AV Reviews - Get to the facts

Does anyone know of any good reviews/tests on various AV programs?

The only one I have found has been http://www.schadentech.com/Reviews/Antivirus/antivirus_roundup.htm

It would be nice to see a few more reviews about the detection rate for other AV software.

Thanks

 

http://www.av-comparatives.org/
and
http://wilders.org/

 

http://www.av-comparatives.org

http://www.virus.gr

 

Is there anything about tests on AVG? I am mainly looking for tests comparing AVG to other paid AV programs. Looking for detection rate mostly.

Also, I couldn't find any info @ http://www.virus.gr/english/fullxml/

 

Then try this link:- http://www.virus.gr/english/fullxml/default.asp?id=67&mnu=67

 

Great review & expected results

I know quite a few people who use AVG Free, I just wish more of these results were published.

AVG Free is good if you have no money, but when you can get something like Norton for $30, I would much rather use it over AVG Free.

It is rather hard to find these reviews, I searched Google and came up with nothing!

 

I think Command is about $20 last time I checked. I think I will make a change my sig. .

Topper & Merlin I bookmarked the site. Thanks for the info.

Taking another look I would note that Trojans was one of the nasties thrown at these AV's I really want to be clear about this. AV's should be supplemented with AT programs as well.

What is really bad is the $$ people fork out for ZA Security Suite and look at that one...

 

Rokop, mostly German, but a few tests in English. They not only test the detection rate, but also installation, user interface, and other nice items.

 

Great stuff guys.

If there are more places that showcase their tests, please be sure to share them. I would really like to collect as many test results as possible.

 

There is another good German one out there but I can't seem to find it now - anyone got it bookmarked?

Here's another one:- http://www.virusbtn.com/vb100/archives/products.xml?table

 

I'm afraid that such a test/review like this can get to misleading instead of the facts. There're so many factors behind the scores 60%, 80%, 90% detection rates they claim.

It's almost useless to put 1,000,000 malware to a test if a tester doesn't really know how circulation state in the real world of all those malware. Detecting 99% or 100% of all 1,000,000 malware looks good but it has nothing to do with real-world protection, not all 1,000,000 trojans/malware circulate in the real world and not all of them cause real danger to every group of users.

Detecting malware (not specified to only viruses/worms in the WildList) that are still circulating in the wild and the abilities to detect new dangerous malware as soon as posible or without any updating by not introduce unacceptable slowdown or any glitches are something we should actually use to judge AV program strength, not by illusive best overall detection rates or big database.

I'm using AVG FE on one of my machine (laptop) and it hasn't let me down. I have enough money to buy an AV but I don't want to pay (at least present time) because AVG FE suits to my needs, different people = different needs.

The real strength of an AV program it's not about the total number of malware detected but it's mainly about the 2 factors.

1. Overall stability/reliability
2. Response time, speed of reaction to the new-real malware, the duration between malware are released in the wild and your AV program is able to detect it

These are the two most important aspects to real-world protection. IMHO

 

- The fact is, after testing X amount of viruses, AV X had a detection rate of X% for those viruses. Nothing misleading about that. Take a sample of different viruses, test it, disclose the results, and people take their own opinion of it. I am sure if there were a lot of tests that had very different results, one could assume it was a mislead review, and maybe this particular person picked out viruses that are known to not be picked up on the freebies.

- My needs, along with most people I know, is an AV that will be the best at detection & removal. I would rather have my computer be a bit slower, and get a better AV, but that's just me.

- Although your point is well taken, just because a particular malware doesn't circulate around much, doesn't mean the AV software doesn't need to detect it. Which if you think about the logic above, that is kind of where you are taking your point. I guess we should find out if these viruses, that a lot of the freebie AV didn't detect, are actually ones we might find. I would think that someone doing the testing, would actually pick up viruses that are rather common, and some that are not so common, but in the end, it should still pick up the not so common ones.

- Strength is in protection. That's the #1 reason we even use AV is to be protected. I think stability and response times play an important role, but since response times vary by only a minute or so, we cannot really make a determination of one AV being better because it has good response time.

Keep posting more links to reviews if you still have some!


edited to add quotation tags to clarify the posting - Detox

 

I guess the point being made is that if you are using AVG (for example) and it has always kept a 100% clean slate then there is no need to change to something else, because NO AV will ever beat that result!

If, on the other hand, you are a bit risky or careless in your habits, you may want the best protection money can buy to compensate for that. I suppose you could argue that if someone is foolish they will be infected whatever AV they use, but maybe a better detection rate would shift the odds in their favour.

 

What virus? What are the facts in real-world virus/malware protection?

I'm not talking about ITW malware in this case because it has an accepted industry standard at the WildList Organization and ITW malware are significantly tested at Virus Bulletin, ICSA LAbs, ect. as you know. So, what about some tests in question?

For detection rate test

- Do the testers disclose all malware's name?
- Do the testers disclose their methodology to evaluate the circulation state of all tested malware?
- For viruses/worms, do the testers verify them all by run in suited environment to see if they're still functional (replicate/infect host file) or not?
- For trojans/backdoors, do the testers include client/editserver or not? because some AVs don't detect client/editserver.
- For packed/modified backdoors, do the testers verify them all to see if it's still functional?
- Do the testers include adware/spyware/BHO/hijacker in their tests? some malware are not traditional virus/trojan but many people (even an AV company) always call them " virus or trojan " and some AVs deliberately don't detect them.
- Do the testers provide right detection scope/limitation of each every AVs?

When we don't have an accepted industry standard to evaluate the circulation state of malware that are not traditional viruses/worms in the WildList, so, it's hardly/invalid to " tell the facts about real quality of AV " by put all malware you download from VX sites or some where else to the test and judge them by scores 60%, 70%, 80% overall detection rates.

Some AV companies mainly focus to detect ITW malware, some want to detect 100% of all malware, some deliberately don't detect common adware/spyware/BHO/hijacker, some deliberately don't detect corrupted malware sample. An AV companies have thier own policies for what they should and should not detect. You create your own viruses, send them to an AV companies and see some companies will ignore your virus but some may add it asap.

That's why some AVs don't participate in some tests - https://www.wilderssecurity.com/showthread.php?t=61789

It has nothing to do with some AVs that can detect all zoo malware closely to 100% or some AVs that mainly focus to detect only real threats that pose real dangerous to its users.

You have to create industry standard or methodology to evaluate the circulation state of malware that are not traditional viruses/worms in the WildList and the method to measure how quick an AV comapanies response to these industry-standardized malware when it releases in order to find out the real quality of antivirus programs.

 

Why freebie? What about viruses/malware that paid AVs don't detect. You'll see in some tests that paid AVs such as eTrust, Virobot, Norman, Protector Plus, ZoneAlarm with Antivirus (VET Engine) are inferior to companies that provide free AV such as AVG, avast!, AntiVir.

Don't you think that why that paid AVs don't detect those malware?

Where are your protections come from? If your AV takes to much time to release signature to protect you when new fast-spreading threats come. What if X AV program that can detect 99.99% of all malware but it takes to much time to response and fail to stop single ITW mass-mailing worm at the gateway in a company and it gets to novice employee mail box.

You can read some response time test in Virus Bulletin magazine.

 

I for one don't place a lot of confidence in the virus.gr test/rankings. Not just to defend ZASS (with which I'm quite satisfied), but I would also point out their average to poor rating of NOD32, a highly-respected AV here at Wilders!

 

One can talk days about these virus scanner tests and whether they were done the proper way, but in the end it's always the same scanner that's on top of every list (or at least close) and that is KAV, over and over, test after test. Sorry, but this is not a coincidence anymore, just plain proof that it's indeed the best (or at least one of the best) scanners you can buy.

 

wings~ My remarks were not intended to contradict that. I don't argue that Kaspersky is one of the best AVs out there. The sole purpose of my comment was to express doubt of virus.gr's AV ratings and in particular, mercurie's conclusion regarding ZASS (and its users).