AV Tests

Discussion in 'other anti-virus software' started by TheIgster, Feb 20, 2010.

Thread Status:
Not open for further replies.
  1. TheIgster

    TheIgster Registered Member

    Joined:
    Jul 25, 2009
    Posts:
    645
    Location:
    Edmonton, AB
    Just for fun last night, I took 15 malicious links and loaded them against numerous anti virus software programs. These links were zero day links and were found on various sites on the Internet. Stopped is the number of malware that was stopped by the running anti virus program. Missed means the malware got through.

    I have rated the product from worst to best. Amazingly enough, one product was able to stop all threats:

    Rising Anti Virus

    Stopped: 1
    Missed: 14

    Score: 6%

    Microsoft Security Essentials

    Stopped: 3
    Missed: 12

    Score: 20%

    Trustport Anti Virus

    Stopped: 6
    Missed: 9

    Score: 40%

    AVG

    Stopped: 8
    Missed: 7

    Score: 53%

    Avira Anti Virus

    Stopped: 8
    Missed: 7

    Score: 53%

    Vipre Anti Virus

    Stopped: 9
    Missed: 6

    Score: 60%

    ESET Nod32

    Stopped: 10
    Missed: 5

    Score: 66%

    Avast

    Stopped: 15
    Missed: 0

    Score: 100%

    Now I know there are those who will say that Avast scored what it did because it is my AV of choice, but this test was performed without bias at all. It was done with the same links and in the same fashion. I was a little surprised by the performance of some quite frankly.

    Also note, these were 15 random zero day links taken from various sites. On any given day, anti virus software may perform much better or much worse than this test. This by no means, means one product is better than the other, it simply proves that products can do very well one day, while others may not.

    I'm not a professional by any means. This test was performed on my main system using Shadow Defender to simply start over again, uninstall the current AV and then install a new AV. After all the testing was done, I had imaged my system using the built-in Windows 7 image backup, so I simply put that image back on to be sure nothing was left behind.

    I will add that in some more testing, Avast has not remained perfect (using other links found), but what Avast missed, my Malwarebytes Pro caught, so a layered approach is best in my opinion.
     
  2. Ibrad

    Ibrad Registered Member

    Joined:
    Dec 8, 2009
    Posts:
    1,949
    Test Panda Cloud next time please..........

    I am disappointed in Rising's score and I thought Avira would have been on top.
     
  3. TheIgster

    TheIgster Registered Member

    Joined:
    Jul 25, 2009
    Posts:
    645
    Location:
    Edmonton, AB
    Yeah, I've also heard from a few other people about testing Kaspersky as well. I will add those to my list for testing the next time I do this.

    Again, I'm no pro at this, but if anyone wants to see something included in the tests other than what I did include, let me know.

    I was surprised how some performed as well. Avira and MSE.

    The other thing too was I would get a single pop up from Avast and the threat would be gone. From others, like Avira and ESET in particular, the pop ups would just keep going. I found them quite annoying having to click over and over again.
     
  4. 3GUSER

    3GUSER Registered Member

    Joined:
    Jan 10, 2010
    Posts:
    812
    You can do it yourself . There are numerous sourses on the Net with active malware even fresh one
     
  5. codylucas16

    codylucas16 Registered Member

    Joined:
    Nov 17, 2009
    Posts:
    267
    This does really surprise me. Out of all my tests I've never been able to get very many thinsg through Rising. It also baffles me to see AVG beating MSE.
     
  6. TheIgster

    TheIgster Registered Member

    Joined:
    Jul 25, 2009
    Posts:
    645
    Location:
    Edmonton, AB
    Yeah, it surprised me as well, because I did use MSE for a while and it seemed to perform quite well. Perhaps these links in particular simply alluded MSE, but 15 other random links and it would have caught them all. Don't really know.

    These links were a mixture of rogues, trojans, fake AV's, etc.
     
  7. nikanthpromod

    nikanthpromod Registered Member

    Joined:
    Oct 9, 2009
    Posts:
    1,369
    Location:
    India
    some days ago i was searching for Fake Avs in MDL. I opened a lot of malicious sites.i got a lot of rogues. A big surprise is that Firefox blocked many of the sites i opened.:D
     
  8. Ibrad

    Ibrad Registered Member

    Joined:
    Dec 8, 2009
    Posts:
    1,949
    Did you do this test on 64bit?
     
  9. dawgg

    dawgg Registered Member

    Joined:
    Jun 18, 2006
    Posts:
    817
    Yep, samples make a huge difference. With one sample, one AV can get 0%, and with another sample, it can get 100%, which is why it is important to have a sufficiently large sample from various sources.
     
  10. TheIgster

    TheIgster Registered Member

    Joined:
    Jul 25, 2009
    Posts:
    645
    Location:
    Edmonton, AB
    Yes, this was a 64-bit system.

    Also note that when I say zero day, that may or may not mean the same as what other think. I simply means that I tested using links that were posted THAT day on the malware sites. I did not use any links that had been posted prior to that day. All links were dated and had been posted on Feb 19th.

    dawgg: What would you consider to be a large enough sample then?
     
  11. Ibrad

    Ibrad Registered Member

    Joined:
    Dec 8, 2009
    Posts:
    1,949
    That explains why Rising did not do very well. Rising has a lite hips that is very good at blocking Rogues and preventing malicious changes. Rising's Smart Active Defenses (Lite Hips) does not work on 64bit systems.
     
  12. TheIgster

    TheIgster Registered Member

    Joined:
    Jul 25, 2009
    Posts:
    645
    Location:
    Edmonton, AB
    I had seen Rising mentioned around, but truthfully, don't know much about it. I basically went to the various sites, downloaded trials (64-bit versions when available), installed and left default settings.
     
  13. Sadeghi85

    Sadeghi85 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    747
    For me the whole point of using Rising is for its smart active defense, the AV part is mediocre I disabled it.
     
  14. Pain of Salvation

    Pain of Salvation Registered Member

    Joined:
    Apr 21, 2005
    Posts:
    398
    I'm using Avast, and liking it a lot. Don't know about detection rates, but it is very light.

    Keep testing Avast, MSE and Avira, please!

    Would be interesting to see Panda Clould too...
     
  15. IceCube1010

    IceCube1010 Registered Member

    Joined:
    Apr 26, 2008
    Posts:
    963
    Location:
    Earth
    I'm not surprised at all. I actually like MSE and Avira but Avast 5 seems to be very good in this department. The Web scanner is terrific. There is a malware site that has links to known bad sites etc. Avast 5 catches almost all of them. It's a bit scary that it improved this much from version 4.8

    Ice
     
  16. 0strodamus

    0strodamus Registered Member

    Joined:
    Aug 23, 2009
    Posts:
    1,047
    Location:
    United Surveillance States
    Which of avast!'s shields caught the malware? Were these files you launched from your HDD or malware website's you browsed to?

    Thanks for running the test and posting your findings!
     
  17. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    Always find tests like this useful, even though i know the're not 100% scientific. Done a few myself.

    Were all the AV's set to maximum protection, or just default ?

    Might be interesting to only tests with rogues/fake AV's if you get chance :D
     
  18. TheIgster

    TheIgster Registered Member

    Joined:
    Jul 25, 2009
    Posts:
    645
    Location:
    Edmonton, AB
    Sorry, didn't really pay attention to which portion of Avast that caught them. I would imagine the web shield though because these were all web links I was using. Some were direct links to exe files, while others were simply web links.

    All AV's were installed in trial mode (paid ones anyway) and left to default settings.
     
  19. IceCube1010

    IceCube1010 Registered Member

    Joined:
    Apr 26, 2008
    Posts:
    963
    Location:
    Earth
    For me it was the WebShield and it was malware websites that I browsed to. I tried this with Chrome and IE8.

    Ice
     
  20. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    can you try Panda for us.
     
  21. NoIos

    NoIos Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    607
    TheIgster's tests provide only some indications and nothing more. But the great thing about these tests is that confirm my feeling about who is the best in town lately. And that's Avast. Thanks TheIgster.
     
  22. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    no offense but, if it only provides some indications and nothing more, then how can it be used to confirm anything for you.o_O
     
  23. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    What's most important is personal testing. For example, if TheIgster, or a family member would actually click on 15 malicious links, which AV would protect him/her.

    You can get 20 links, one AV misses all 20. But if it protects a user against the ones the user would actually click on, and download a file they're 'sold/convinced' on, then the AV has worked for that user.

    Overall, I've found Avast's web scanning to be excellent.
     
  24. TheIgster

    TheIgster Registered Member

    Joined:
    Jul 25, 2009
    Posts:
    645
    Location:
    Edmonton, AB
    No problem...:thumb: It was fun.

    I want to do some more tests and will include Panda next time. I'm just not sure if I will find the time this weekend. Let me try one day this coming week. I don't want to use the same links obviously because they are not fresh anymore, so I will wait until I'm ready and try Panda as well as Kaspersky in the next round.
     
  25. NoIos

    NoIos Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    607
    Indications can confirm a feeling or impression, specially when you have no other objective data around.
     
Loading...
Thread Status:
Not open for further replies.