AV-Test release latest results

Major test of suite products completed

Independent testing body AV-Test.org has released the results of a major comparative of suite products, with many vendors' 2009 editions included in the results. The test covers a range of metrics, including detection rates over various types of malware including adware and spyware, false positive rates, scanning speed, proactive detection, and response times to outbreaks.

In terms of pure detection rates in on-demand scanning, a beta version of GDATA's AVK 2009 topped the charts for both 'malware' (measured against 1,164,662 samples) and 'ad- and spyware' (94,291 samples), with Avira's Premium Security Suite 2008 a close runner-up in the former category and F-Secure 2009 placing second in the latter. Secure Computing's Webwasher gateway product, based on the Avira engine with some in-house heuristics, came third in both categories.

Other areas analysed were scored on a five-point scale from very good to very poor. 'Proactive' protection included scanning of files discovered after the freezing of products, and executing unrecognised malware to test behavioural protection. Products rating 'good' or better in every category include Avira's premium suite (the popular free version has less complete spyware detection), AVK 2009, F-Secure's 2009 suite, Symantec's Norton I.S. 2009 (still in beta) and Sophos's Security Suite 2.5. All products taking part in the test managed to achieve a 'good' or better in at least one category.

The test also included keeping a record of the number of updates released over a four-week period. Of course, these numbers on their own cannot be used to measure the quality of the products involved, but were recorded out of interest. The most interesting data to emerge from this measurement was that the 2009 version of Norton topped the table with an impressive 6,202 incremental micro-updates, issued several times per hour, while Kaspersky came a distant second with a mere 696. Half of the 34 products tested had fewer than 100, including those from McAfee (21) and Trend Micro (30).

A summary of the major areas tested is printed below; hover over the product names to see full version information.

Product malware on demand adware / spyware on demand false positives scan speed proactive detection response times malware on demand adware / spyware on demand
AntiVir (Avira) ++ ++ (4) + ++ + ++ 99.8% 99.0%
Avast! (Alwil) ++ ++ + + o o 99.3% 98.3%
AVG + - (4) + + o o 95.8% 87.0%
AVK 2008 (G Data) (1) ++ ++ o - + ++ 99.2% 99.1%
AVK 2009 (G Data) (2) ++ ++ + + ++ ++ 99.8% 99.8%
BitDefender 2008 + - + - ++ + 97.7% 87.8%
BitDefender 2009 + - + o ++ + 97.6% 88.0%
CA-AV (VET) -- -- ++ o - -- 65.5% 68.0%
ClamAV - o - -- - ++ 88.5% 92.8%
Dr Web -- - o o + o 84.9% 89.6%
eScan + + o - + ++ 97.8% 97.4%
Fortinet-GW o -- o + ++ + 92.6% 81.9%
F-Prot (Frisk) o o + + o o 94.8% 92.6%
F-Secure 2008 ++ ++ + o ++ + 98.2% 98.4%
F-Secure 2009 ++ ++ + + ++ ++ 99.2% 99.6%
Ikarus ++ ++ o + + + 99.5% 98.6%
K7 Computing o o o ++ - o 92.1% 94.0%
Kaspersky ++ ++ o o + ++ 98.4% 98.3%
McAfee o o ++ o + - 93.6% 94.5%
Microsoft + + ++ o - - 97.7% 97.1%
Nod32 (Eset) o o ++ ++ ++ + 94.4% 94.7%
Norman + + + o + o 96.3% 95.8%
Norton 2008 (Symantec) + o ++ + + o 97.8% 94.6%
Norton 2009 (Symantec) ++ + ++ ++ + ++ 98.7% 95.4%
Panda 2008 - o + + ++ o 86.4% 93.4%
Panda 2009 o + + + ++ + 91.8% 95.6%
Rising -- -- + o o o 83.4% 77.5%
Sophos + + + + ++ + 97.5% 95.0%
Trend Micro o - + + o + 91.3% 88.5%
TrustPort ++ ++ - -- ++ ++ 99.5% 98.4%
VBA32 o - o o + o 90.5% 85.2%
VirusBuster - - + + o o 89.0% 85.8%
WebWasher-GW (3) ++ ++ o ++ ++ ++ 99.7% 99.2%
ZoneAlarm + + o o + ++ 97.8% 97.7%
Index malware on demand adware / spyware on demand false positives scan speed proactive detection response times malware on demand adware / spyware on demand
++ >98% >98% no FP < 2 h
+ >95% >95% 1-2 FP 2 - 4 h
o >90% >90% 3-4 FP 4 - 6 h
- >85% >85% 5-6 FP 6 - 8 h
-- <85% <85% > 6 FP > 8 h

Notes
(1) AVK 2008 uses the Avast and Kaspersky scan engines
(2) AVK 2009 uses the Avast and BitDefender scan engines
(3) WebWasher uses the Avira engine and a self-developed heuristic engine
(4) the free (personal) edition does not include ad- and spyware detection, so the results would be --

Tags: av-test, comparative, results, testing. Posted on 02 September 2008 by Virus Bulletin. 33 comments.

33 comments

 del.icio.us  digg this! digg this

33 comments

Does anyone know where we can buy G DATA in the UK ?

by Simon Round, 03 September 2008, 10:05

Any testing performed on Agnitum AV? Is Outpost AV based on one of the other AV angines which was tested?

by Curious, 04 September 2008, 01:40

Now you can see that Norton is picking up their game. You can't deny that the new version of Norton is the most up to date IS on the market.

by Stiosti, 04 September 2008, 03:19

Is it possible to see which is the best, second best and so on in this list?

by ALBO Jay, 04 September 2008, 16:55

And what is the place of Eset Nod32's ESS? I guess it's the fifth?

by ALBO Jay, 04 September 2008, 16:58

It would be nice to see some results also about memory usage etc.

by A.Honkala, 05 September 2008, 10:00

The Free version of AVG does now include adware and spyware detection.

by MAGA, 05 September 2008, 17:22

I think Avira is King!!!, but Avira not repair file virus

by hung hung hung, 07 September 2008, 04:13

NOD32 ranked 23 on malware.. and 19 for spyware/adware.

that's very low ranked..

by aces, 07 September 2008, 17:59

Look at Microsoft.. really bringing it. Won't be long now..

by Noone, 08 September 2008, 06:41

The AV test is well tabulated. For novice like me, some explanation need to be added to the grades and the column titles. Thanks for providing this service.

i use Bit defender (2008) and it gets 97.7% 87.8% in malware and adware/spyware. its outside 1-3 ranks. should i change to rank 1 avira?

by premji, 08 September 2008, 07:30

Microsoft also has a professional virusscanner called Forefront (Client Security). As many companies are installing this version, It would be interesting to know what the performance is.

by Jack, 08 September 2008, 16:23

You have to look at other things as well as detection rates. G data AVK hogs about 250MB (YES quarter Gig!) of RAM when it running! And it is using two scanning engines, Avira and Bitdefender, so it must be eating up a lot of processor resources too.

by Readitalll, 09 September 2008, 12:49

where comodo antivirus?

by lennon, 10 September 2008, 07:14

I'm confused how AVK has got better over it's previous version by switching from Kaspersky to Bitdefenders engine, after all if you look at Bitdefenders record compared to the Russian maestro's, it's a joke...

I agree with the Norton dude, they have FINALLY picking their game up!

Also, can we include Comodo AntiVirus, PCTools Anti-Virus.

Fantastic work guys!

by Welsh Antivirus Freak Dude, 10 September 2008, 16:16

Wow thats a lot of resources i was thinking of changing to AVK and i have 3 megabayte RAM...and yes norton are finally picking up their game

by Ismail, 10 September 2008, 17:21

thank avast! my pentium III go faster with it, i use just on-access engine, and this thing make some magic in my system:) is realy first security product for me, which make my computer faster:)

so guys who got so fast comp like my, i sugest avast, malwarebytes, and u can use virustotal.com site for test some unusual files, and ladys and gentelmens developers, lets look how install and work dr.web, is realy something unusual, firstly this scan from system process, this not best way for slow computers, but realy good for security, and just dr.web can unload from system if u wanna test other or dont need it, this can realy stop his function without full uninstall

but plz, never make kernel killer guards in process this is realy unlike for market, cuz most viruses 2day just do slowly comp, so antivirus which do slow comp is official virus is:)

spetial thanx for u are, developers of eset, avira, avast and dr.web; i was realy pleasure test it, i used dr.web from 2002 year, but some mounths i test other and still with avast

best regards for anybody, thank u all

lets make something 2gether and u'll make best ever was:)

by einherz, 14 September 2008, 16:48

thanks for these results!

and a compliment for Avast for making a fine product available for free for private use!

The free Avast Home Edition doesn't block scripts on sites, but for the rest has the same protecting force of the Pro version!

by pc rubriek de monitor, 14 September 2008, 23:09

Avast is the best anti-virus ever, avg does not even detect a half of what avast detects.

The thing is Avast 4.8 works, and avg 8 still struggles.

I used AntiVir for a while and is also good, but the updates on AntiVir and AVG is damn slow comparing against Avast!

cheers all

by Johan, 15 September 2008, 09:42

I found that Agnitum uses its own beefed up version of virusbuster. Since virusbuster alone didn't fare too well, the outpost product merits inclusion in the next test. Also, Sunbelt's new VIPRE is worthy of considering for inclusion.

In evaluating some of the high performers here, I'm finding firewall functionality within many of the anti-malware programs alone (not the suites). Perhaps including a list of functions beyond the scanner itself would be useful for future report summaries. Also including the capabilities and compatabilities (such as P2P, IM, e-mail clients supported, etc) would help. Including these would be helpful leading up to a brief summary for each program detailing the CPU/RAM and overall resource, because resource consumption can be dependent on the services being performed by each software.

Perhaps creating subsets of AV scanners (with or without additional function) and suites utilizing full firewall programs would help equalize the playing field given the extra protection afforded by the firewall program.

We are all biased toward our favorite programs, but independent analytical data, such as this is fantastic to have. These guys are way ahead of their competition by providing public disclosure of results. Most 'independent' reviews are either direct copies of mfg press release or are biased favorably for purposes of selling the software.

Performance alone will not identify best software. Past and present (up to NIS 2008) issues with Symantec have finished my willingness to ever again consider their wares no matter how well they perform. Sorry for the lengthy comments.

Thanks again for a nice presentation of results from a complicated array of tests!

by Curious, 17 September 2008, 02:14

just a question..does this test also covers the "free" versions of this av programs?..

by alex, 17 September 2008, 03:12

How does Comodo's AV stack-up to those listed?

by robdob, 17 September 2008, 18:20

GData is available in the UK from ultimateinternetsecurity.com. However, I am not endsoring either the site or the product nor accepting any liability therein.

by Chris, 20 September 2008, 14:16

Hi Guys.

that sounds good enough for me. Nice to see the Buig Guys bween taken a peg or two. I have Avast Home and it works just fine.

Congratulations

Bert

Bert184@gmail.com

by Bert, 23 September 2008, 10:41

Good Work! I would have also liked to see which of these are free for personal use and also which of these are are not heavy in terms of using the resources of the computer they are installed in. I believe these two factors are also crucial in helping us decide which AV software to use.

by Rajeev R. Singh, 24 September 2008, 03:46

Can we see also tests on corporate versions (like Symantec SEP )?

TIA

by Guido Elia, 28 September 2008, 09:01

Please - Comodo AV NEEDS to be tested! It's free for corporate use and quite obviously that makes it a much needed product for small businesses! BUT if it doesn't do the job, then it isn't.

So it HAS to be tested! Plus they're just released in the last month their 3.0 beta, which should be tested along with their 2.x "beta".

by Richard Steven Hack, 30 September 2008, 13:50

Very exhaustive research and gives clear distinction and comparison between various antivirus.good job keep it up

by Juned, 01 October 2008, 09:59

What's the difference between "response time" and "scan speed"?

by RIchard, 01 October 2008, 18:19

Since the table has no graphic, I would suggest either a number or a few bars '|' or 'O' to make it easy to see which is better. I find the --, o, and ++ to be a bit uneasy to look at.

A button at the top of each column to sort the list would be nice also since all the software are so close to each other in some of the results.

by Paul, 02 October 2008, 17:51

Where would PCTools' ThreatFire 3.5 be on this list ?

by William M Carey, 05 October 2008, 14:50

Please include which versions are being used...

thanks..

by Jonathan, 06 October 2008, 15:07

I see that Sunbelt's Vipre has not been included in the survey. Was this because it's release was too late. I have been using it for approx. 2 months and the results live up to the claims. Low CPU usage and ease of use. I would like an independant survey such as yours to confirm it's performance against others.

by Gordon Shaw, 06 October 2008, 15:09

Comments are closed.

Quick Links

Poll
Should software vendors extend support for their products on Windows XP beyond the end-of-life of the operating system?
Yes - it keeps their users secure
No - it encourages users to continue to use a less secure OS
I don't know
Leave a comment
View 23 comments

AusCert2014

Malware Prevalence
Adware-misc |##########|
Java-Exploit |########|
Autorun |#####|
BHO/Toolbar-misc |####|
Conficker/Downadup |###|
 View this month's full report

Virus Bulletin currently has 231,292 registered users.