Most Effective AV's Against New Malware

Please take note, this is a daily chart based on hundreds of samples received. Non the less, if you track this daily/weekly you will soon get a very clear picture as to who's generally on top of detects, and who isn't. So in this way it's a very useful pointer.


TheKid7 posted this https://www.wilderssecurity.com/showthread.php?t=251754 Thanx


On the BotHunter www is a link to here - http://mtc.sri.com/

" Our Latest Threat Intelligence

Most Effective Antivirus Tools Against New Malware Binaries
Mon Aug 24 09:50:07 2009



detects = Antivirus system overall detection rate based on exposure to 784 malware binaries "

 

Keep in mind that VT detections are totally different compared with home user programs, e.g. KIS 9 detects a lot more malware than the VT web scanner.

 

^
Click on show me more!

 

If you put this test in the correct context, which is, vendor response time to new threats, not total detection of random files that's probably only ever infected 1 person (AVC), the results are accurate.

 

Is NO.1 MSE?

Dr Web is strong .

 

Forefront, OneCare, MSE, Defender: all use the same definitions.

Also, we all know Dr. Web is strong, I could never understand their AVC results. CureIt absolutely rocks.

 

dr web is one of the few av's which refuses to detect junk as malware and test samples do have a reasonable amount of it.

 

Dr Web doesn't have high score always.It seems Dr Web doesn't like those test.

 

Yes,the founder of Dr Web said they only fight with the viruses which make computers damaged.

 

Is AVG really that good against new malware, or is the test overrating it?

 

Check out Nod32 on the next page. 30th place at 9%. It says v2 engine though. Is that the same engine as in version 2.7? For some reason I thought Nod's current engine (4) was the same as their 2.7 version with a few enhancements.

 

yup acr my thoughts exactly

 

The "v2" text is simply an out-of-date line on their website, since they use VT results, and VT changed the text for their website from v2 to just "nod32" a long time ago, presumably as they upgraded the engine.

 

5% difference between them. Is it worth all these debates as to which is best ?

 

I agree - everytime new test results appear everyone praises no.1 and diss the ones falling behind particularly if they're "big" names. People are astounded that what is perceived as a good AV actually ranks near the bottom. The test is based on malware detection only and forgets about other preventative measures a product may have to stop malware.

If you're happy with what you've got stay with it. One test they're near top and another they're near the bottom. If you start letting results like this play with your mind then you'll never be satisfied with what you're using for long.

 

Wise words there

 

I agree that if you are happy with something, stay with it - but AntiVir has managed to be at the top or near the top every time. And if an AV suddenly falls in rank and stays there, it could be worth looking into.

 

if you decided which av to use in line with test results you'd probably end up changing them more often than your underwear:the results of these tests seem to vary on who is testing and on how they inteperete the results:-a wise saying from the past "there are lies,damn lies and statistics"

 

The above stats seem quite a bit different for the av programs than what shadowserver provides. Aren't they essentially measuring the same thing?

http://www.shadowserver.org/wiki/pmwiki.php/Stats/VirusWeeklyStats

 

Considering GData uses two engines, one being BitDefender, and BD scoring 81% with GData scoring 13% I'll make a decision to disregard shadowserver.

 

Webwasher is using the Avira engine and definitions, so it is impossible that they end up at the bottom of the table while Avira is near the top. Someone failed to parse scanner logs again, it seems...

 

Then I suppose the times at which these tests were performed have significantly influenced the outcome. After all, some of the companies listed are in different time zones and - at least the smaller ones - unlikely to operate 24/7. Has this been accounted for?

 

Updated engine with better detection than version 2.

 

Did McAfee buy out webwasher-gateway? And, if so, is Avira still pumping in the sigs?

http://www.securecomputing.com/

 

Yes, its still inside.