AVIRA takes crown in AV accuracy

Robert Hallock 30 Nov, 2009 at 4:20pm ET Article published in Tech

AV-Comparatives, provider of the world’s most thorough consumer anti-virus efficacy reports, has released its 2009 November/December study which assesses an anti-virus suite’s ability to proactively deal with new infections.

The proactive test uses two sets of samples labeled Set A and Set B. According to the company’s methodology report, Set A contains malware from December 2007 to December 2008, of which most tested products can detect at a rate of more than 97%. Set B contains 1.6 million samples from the last seven months including: Trojans (69.5%), backdoors/bots (20.7%), worms (6.1%) other malware (1.5%) and Windows viruses (0.4%).

The firm’s tests are designed to determine whether or not sixteen leading anti-virus applications can detect infections through heuristics and behavioral analysis. In other words, testing to see if anti-virus applications can accurately uncover malware without putting the user’s system at additional risk of infection.

Put to the test, AVIRA retained its leadership from 2008 as it rose to the top of the heap with a 74% detection rate. G DATA followed it at 66%, Kaspersky at 64% and ESET NOD32 at 60%.

“As it can be seen above, most products are already able to detect much completely new/unknown malware proactively. Such products can do this even without executing the malware, using passive heuristics, while other protective mechanisms like HIPS, behavioral analysis and behavior-blockers, etc. add an extra layer of protection,” the group states.

“Many new viruses and other types of malware appear every day, this is why it’s important that Anti-Virus products not only provide new updates, as often and as fast as possible, in order to identify those new threats, but also that they are able to detect such threats in advance with generic and/or heuristic techniques.”

While AVIRA was tops for accurate identification, it did get dinged for 21 false positives, which dropped it out of the running for AV-Comparative’s highest Advanced+ rating, an award no vendor received in the report. However, as a matter of perspective, 21 false positives is a rate of <0.00001%.

Comments

30 Nov 2009 ~ 4:57pm QCH I read this earlier today and passed it on to my management to chew on. Unfortunately, Avira doesn't have a good enterprise solution and can be put on Linux and Macs.
30 Nov 2009 ~ 8:37pm Tushon
http://www.eset.com/solutions/enterprise.php
30 Nov 2009 ~ 10:29pm Cliff_Forster But do your Linux and Mac machines really need it?
30 Nov 2009 ~ 11:21pm QCH Cliff... out Computer Security Team and our Baseline Committee has deemed that all systems that can access the same files need to have the same protection and, if possible, be centrally managed. So yeah....
1 Dec 2009 ~ 10:58am Garg I've been really happy with AVIRA, especially in comparison to AVG I was using before. I don't know about the quantitative difference in resource use, but it definitely seems like it makes less of an impact.

I normally don't go to the type of places that would get me infected, and I used to not have AV software at all. Glad I had it yesterday when I got in a hurry and clicked the wrong link (for census data, of all things), and AVIRA caught some malware.

I dearly wish Ohio State would stop using McAfee. It slows down the lab computers (2.4 - 2.8Ghz P4s with either HT or DC) to a crawl.
1 Dec 2009 ~ 12:18pm b0wz Avira is nice, installed on all machines I work on that don't have A/V solutions (non enterprise) Linux support would be cool, I would love to see it, as in many machines running dual boot (win/linux) it would be sweet to be able to scan windows from linux.....