Against Unknown Viruses, Avira AntiVir the Winner For Now

← Back to Stories (view on slashdot.org)

Against Unknown Viruses, Avira AntiVir the Winner For Now

Posted by timothy on Thursday December 4, 2008 @07:37AM from the evolving-bleakosystem dept.

KingofGnG writes "AV-Comparatives, the Austrian team of experts dedicated to antivirus tests acknowledged as a reference point in the field, has published the second part of the mid-year comparative, an ideal addendum to the one already released last September. This time the aim is to evaluate the antimalware tools' effectiveness against unknown threats in a test scenario meant to prove the heuristic part and the generic markers of the on-demand scanning engines." The best in show (of 16 anti-malware packages evaluated), Avira AntiVir was able to find 71% of the unknown malware it was exposed to in the first week, dropping to 67% after the fourth.

11 of 170 comments (clear)

Min score:

Reason:

Sort:

MalwareBytes? by oahazmatt · 2008-12-04 07:46 · Score: 4, Informative

I'm surprised MalwareBytes isn't on the list. We've come to depend on it for removing zlob from problematic PCs.

--
Those who believe the Internet is private,
find their privates are on the Internet.
Direct Link to results by phantomcircuit · 2008-12-04 07:48 · Score: 1, Informative

http://www.av-comparatives.org/seiten/ergebnisse_2008_08.php
http://www.av-comparatives.org/seiten/ergebnisse_2008_11.php
The tables are in a horrible colors for some reason.
TFA paints a more complete picture by floodo1 · 2008-12-04 08:05 · Score: 5, Informative

It's worth pointing out that when you take false positives into account Eset Nod32 becomes the only AV solution to achieve the "Advanced+" rating. Apparently it detects 20% fewer "unknown" threats but had only 7 false positives, compared with 17 for AntiVir. This places AntiVir in the same category ("Advanced") as Kaspersky, Mircosoft, Symantec, McAfee, and GData. Hopefully people bother to read the TFA, and not just this /. article

--
I KUT J00 M4NG!!!
Re:Unknown? by spinkham · 2008-12-04 08:15 · Score: 5, Informative

Try NOD32. The scanner that actually got top ratings in this test, for finding the highest number of viri without ungodly number of false positives. I've used it for a few years, and it's fast and has a good track record on virus tests. Can't recommend enough.

--
Blessed are the pessimists, for they have made backups.
False positives by Thelasko · 2008-12-04 08:17 · Score: 3, Informative

The summary left out some important information. From TFA:

...the samples detection rates are only one of the two elements evaluated for the antivirus final classification, being the number of false positives the other. Rising a false alarm about a malware on a legit software can cause as much troubles like a real infection, the report states, and it is for this reason that AVIRA, Kaspersky and other products, even if they have obtained very good results in identifying samples, have been penalized with a lower classification.

So the certification level ADVANCED+ has been achieved by ESET NOD32 only, that has detected 20% less of the samples that AVIRA AntiVir has discovered but has triggered only 7 false alarms.

--
One of our competitors trademarked the term "hypothesis". From now on, we will call them "boneheaded ideas".
Re:mine is better by Anonymous Coward · 2008-12-04 08:20 · Score: 1, Informative

This one comment demonstrates why your entire life is bogus.
The tests *do* take into account the false positive rates. I gained this information by reading the article. Maybe you could give this a whirl...? It's novel, I know, but it would stop you looking like a pompus jackass.
And hey - thanks.
My antivirus research for my IT department by Khopesh · 2008-12-04 08:24 · Score: 2, Informative
We use Kaspersky for Windows systems at work (and ClamAV on Linux for mail, though that might change to Kaspersky as I believe we have a license for it). When employees ask if they can use our licenses for their personal machines, I point them at Avira AntiVir because it's about as good and it's FREE FOR PERSONAL USE (although the free version has less spyware detection). It blows AVG out of the water.
Here are some useful links from my research, which included the above site:
- Wikipedia:Antivirus software's external links are very useful.
- Top 9 Windows Antivirus, a review at About.com, ranking Avira, Kaspersky, BitDefender, and McAfee as #1, 2, 3, and 4 respectively.
- Virus.gr measured detection rates of tweaked settings, ranking in order: G DATA, F-Secure, TrustPort, then Kaspersky.
- AntiVirus Software Review 2009 - TopTenREVIEWS, ranking in order: BitDefender, Kaspersky, ESET, then AVG.
- Virus Bulletin's latest test results (no direct ranking).
From the Wikipedia links and other research that I didn't bother to note to my colleagues (who were also doing this research), I determined that Kaspersky's software was among the most efficient and CPU-friendly. It's only downside was a less-than-optimal user interface, especially on the administrative side for the corporate product. We didn't mind its UI flaws in the free trial period, so we purchased it. We're still happy with it several months later.
The main arguments for our switching from Trend Micro were that it was slow, had poor performance, missed several viruses, we wanted to boycott it, and we were tied to a very old version (since it out-performs the newer ones in reviews). Arguments for switching to Kaspersky included: it doesn't feel bloated (remember when that was the norm?), great performance, well received across the board in reviews, dirt cheap (new licenses are 70% the current renewal cost of Trend Micro, which is an ever-growing target), we liked the UI that prevented reviewers from giving it a perfect score, and it's the de-facto number one scanner in Russia and surrounding area (you know, where all the viruses come from?). Kaspersky is also growing rapidly in deployments; you can now get computers installed with it.
--
Use my userscript to add story images to Slashdot. There's no going back.
Re:mine is better by Thelasko · 2008-12-04 08:25 · Score: 5, Informative

This one comment demonstrates why the entire article is bogus. Thanks.
If you actually read the fine article it goes on to note Avira's high rate of false positives and recommends NOD32 instead.

--
One of our competitors trademarked the term "hypothesis". From now on, we will call them "boneheaded ideas".
Re:Now If only . . . by monkeyfromx · 2008-12-04 08:33 · Score: 3, Informative

How about this? http://www.tipsfor.us/2007/08/15/make-avira-antivir-free-edition-more-usable/
Your married... by Hurricane78 · 2008-12-04 09:06 · Score: 4, Informative

What about my married?
Because I can't see your married. Where did you hide it?
-- A formed babby

--
Any sufficiently advanced intelligence is indistinguishable from stupidity.
Re:mine is better by ushering05401 · 2008-12-04 10:59 · Score: 2, Informative

There is no free version so far as I know.
I have only been using NOD for a few weeks... so far so good.
I was stuck with a Panda solution at work for a couple of years, NOD feels far advanced of that suite.
The nicest thing I have noticed so far is the NOD interface and presentation of options, so my opinion basically boils down to YMMV.
As far as footprints go, I rebooted this machine 29 hours ago according to task manager. The NOD kernel has utilized 28 seconds of processor time.
I just spawned an on-demand scan, and popped back into VS2008.. minor speed hit on standard tasks. Much less that Panda from the feel of it. Nod32.exe (scanning process) is currently topping out at 13% CPU usage, and it doesn't do that annoying throttling garbage that some other AV systems do, NOD stays light on the flops.
Barely noticeable really. Of course, I don't really know how good a job it is doing.