Antivirus Test: A Quest for Nearly Objective Rankings

1 2 Page 2
Page 2 of 2

* AV: Rising Software Infections found: 27,991 Comments: After almost giving up to make this product work, it finally installed and ran on my last attempt. This AV was one of the faster ones, chewing through all my test data in only 47 minutes. However, it only managed to identify 27,991 of the items it scanned.

* AV: Sophos Infections found: --- Comments: The software froze the computer and I was unable to run the test. I followed the same procedure I used with other AV software like reinstalling using different options, but the software still wouldn't run. It seemed like it was trying to call a service that wasn't running, but for whatever reason, the software either "failed silently" or froze the computer.

* AV: Trend Micro Infections found: 35,182 Comments: I don't know what the software meant when it said that "35,001 targets checked" when it should have counted 36,438. It also said "35,182 potential threats found" but it didn't delete them.

* AV: Trust Port Infections found: 36,171 Comments: Despite their Web claims of 99.9percent detection, this software only detected 99.26 percent on my tests. Still, it was pretty darned impressive. They use a unique approach by licensing AV engines from 4 other companies which they roll up into their own GUI (AVG, DrWeb, Norman, and Virus Blok ADA). Certainly an excellent AV choice, but still second to G Data in terms of malware identification.

* AV: Virus Blok ADA (also called VBA) Infections found: 22,417 Comments: The software has a very Spartan GUI and didn't appear to provide a summary report. In fact I'm not sure that a reporting option even exists. And since this AV identified only 61.52 percent of my malware, the lack of a reporting function doesn't really matter.

* AV: Zondex Infections found: --- Comments: This AV software hails from Australia and I was curious to see how an "Auzzy" product would stack up. The interface feels a lot like Windows 3.1 and settings cannot be adjusted like many other products. Twice the GUI crashed and stopped running. When restarted, it pegged CPU usage at 100percent.

* AV: Zone Alarm Infections found: --- Comments: It was the slowest of all AV products tested, scanning only 162 files an hour (2.7 files per minute). I was curious as to why it was so slow until I checked my firewall logs (not ZA or Checkpoint). Apparently the product "phones home" with each and every possible infection. At this rate the test would have taken over 9 days to complete. I pulled the plug after 30 hours.

Products not tested (and why)

* Inca: Also know as nProtect, the site is mostly in untranslated Korean (hover your mouse over the "Products" icon and see for yourself). I was trying to read the few English words on the site and guess where the link to the software was when the site launched a java script that pegged my CPU usage at 100 percent. Given this experience I chose not to download or test this AV.

* Graugon: A program that uses the Clam AV engine, and after seeing how effective this engine is, I chose not to evaluate this product.

* Norman: The Trust Port AV software uses the Norman AV engines in its product. Since the engine was already being tested (sort of) I chose not to test it again. They also appear not to have a free evaluation copy of their software.

* Virus Chaser: Another AV product from the People's Republic of China. For the most part, the site was better translated than the others from Korea and China. However, having said that, the link on the site to download the software is either broken or deliberately severed. I tried many times over the course of a week to download the software.

* Microsoft OneCare: Cheap shots at the software giant aside, this product is at the end of its life. Microsoft plans to roll out a new anti-malware product in a few months code named "Morro." Since I decided at the beginning of these tests not to evaluate any AV that is (or will be shortly) discontinued, MS was left out.

RANK -- AV Product -- Malware Identified -- Percentage of Total

* 1. -- G Data -- 36,423 -- 99.95 percent

* 2. -- Trust Port -- 36,171 -- 99.26 percent

* 3. -- eScan -- 36,146 -- 99.20 percent

* 5. -- BitDefender -- 36,105 -- 99.08 percent

* 6. -- Avira -- 35,846 -- 98.37 percent

* 7. -- Hauri -- 35,325 -- 96.94 percent

* 8. -- Trend Micro -- 35,182 -- 96.55 percent

* 9. -- DrWeb -- 34,114 -- 93.62 percent

* 10. -- F-Prot -- 32,635 -- 89.56 percent

* 11. -- Ashampoo -- 32,291 -- 88.61 percent

* 12. -- Panda -- 31,719 -- 87.04 percent

* 13. -- BullGuard -- 31,608 -- 86.74 percent

* 14. -- PCTools -- 30,023 -- 82.39 percent

* 15. -- Arcabit -- 28,944 -- 79.43 percent

* 16. -- Rising Software -- 27,991 -- 76.81 percent

* 17. -- Clam -- 27,247 -- 74.77 percent

* 18. -- CA -- 24,996 -- 68.59 percent

* 19. -- ESET -- 23,746 -- 65.16 percent

* 20. -- VBA -- 22,417 -- 61.52 percent

* 21. -- AhnLab -- 21,301 -- 58.45 percent

* 22. -- Norton (Symantec) -- 20,404 -- 55.99 percent

* 23. -- Kaspersky -- 20,289 -- 55.68 percent

* 25. -- File Sentry -- 111 -- 3.04 percent

* 26. -- AVG -- 110 -- 3.01 percent

* 27. -- Hacker Eliminator -- 1 -- 0 percent

* 4 or 24 -- Avast -- Make sure to read the footnote for this entry in the individual assessment. Avast had either 99.14 percent or 57.67 percent success.

These AV products were eliminated because they reported more malware than actually existed on the computer (false positives): Comodo, DrWeb CureIt, F-Secure and McAfee.

These AV products were eliminated because they caused miscellaneous problems on the test bed (read the individual entries for details): Protector, Sophos, Zondex and Zone Alarm. I offer no explanations why these AV products did not work. I simply report the results that occurred in my test bed.

This story, "Antivirus Test: A Quest for Nearly Objective Rankings" was originally published by CSO.

Related:

Copyright © 2009 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
  
Shop Tech Products at Amazon