Slashdot Mirror

← Back to Stories (view on slashdot.org)

Against Unknown Viruses, Avira AntiVir the Winner For Now

Posted by timothy on from the evolving-bleakosystem dept.

KingofGnG writes "AV-Comparatives, the Austrian team of experts dedicated to antivirus tests acknowledged as a reference point in the field, has published the second part of the mid-year comparative, an ideal addendum to the one already released last September. This time the aim is to evaluate the antimalware tools' effectiveness against unknown threats in a test scenario meant to prove the heuristic part and the generic markers of the on-demand scanning engines." The best in show (of 16 anti-malware packages evaluated), Avira AntiVir was able to find 71% of the unknown malware it was exposed to in the first week, dropping to 67% after the fourth.

10 of 170 comments (clear)

  1. mine is better by SoupGuru · · Score: 4, Funny

    My custom anti-virus solution is better. It blocks 100% of all known and unknown viruses. Just don't ask what its false positive rate is...

    --
    What doesn't kill you only delays the inevitable
    1. Re:mine is better by Anonymous Coward · · Score: 5, Funny

      My custom anti-virus solution is better. It blocks 100% of all known and unknown viruses. Just don't ask what its false positive rate is...

      Sounds like my sex life: My anti-STD solution is great. It blocks 100% of all known and unknown STD's. Just don't ask what my human-to-human sexual encounter rate is... :(

    2. Re:mine is better by Thelasko · · Score: 5, Informative

      This one comment demonstrates why the entire article is bogus. Thanks.

      If you actually read the fine article it goes on to note Avira's high rate of false positives and recommends NOD32 instead.

      --
      One of our competitors trademarked the term "hypothesis". From now on, we will call them "boneheaded ideas".
    3. Re:mine is better by lysergic.acid · · Score: 4, Interesting

      still, i think a better (more useful) test would be conducted by:

      1. enlisting a 100 or so test subjects from various non-technical (in terms of computer knowledge) backgrounds.
      2. give each one of the 9 best-selling anti-virus solutions to 10 different volunteers.
      3. give the last 10 volunteers a 2-week course on basic computer security and malware-prevention.
      4. subject all 100 subjects to the same gauntlet of viruses/trojans/malware over a 6-month period. (perhaps 4-5 viruses a week, for a total of around 120 threats tested)
      5. note how many infections per person each group averaged, how many false-positives each group reported, and how much time/productivity was lost due to the threats & false-positives--for instance, time spent on reboots, reformats, dealing with virus alerts, waiting for anti-virus updates, etc.
      6. lastly, measure the cost-effectiveness of the anti-virus solution used in each of the 10 groups.

      i suspect that preventative education/training is probably the most effective method of combating viruses & malware. and though it might not be cost-effective in the short-term, it might be cheaper to train long-term employees how to avoid viruses/malware than to pay for yearly-subscriptions and still suffer down-time and loss of productivity from infections.

  2. MalwareBytes? by oahazmatt · · Score: 4, Informative

    I'm surprised MalwareBytes isn't on the list. We've come to depend on it for removing zlob from problematic PCs.

    --
    Those who believe the Internet is private,
    find their privates are on the Internet.
  3. Unknown? by girlintraining · · Score: 4, Insightful

    Okay, how does it detect something that's unknown? I think it would be better phrasing to say "this scanning engine has the best heuristic pattern matching algorithms amongst those products tested." But perhaps that's too techie and we should go with "zomg! finds viruses and kills zem dead! nom nom nom." :)

    In either event, I have yet to have any antivirus product I use detect anything using its built-in heuristic scanner. But it sure does slow the machine down, as I'm sure many techies out there reading this from work will know by the curse word "Norton." And if I were a virus writer, I would have every antivirus product in my lab running to test against before releasing it as a matter of course. Could it be this thing is only effective because most virus writers haven't heard of it?

    --
    #fuckbeta #iamslashdot #dicemustdie
    1. Re:Unknown? by spinkham · · Score: 5, Informative

      Try NOD32. The scanner that actually got top ratings in this test, for finding the highest number of viri without ungodly number of false positives. I've used it for a few years, and it's fast and has a good track record on virus tests. Can't recommend enough.

      --
      Blessed are the pessimists, for they have made backups.
  4. TFA paints a more complete picture by floodo1 · · Score: 5, Informative

    It's worth pointing out that when you take false positives into account Eset Nod32 becomes the only AV solution to achieve the "Advanced+" rating. Apparently it detects 20% fewer "unknown" threats but had only 7 false positives, compared with 17 for AntiVir. This places AntiVir in the same category ("Advanced") as Kaspersky, Mircosoft, Symantec, McAfee, and GData. Hopefully people bother to read the TFA, and not just this /. article

    --
    I KUT J00 M4NG!!!
    1. Re:TFA paints a more complete picture by street+struttin' · · Score: 4, Funny

      Why read the article? You just told us what we'd miss if we didn't.

  5. Your married... by Hurricane78 · · Score: 4, Informative

    What about my married?

    Because I can't see your married. Where did you hide it?

    -- A formed babby

    --
    Any sufficiently advanced intelligence is indistinguishable from stupidity.