AV Tests

Hence the reason I dont use an antivirus anymore

 

Although antivirus does not provide all the protection we need it will have to do till the everyday user learns how to use something like Sandboxie or Defensewall. For us tech members here we have no need for antivirus software but the average user does.

The average user would get tired of ShadowDefender because all their files are gone after reboots, they would get tired of a classical HIPS like Online Armor or Comodo because of all the popups, and they would most likely get rid of Defensewall or GeSwall because it stops them from downloading stuff with one click.

Till it becomes the norm to use this stuff antivirus vendors will have to keep working on improving their detection rates and we techies will have to teach them how to use Policy Based HIPS and other "advance tools".

So in my personal opinion currently the layered security setup is the way to go. Till everyone get's used to running a HIPS we have no other choices.

 

AVs with active guard are basically unreliable even with the cloud extension. 0 days will remain new undetected malware until they are detected. I still find a scanner useful to recognize malware as the only way to do this task 'on demand'. Most AVs will detect malware that is 10 days old, which is already a great advantage if one wants to keep anything from a sandbox or virtual system.

I don't think the situation is really dramatic, seen TheIgster results, as in most situations common sense would be enough to avoid any infection.

 

ClamWin has some serious reasons to exist. Do you understand that clamwin is an open source antivirus?

TheIgster thank you for your new tests. Great work!

 

So true, but it's fun to try all these software at least for me.

 

Which is not a whole lot. You NEVER look at what alerts were display as an indication of what was blocked. You always must look at what was left on the machine after the test.

4. Norton AntiVirus 2010

Stopped/Reported: 13
No Reported Threat: 12
MBAM Infections Found: 22

Overall: 52%

3. Avast

Stopped/Reported: 16
No Reported Threat: 9
MBAM Infections Found: 27

Overall: 64%

2. G Data

Stopped/Reported: 18
No Reported Threat: 7
MBAM Infections Found: 22

Overall: 72%


So if you are using MBAM infections found, then I dont see how Norton didn't beat AVAST. Also, which browser did you use to download the threats. Norton Insight should have alerted on all your downloads. Please post MD5s of your samples here.

 

I'm not sure what you are getting at here. Malwarebytes was stated as being used AFTER the tests to see what type of infections were on the system, regardless of what prompts were shown. Anytime an AV threw up a notice of infection, virus, whatever, they were given 1 as alerted/stopped.

Your line:

doesn't make sense to me. What?

I was actually using Opera as the browser.

Norton reported 13 while 12 links Norton didn't say a word and allowed the running of the file, etc. 22 infections were found after the fact with Norton, using MBAM. Yes, 27 were found with Avast, but that could simply mean that one of the threats that got through created more problems than one that got through Norton for example. Perhaps more registry key entries, etc.

I don't have MD5's for the samples.

 

Does NAV incluses Norton download insight and SONAR 2?

 

Yes, I too would like someone to answer that.

 

I think Avira would have done alot better if it was tweaked properly. Their default config is horrible. All should be checked under the "extended threat categories section" (as stated earlier in this thread). Heuristic detection should be set to high (the default is medium - just bad). Scanning of All archives should be checked...not only a select few. Scanning when reading and writing should be enabled as well. Do this and I think you would have gotten a much better result from Avira.

Also, Aigle...I noticed that you tested Avira 8...why not Avira 9?

 

I'm sorry, but what?

 

I wanted to know whether Norton Antivirus also includes the Download insight and Sonar. Well, according to the product comparative page it does:

http://www.symantec.com/norton/internet-security

How did Norton miss so many, did you ignore the download insight warnings?
How did Kaspersky detect the rogue, the category "other" is not checked by default?

Interesting I'll see whether AV-C and AV Test dynamic tests will give the same results.

You should upload some of your videos on youtube, people will not have many questions then.lol

 

Why not Online Armor ++ as well? Or Trend Micro? Or Spyware Doctor with AV?

 

Hmm... the thread is becoming hot.

 

Download Insight is application dependent, it doesn't support Opera AFAIK (which he used).

Some of the rogues are in the "Red" category, labeled as Trojans and Trojan-Downloaders (FraudPack etc.). Plus there's WebAV Website blacklist (both blocked by default).

 

Thanks it clears my doubts now.

 

I strongly disagree. What if:
1. MBAM does not detect it.
2. MBAM detects the file as well as registry modifications the file makes.

 

I agree. The advanced settings is what makes Avira so good.

 

Why don't Avira keep it on by default then? Surely they want to protect users - and I would not consider fraudware as an extended threat category as it has no legitimate use.

 

It flagged NormanVirusControl_599SU_ENG_R19.msi (Installer for Norman Virus Control w/c i downloaded from Norman ASA's website) as unknown.

 

you sound like a norton fanboy with some of your "questions":-these type posts just prove my earlier post to be true:-the only tests members on here think are accurate are the ones that give the results that they want!

 

Not to mention,that one of those parts of Norton is rep. based, and sometimes wrong, as in this forums we've seen it flag Panda, if we're to count that as part of the antivirus then Wot and Mcafee siteguard and the one Trend Mirco offers would/could be included with any antivirus and, would the safe site scan in IE8 be a part of an antivirus test. I don't think so, he was testing default real time scanners not not the max that each system is capable of, and done a great job, Thanks.

 

I'm afraid but you are mistaken my friend!

Why would I use a paid AV when I never get infected? I'm currently using Avast free and Comodo firewall and my PC is malware free.

However when I have to recommend an AV to a friend, I will choose the best! In dynamic tests by AV-C, AV Test and Denis lab, NIS was among the best(beating KIS, Avira and Avast), this is why I was quite surprised to see the poor results here.

We have a variety of choice these days, so we should choose the very best instead of being stuck with a particular AV! The environment is always changing and if NIS cannot keep up with the new threats, it will be dumped!

 

That explains it Norton Insight doesn't support Opera. Had you been using IE or Firefox which account for 90+% of the market or more, you would have seen an Insight dialog for all your downloads. So your Norton results are bogus.

 

Based on these results, I can only assume that the reason you ranked Avast higher than Norton was because it "CLAIMED" to block more threats i.e. 16 vs Norton's 13 even though your MBAM test showed that the Avast system was left more infected than the Norton system. Explain. You NEVER should depend on alerts by the product. They just plain lie. Check the AMTSO testing principles.