Hello everyone, I have finished the latest PCSL Total Protection Testing Report. This time, we have added one new vendor: G DATA into our testing Platform.

So now there are 14 vendors offically taking part in the public testing and 3 other vendors in the internal testing list.

Detailed report you can visit PCSL's offical website:
http://www.pcsecuritylabs.net/news.php?readmore=23

And pdf report download link:
http://www.pcsecuritylabs.net/document/PCSL200903report.zip

I will be glad if you can give me your suggestions and comments:) Thank you in advance;)

The sample set is only 2056. And most AVs get a 98+% detection on it. The difference (if any) is very marginal. Hence 11/14 get 5-stars Excellent rating.

Really nothing much to help evaluate the difference between the AVs. IMO, if they increase their sample set by 5x or so, one would be able to see a much greater difference between the products and the test would be more interesting.

Great testing, very easy to read and understand.

My only suggestion would be to add total number of static plus dynamic, to compare it to the total malware number.

My brain can add it up ok, just would be easier to see. See below in red.

207538

vijayind, that's true, but I think it's still a solid effort to see them actually running each missed sample to see if the 'real time scanner' detects these.

Must take awhile to not only scan, but run each missed sample.

-{ Quote: "Great testing, very easy to read and understand.

My only suggestion would be to add total number of static plus dynamic, to compare it to the total malware number.

My brain can add it up ok, just would be easier to see. See below in red.

207538" }-


agree, will add it in the next report.
Many thanks:)


-{ Quote: "The sample set is only 2056. And most AVs get a 98+% detection on it. The difference (if any) is very marginal. Hence 11/14 get 5-stars Excellent rating.

Really nothing much to help evaluate the difference between the AVs. IMO, if they increase their sample set by 5x or so, one would be able to see a much greater difference between the products and the test would be more interesting." }-

The detection rate not only include the number while holding a static scanning but also successful block of malware infection in the dynamic testing. For the testing sample set, I will try my best to increase the number. While, for checking each sample's functionality(executable or not, malicious or not) by manual, the task is huge:wacko:

In order to decrease the influence of plenty of samples for one type(such as 200 samples for one variety, if you can detect it, you will get 200 detection number, if not, you will get 0 detection), so we randomly select only one sample from each variety.

Anyway, I agree with you that more sample is better, I will try my best to enlarge that to give you a better view.
Many thanks for you suggestions;D

pcslinfo, I still think your test shows, for the average everyday user, using the AVs listed in your report, you are adequately protected. Really, those AVs on the lower end of your list, they are still decent programs.

I mean, most users will only come across a few viruses/spyware a year. Yes only one file can get you good, but that's the luck of the draw. You could use G Data, and the one file it misses, ends up being the one file that sinks your system.

-{ Quote: "pcslinfo, I still think your test shows, for the average everyday user, using the AVs listed in your report, you are adequately protected.

I mean, most users will only come across a few viruses/spyware a year." }-
I will hold some other testing such as heur testing, response time testing later:)
You can call me jeff8)

-{ Quote: "I will hold some other testing such as heur testing, response time testing later:)
You can call me jeff8)" }-
I like your methodology and appreciate your efforts in this testing :thumb:

Atleast Dr.Web improved by ~3-4 percent.

-{ Quote: "
The detection rate not only include the number while holding a static scanning but also successful block of malware infection in the dynamic testing. For the testing sample set, I will try my best to increase the number. While, for checking each sample's functionality(executable or not, malicious or not) by manual, the task is huge:wacko:

In order to decrease the influence of plenty of samples for one type(such as 200 samples for one variety, if you can detect it, you will get 200 detection number, if not, you will get 0 detection), so we randomly select only one sample from each variety.

Anyway, I agree with you that more sample is better, I will try my best to enlarge that to give you a better view.
Many thanks for you suggestions;D" }-

Hi Jeff,
There is no decrying your efforts. And thanks again for listening to my views.:thumb:
On the sample set front, I would suggest prudence in selection and to include variants of a given malware. Not all AVs have good generic signatures or heuristics, hence they catch the malware but not its morphing variants. A good example of this would be XPAntivirus 2008, although almost all AVs detect the original most miss out the new variants.
Hence if possible I would suggest adding selective variants of malware to your set too. This will increase the sample size and from your reports ppl like me can see which vendors actually take effort to have good generic/behavioral/heuristic solutions.

EDIT: Also could you pull a miracle and coax Inspector and Sunbelt to include VIPRE in the tests ?? I really want to see how VIPRE stacks up in independent testing alongside the competition.

-{ Quote: "Hi Jeff,
There is no decrying your efforts. And thanks again for listening to my views.:thumb:
On the sample set front, I would suggest prudence in selection and to include variants of a given malware. Not all AVs have good generic signatures or heuristics, hence they catch the malware but not its morphing variants. A good example of this would be XPAntivirus 2008, although almost all AVs detect the original most miss out the new variants.
Hence if possible I would suggest adding selective variants of malware to your set too. This will increase the sample size and from your reports ppl like me can see which vendors actually take effort to have good generic/behavioral/heuristic solutions.

EDIT: Also could you pull a miracle and coax Inspector and Sunbelt to include VIPRE in the tests ?? I really want to see how VIPRE stacks up in independent testing alongside the competition." }-

Actually, to select one representative one variant is to ensure that we can cover more variants of our samples set. For more vendors to join my testing, I will try my best to invite.

Any constructive views will always be welcome and it will be kindly for you to provide your suggestion to help me improve. Many thanks for you:)

@pcslinfo
Jeffrey, quick message from me this time. First of all thanks for your work. I'll be looking at the report tomorrow.

Ps. I assume for report NO.4 you use TIS 17.1? The Chinese locale was (finally) released on March 25th.

Thanks pcslinfo for posting a link to your test results.

So, the reality of this test is kind of what some of the more astute here have been saying for years. You can go with any of them and be just about as secure as using another.

-{ Quote: "So, the reality of this test is kind of what some of the more astute here have been saying for years. You can go with any of them and be just about as secure as using another." }-Per the statement quoted below, it appears that PCSL has tested ONLY those AVs that agreed to take part in the public testing.

If that is the case, then one might *assume* that those AVs that agreed to be tested have a lot of confidence in their product, and vice versa for those who declined.

If that is the case, then I would agree that "You can go with any of THEM", but with the caveat that . . .

"THEM" = ONLY those who agreed to be tested

-{ Quote: "So now there are 14 vendors offically taking part in the public testing" }-

Has anyone here ever use A-Squared? Any thoughts on it? I just installed the trial version just to try something other than the big boys (Kaspersky, Norton, Avira, etc). :)

I have been using it off and on for several months. From tests I have seen, it has excellent detection with a fair amount of FP's and I have seen more than a few. In my setup it runs a bit heavy along side either DefenseWall or Online Armor. Maybe I haven't spent enough time tweaking the options.

-{ Quote: "Has anyone here ever use A-Squared? Any thoughts on it? I just installed the trial version just to try something other than the big boys (Kaspersky, Norton, Avira, etc). :)" }-A-squared uses the Ikarus Antivirus engine and signatures PLUS the Mamatu behavior blocker engine. All in all, it's a lot of bang for the buck IMO.

I don't want to hijack this thread, so I'll make this brief. I've been running A-Squared a good part of a day. I'm still feeling my way around it, but so far I like it. I might have to add this to my collection of anti-malware software. :)

No need to hijack, as PCSL's test showed a-squared as one of the top in the bunch.

If you got the extra ram, definitely worth it, as you are getting more than a standard AV. If they create the program that uses half the resources, it'll be even more popular here.

-{ Quote: "@pcslinfo
Jeffrey, quick message from me this time. First of all thanks for your work. I'll be looking at the report tomorrow.

Ps. I assume for report NO.4 you use TIS 17.1? The Chinese locale was (finally) released on March 25th." }-

TM simplified chinese edition is still in beta, and I am not sure when it will finally be released.

-{ Quote: "Thanks pcslinfo for posting a link to your test results." }-

Many thanks for your consideration, and I will try my best to improve the test.

-{ Quote: "I don't want to hijack this thread, so I'll make this brief. I've been running A-Squared a good part of a day. I'm still feeling my way around it, but so far I like it. I might have to add this to my collection of anti-malware software. :)" }-

You are welcome to post what you want to know and what you wanna say;D

-{ Quote: "You are welcome to post what you want to know and what you wanna say;D" }-


I'm still running and liking a-squared. The only negative I've found so far has to do with scanning. By default, an on demand and/or scheduled deep scan does not scan with heuristics enabled. You have to start a custom scan, configure it with heuristics scanning enabled. After the custom scan has run, it is saved in the a-squared folder, under Scansets. You then add that scanset into your scheduled scan configuration, and heuristic scanning is enabled from then on. I got this info from the a-squared forum. Why they make it that difficult, I have no idea. :-\

Why is Bitdefender out from testing ?

-{ Quote: "Why is Bitdefender out from testing ?" }-
Read post #15.

Seems they didn't want to be tested.