-27)	X			X	X1
Win32/Bagle.AX (2005-01-27)	X			X	X1
Win32/MyDoom.R.MEW (2005-02-16)	X	X		X	X1
Win32/Sober.O (2005-05-02)	X		X	X	X1	NA
Win32/Zotob (2005-8-29)	X				X

Source: www.VirusTotal.com, aggregated statistics through August 29, 2005. Performance data based on VirusBulletin testing of the Windows 2003 Advanced Server (Virusbulletin, October 2005).

X Detected by Heuristics (Global Threat)
X1 Stopped by Behaviour Blocker (cannot be used on email servers)
NA Product didn't participate on the report
(*) Panda TruPrevent is included on the reports since December 2004