AV Tests

Something to consider. Thanks.

 

What would interest me would be a test with no AV at all but running as a limited user with a software restriction policy. Mechbegon did a test like this at Anandtech (will have to see if I can find the thread again) using 95 recent/zero day malware samples. IIRC the best AVs got ~71% and his LUA+SRP setup didn't get infected at all.

 

Sure, but not allowing anything to run at all in a scenario like this basically would indeed mean you wouldn't get infected. I could easily say Cancel to the pop up when choosing to run or not, the malware I've been testing here. Fact of the matter is, most users who have no idea choose run and get infected because they think they are installing something they want or need.

 

Exactly, and what I had in mind is that you go ahead and click run, just like your description of what the "average user" would do. I thought it would be interesting if you ran a test on a list of your malware urls and then see how much, if anything, actually manages to install.

 

Let me ponder this for a bit because it really goes beyond what I was trying to achieve with tests involving AV software.

 

keep it the way it has been and dont deviate.

F-Secure
Prevx
Bitdefender
Norton
AVG
etc etc

These are the ones I would be testing

 

Already did F-Secure, Norton and AVG I believe if I remember correctly.

It might be a neat test to just try 3 that we can all agree on and maybe grab 50 links or even more for those 3. Would be interesting to see how they do.

Personally, I would suggest Avast Free and Kaspersky. Not sure about the other one, but those two have performed the best. Maybe the new Trend Micro Titanium that did so well as well, but perhaps some other folks have a suggestion for the other one or even all 3?

 

well the flavor of the day. 50 samples

Avast
Kaspersky
Eset new version
Vipre

all default settings.

Now get to work.

 

lol...

This weekend I would like to do the tests. Anyone else want to chime in suggestions for their top 3?

(And trjam...that's 4)

 

since you are bias to Kaspersky, kick it out. But Eset needs to be done again. Trust me.

 

also Trend has issues. It does block websites very well but it allows you to click and proceed on. To me that makes no sense at all. It is like saying bomb ahead, tread lightly.

 

the problem I have with all these vendors is, it can pop up saying it caught something, or that if you proceed it might be dangerous, or it asks you to allow or block. All of those are crap in real world testing. If their is really something bad, it should block it, not allow you any option to proceed on and that is it.

See how many actually can do that and then you have thetruth behind all of this.

 

I agree. I've noticed A squared does that as well.

 

well as we all know, AV's are not without fault and if they did this it wuld be a nightmare in those situations, they also give u a choice because after all it is YOUR computer, not thers, so u have the control as the user shuld. i dont want no software controlling what im allowed to do cuz it deems its necessary (and it culd be wrong as well)

 

But when a program like A squared labels a file a trojan or virus and still gives you the choice to allow, doesn't make sense. Are they saying they are not sure its a trojan? That they could possibly be wrong so go ahead and make up your own mind? Or what? If its a labeled a trojan block it and quarantine it. Thats why I'm paying for the program. Not to tell me it might be so i should decide. I might as well not have anything and do the same thing of deciding for myself. If it had been labeled as suspicious and they arent sure then I see the logic in allowing the user allow or block. At least that's how I see it.

 

Is it just me or is everyone testing the same AV's over and over again? You're doing the testing and I enjoy seeing the results, but how many times have you tested Avast?

 

A-squared does label some programs as trojans that are not. IE..Keygens and patches. It also has the tendency to give alot of FP. It's probably a good thing that it gives you the option no to delete svchost.exe

 

agreed, its my computer, i dont want no AV to be in full control, i want it to do its job and let me decide how to handle its alerts in the end.

 

I would like to see:

VIPRE 4 AV Only

ESET NOD32 AV Only new version 4.2.35.0

Avast 5 AV Only

TH

 

Amen to that. I hated having avast because it used to delete things and never gave me an option. Of course I know that you can set it to but I would rather have that default.

 

Well, if you look at the list over the entire thread, I have tested quite a few different AV's, most to the request of posters on this forum.

I keep testing the same ones because I continue to include the ones that perform well and put them up against new ones.

Avast did very well in all of these tests. And trjam, I'm not biased toward Kaspersky. It simply has performed amazingly in these tests. So much so that I went out and bought a license and dropped the free Avast because of these tests.

I think that it is only fair to continue to include those that perform well to see if it is a fluke or a trend. I also think that doing a big test of 50 or more malware links against some of the top performers here would show who might be the most effective once and for all. Of course, effective in these tests. Everyone has their own opinion and these tests are not the end all be all in choosing an AV.

 

Like i said, your the one doing the tests so you're the boss. I'd just like to see some FREE versions of vendors like Comodo, Immunet/ClamAV, Rising, Bit Defender, Spyware Doctor SE, Panda or whatever. The majority of users (even many advanced users) use FREE AV's, at least that's my experience. See who's the best out there (not just the usual suspects) using real world threats. There are enough tests (reputable or not) of paid big-name software with BS threats out there. I have Google for that. Just my opinion, you're the one doing the testing.

 

But could not also bad results from a product be a fluke also?

 

Yes, you have a point. Thought it would make sense to see though if those that performed well, could continue to do so.

Can't really test every AV every time.

 

Hi TheIgster,

Can you test the following:

(1) Avira 10 Premium
(2) Avast free or PRO(same detection rate)
(3) Kaspersky AV
(4) Spyware Doctor with Antivirus(You need a paid license for it to work well)
(5) Trend Micro
(6) Mcafee 2010

Thanks