AV-Comparatives releases latest detection figures

Posted by   Virus Bulletin on   Mar 23, 2009

Large collection test shows major improvement from AV giants.

Independent testing organisation AV-Comparatives has released its latest bi-annual detection test figures, with 17 products included in the field and a test set containing a massive 1.3 million samples.

The first set of results of 2009 showed notable improvements for major players Symantec and McAfee. While both previously lagged behind an impressive field in AV-Comparatives' charts, some excellent detection rates earned both vendors a position in the top four in the latest set of results.

Also significant in this batch of figures is the inclusion of McAfee's Artemis in-the-cloud detection component, which added significantly to the solution's performance: while the standalone product would have scored 95.2% overall, the addition of Artemis detection resulted in a score of 99.1%. The in-the-cloud component was included in the test by running the scan on the same day as updates for other competitors were frozen.

Some other 'offline' products managed scores well over 99% even without the support of online resources, with those from G-Data and Avira achieving the dizzying heights of 99.8% and 99.7% respectively, while Symantec, also without the benefit of calling home, came in a highly creditable fourth in the detection stakes, with 98.7%.

Newcomer to the test Kingsoft brought up the rear with a not unimpressive 84.5%, and was not far behind Microsoft's product, which showed some improvement on its previously disastrous AV-Comparatives test results. This time the Microsoft achieved 87.1% for straight detection and made the grade for the 'Standard' award - the product also demonstrated the best false positive performance of all the products on test.

Several aspects of product performance beside detection rates were also taken into consideration when calculating awards, including false positive rates and scanning speeds, and with all these taken into account, only four products were adjudged worthy of the coveted 'Advanced+' three-star award: ESET, Kaspersky, McAfee and Symantec all taking top honours for their overall performance. Another seven products were granted the 'Advanced' award, mostly marked down thanks to higher levels of false positives.

The tests were run in general with 'best possible' settings as recommended by the vendors, with the exception of Sophos's product, at the vendor's own request. The test sets contained some 1.3 million samples gathered in the past nine months, with trojans (71.5%) and backdoors/bots (19.9%) making up the bulk of the samples. The same batch of products should be further tested in the upcoming retrospective comparative, with results due out in the summer. Below is a summary of the results, for full details and more complete information visit the redesigned AV-Comparatives website here and read the full test report.

Product Malware on demand False positives Scan speed Malware on demand Award
AntiVir (Avira) ACB99.7% Advanced
Avast! (Alwil) ACA98.2% Advanced
AVG BCC93.0% Standard
BitDefenderACC98.0% Advanced
Command (Authentium)CCB88.9%Tested
eScan (MicroWorld) ACC98.0% Advanced
ESET NOD32 ABB97.6% Advanced+
F-SecureBBC93.4% Advanced
G DATAACB99.8% Advanced
Kaspersky ABB97.1% Advanced+
KingsoftDCA84.5% Tested
McAfee ABB99.1% Advanced+
Microsoft CAB87.1% Standard
Norman CCC87.8% Tested
Norton (Symantec) ABA98.7% Advanced+
Sophos CBB89.6% Standard
TrustPort ACC97.1% Advanced
Key:
IndexMalware on demand False positives Scan speed
A>97%0-3 FP>14 MB/sec
B>93%4-15 FP>7 MB/sec
C>87%16-100 FP>3 MB/sec
D<87%>100 FP<3 MB/sec


Posted on 23 March 2009 by Virus Bulletin
twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

In memoriam: Dr Alan Solomon

We were very sorry to learn of the passing of industry pioneer Dr Alan Solomon earlier this week.

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

In a new paper, researchers Aditya K Sood and Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited in order to gather threat intelligence, and present a model of mobile AppInjects.

New paper: Collector-stealer: a Russian origin credential and information extractor

In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor.

VB2021 localhost videos available on YouTube

VB has made all VB2021 localhost presentations available on the VB YouTube channel, so you can now watch - and share - any part of the conference freely and without registration.

VB2021 localhost is over, but the content is still available to view!

VB2021 localhost - VB's second virtual conference - took place last week, but you can still watch all the presentations.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.