Which AntiVirus Has the Best (and Worst) Protection?
Internet security suites have become exceedingly complex over recent years. That’s partly due to the ever-increasing number of vectors via which hackers and malware attack. It’s also due to feature-bloat, as anti-virus vendors add new bells and whistles to differentiate their products. But one bedrock feature of a security suite remains the same: how well does it detect virus-infected files? Here are some real-world test results you won't want to miss...
Anti-Virus Programs Tested by Independent Labs
The uber-geeks at antivirus testing organization AV-Comparatives.org look at this fundamental question twice a year. Their latest test, reported in October 2012, threw an army of 240,000 virus-infected files at twenty anti-malware programs. The detection rates of all contenders were ranked and grouped.
The winners in the detection test were G Data and AVIRA, both with almost perfect infection detection scores of 99.9% and 99.8%, respectively. Other programs that detected more than 99% of infected files include Panda, Trend Micro, F-Secure, Kaspersky, BitDefender, BullGuard, Fortinet, and eScan. McAfee (98.8%), Sophos (98.7%), Avast (98.6%), and AVG (98.0%) all scored respectively well.
The worst performers by detection rate (less than 95%) included Microsoft Security Essentials, PC Tools, and Webroot. The last was an extraordinary failure, detecting less than 80% of infected files.
It's Not an Oxymoron...
False positives – flagging a non-infected file as infected – are almost as bad as false negatives (failing to detect an infected file). False positives can lead to deletion of legitimate files that the operating system or application program needs in order to function. AV-Comparatives also measured the false positives rates of the twenty contenders.
The lowest rates of false positives were found in Microsoft System Essentials, ESET, Kaspersky, and Trend Micro. The highest (worst) false positive rates were racked up by G Data, GFI Vipre, AVG, and Webroot. But again, Webroot was off the chart compared to the others, and not in a good way.
Taking detection rates and false positives into account, AV-Comparatives ranked all of the twenty contenders. The programs that won ADVANCED+ (three star) awards include AVIRA, Trend Micro, F-Secure, Kaspersky, BitDefender, Bullguard, Fortinet, eScan, McAfee, and Avast. Programs that failed miserably include AhnLab and Webroot; they were diplomatically rated as “tested.”
Detection Is Good, Removal is Better
It's of course very important that your anti-malware program has the ability to detect the most common samples of malware that are currently in the wilds of cyberspace. But that's only half of the problem. You want to get rid of that stuff, too.
These tests looked only at virus detection, false positives and the ability of the tools to remove infections. Accordingly, the AV-Comparatives lab also tested how well these programs do at removing malware and cleaning up the mess it can make. To do so, they choose eleven samples of malware (trojan horses, rootkits, viruses and worms), infected a pristine Windows 7 PC, and ran the anti-virus tools as a typical home user would, in an attempt to remove the infection.
The products were rated on a scale of 0 to 100, depending on their performance at removing the malware samples. Kaspersky and Bitdefender both scored a 94, while Panda scored 86. This earned all three of them an ADVANCED+ rating. Both PCTools and Bullguard registered marks of 79, for an ADVANCED rating. The worst performers in the removal tests were AVG (76) and Avast (59), earning the STANDARD rating.
Keep in mind these scores are not percentages. Rather, they are numbers based on a scoring formula that's described in the malware removal test. It's also worth noting that the report states that "most AV vendors have by now already addressed and fixed the next releases of their products based on our findings."
In addition to detection and removal, there are many other aspects of online security, including anti-phishing and detection of rogue Web sites. A program’s ease of use, consumption of system resources, and other factors also come into play. AV-TEST.org is another anti-virus performance and testing lab that always has interesting reports. Each year in February, they announce their AV-TEST AWARDS FOR BEST PROTECTION, REPAIR and USABILITY. You can see last year's results here.
It's very difficult to quantify which internet security program is "best" because of the many factors to consider. Your usage patterns and awareness also come into play. But at least we have some idea of which programs are best and worst at the basic job of stopping viruses and other nasty online threats.
Your thoughts on this topic are welcome. Post your comment or question below...
This article was posted by Bob Rankin on 20 Nov 2012
|For Fun: Buy Bob a Snickers.|
The Five Most Common Internet Security Mistakes
The Top Twenty
Free Phone Calls With Bobsled
There's more reader feedback... See all 38 comments for this article.
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- Which AntiVirus Has the Best (and Worst) Protection? (Posted: 20 Nov 2012)
Copyright © 2005 - Bob Rankin - All Rights Reserved