• Home
  •  > 
  • Utilities
  •  > 
  • Comparative characteristics of antivirus programs table. Comparison of five antivirus programs based on five characteristics

Comparative characteristics of antivirus programs table. Comparison of five antivirus programs based on five characteristics

Submitting your good work to the knowledge base is easy. Use the form below

Students, graduate students, young scientists who use the knowledge base in their studies and work will be very grateful to you.

Posted on http://www.allbest.ru/

COMPARATIVE ANALYSIS OF ANTI-VIRUS PROGRAMS FOR COMPUTER

Ivanchenko Alexander Evgenievich,

Chistyakova Natalya Sergeevna,

FSBEI HE "Magnitogorsk State

Technical University named after G.I. Nosova"

In this article, we will compare several free antivirus programs and find out which one is safer.

Key words: sandbox, firewall.

Ensuring information security of systems is one of the primary issues. In modern society, information protection plays a particularly significant role, since the Internet is teeming with viruses and even the simplest of them can cause serious harm to the computer and the data stored on it. These threats can be of a wide variety of nature - disrupt the operation of the system by destroying important system files, steal important information, passwords, documents. This leads to sad consequences - from reinstalling the system to losing important data or money. Therefore, the question of choosing an antivirus program for your computer that can protect important data becomes very important. In this article we will look at some popular antiviruses and try to choose among them the most optimal one for the average user (most of them will be free, since, after all, free antiviruses are the most accessible to a wide audience of users). So, we will consider 4 antiviruses - Avast Free Antivirus, Panda Antivirus, 360 Total Security, ESET NOD32. We will start with an introduction and brief information about each of them.

Avast Free Antivirus- one of the most famous free antiviruses. Avast includes the AutoSandbox feature, which automatically places suspicious files in a so-called “sandbox”, where you can fully analyze the file and then disinfect it if necessary. This function saves a large percentage of information from automatic deletion, which in turn helps prevent problems and errors that arise as a result of accidental damage to system files. Avast also has remote support, allowing users to connect to each other for mutual assistance. Overall, Avast Free Antivirus is a good choice for the average user, providing good security and protection to the system.

360 Total Security- a little less than Avast, but still a fairly well-known antivirus that relies on reliability and simplicity, according to its creators. It will appeal to a variety of categories of users. For beginners, it will be convenient to have strong automation of antivirus functions that protect the computer without direct user participation. For experienced users, there are flexible application settings, the ability to optimize system performance through an antivirus, and the ability to create several profiles with different settings.

Panda Antivirus is positioned by the developers as an easy-to-use, but reliable and effective antivirus. Let's take a look at its functionality. Most of the features are automated, including automatically scanning your computer for threats. There is a function of the anti-virus boot disk Panda Cloud Cleaner, which allows you to cure the system when it cannot boot itself due to infection.

ESET NOD32 - A fairly effective antivirus with an aggressive approach to detecting and neutralizing threats. Here are just some of its functions: several levels of protection against various variations of unwanted software and viruses; firewall with the ability to customize to encrypt the connection; parental controls; scanning of connected devices. Unfortunately, such an abundance of functions significantly increases the load on the system.

So, for clarity, we present the results of the analysis of the characteristics and functionality of anti-virus programs in tabular form (Table 1).

From Table 1 we see that if we talk about the number of different functions, then the undisputed leader will be ESET NOD32, and the least reliable are Panda Antivirus and 360 Total Security. Now let's test the interaction of antiviruses with the system. The test results are presented in Table 2.

Table 1-Results of a comparative analysis of the characteristics and functionality of antivirus programs

Antivirus functionality

Avast Free Antivirus

360 Total Security

Antivirus scanner and antivirus monitor

Personal data protection

Heuristic algorithm

Presence of a firewall

Email protection

Possibility of working in the cloud

Intrusion detection and prevention system

Antispam

Update system

Web protection

Behavior blocker

Table 2-Results of tests for interaction of antiviruses with the system

In tests it showed itself to be the “lightest” for the system Avast Free Antivirus.360 Total Security And Panda Antivirus are slightly inferior in scanning speed, while ESET NOD32 almost keeps up. In terms of memory usage, Avast and Panda are the favorites. ESET NOD32 and 360 Total Security consume significantly more memory.

Thus, the most optimal antivirus option is Avast Free Antivirus, which showed good results both in the review of functionality and in tests. antivirus review security optimal

ESET NOD32 is also a good option, but, as previously mentioned, it significantly loads the system.

360 Total Security and Panda Antivirus are good choices for beginners due to the automation of many functions and a nice, simple interface, but they are still inferior to the first two antiviruses in terms of security settings.

Bibliography

1. Gaisina A.D., Makhmutova M.V. Problems of ensuring information security of an automated enterprise system / In the collection: Modern instrumental systems, information technologies and innovations. Collection of scientific papers of the XIIth International Scientific and Practical Conference. Responsible editor: Gorokhov A.A. 2015. pp. 290-293.

2. Bobrova I.I. Information security of cloud technologies /In the collection: Information security and issues of preventing cyber extremism among youth. Materials of the intra-university conference. Edited by G.N. Chusavitina, E.V. Chernova, O.L. Kolobova. 2015. pp. 80-84

3. Chernova E.V., Bobrova I.I., Movchan I.N., Trofimov E.G., Zerkina N.N., Chusavitina G.N. Teachers training for prevention of pupils deviant behavior in ICT/ In the collection: Proceedings of the 2016 Conference on Information Technologies in Science, Management, Social Sphere and Medicine (ITSMSSM 2016) 2016. pp. 294-297.

4. Makhmutova M.V., Podkolzina L.V., Makhmutov R.R. Application of innovative educational technologies in the study of the fundamentals of information security of organizational management systems / M.V. Makhmutova, L.V. Podkolzina, R.R. Makhmutov // In the collection: Information security and issues of preventing cyber extremism among youth. Materials of the intra-university conference. Edited by G.N. Chusavitina, E.V. Chernova, O.L. Kolobova. 2015. pp. 297-305.

Posted on Allbest.ru

...

Similar documents

    The concept of computer viruses, their types and classification. The main signs of a computer infection. Kaspersky Anti-Virus, Dr.Web CureIt, Nod32, Avast, Norton AntiVirus, Panda, McAfee, Avira Free Antivirus, ADinf32, NANO Anti-Virus, 360 Total Security.

    presentation, added 05/14/2016

    The emergence of computer viruses, their classification. The problem of antivirus programs fighting computer viruses. Conducting a comparative analysis of modern antivirus tools: Kaspersky, Panda Antivirus, Nod 32, Dr. Web. Virus search methods.

    course work, added 11/27/2010

    Basic functional and technological capabilities of the Total Commander file manager. Practical skills in using anti-virus programs using the example of the NOD32 program. Features of using the main and additional features of Total Commander.

    laboratory work, added 03/08/2010

    The most popular and effective types of antivirus programs. List of the most common antivirus programs in Russia. Procedure to follow if a virus penetrates your computer. The role of anti-virus protection and its choice for safe computer operation.

    presentation, added 06/08/2010

    Functional diagram of a local computer network and its information flows. Classification of information security means. Types of antivirus programs: Kaspersky, Trend Micro ServerProtect for Microsoft Windows, Panda Security for File Servers, Eset Nod32.

    thesis, added 01/19/2014

    Comparative characteristics of anti-virus programs. Developer company and characteristics of the Eset Smart Security program, form of license sales and structure of information security modules. Purpose of the Eset SysInspector utility. Rules for correct updating.

    test, added 03/10/2011

    The concept of computer viruses, their types, basic detection methods. Classification of anti-virus software and their comparative analysis. The essence of Kaspersky Anti-Virus, Doctor Web, Norton AntiVirus Professional Edition, NOD 32 Antivirus System.

    practice report, added 04/07/2010

    Installing and using antivirus programs. Determining the speed of scanning files for viruses. Checking anti-virus programs for the effectiveness of searching for infected files. Antivirus programs NOD32, Dr. WEB, Kaspersky Internet Security.

    course work, added 01/15/2010

    Concept and classification of computer viruses. Basic methods of protecting information from viruses. Review of modern software for safe computer operation. Classification of antiviruses. Kaspersky Antivirus, Norton Antivirus, Dr.Weber, Eset NOD32.

    course work, added 10/26/2015

    General information, concept and types of computer viruses. Creation of computer viruses as a type of crime. Paths of penetration of viruses and signs of their appearance in a computer. Antivirus products. Comparative analysis of antivirus programs.

In this comparative testing, we examined the effectiveness of antivirus and HIPS programs in countering the latest types of malware transmitted to users in the most common way today - through infected websites.

Introduction

Almost all tests of antiviruses for the quality of protection carried out by other laboratories (AV-Test.org, AV-Comparatives.org) were subject to critical comments from the professional community about their being somewhat synthetic or disconnected from real life.

The first and main complaint was that when scanning file collections, only some components of anti-virus protection are tested, such as classic signature detection or heuristics, while the possible contribution of relatively new technologies, such as behavioral analysis or HIPS, is not taken into account. In addition, the work of other protection components included in modern “combines” (Internet Security class products) in addition to antivirus is not taken into account, for example, Firewall/IDS (can detect suspicious traffic and signal infection), checking HTTP traffic on the fly, etc. .

The second good reason is that the actual user is not storing and running legacy malware on their hard drive. As a rule, it receives new samples, from which its antivirus may not protect it. The methods by which malware gets onto your computer are also important. Infection can occur when opening a link received in some way (via e-mail, ICQ, etc.) or simply found in a search engine, opening a file attached to a letter, a file downloaded from the network, or copied from an external storage device.

Their effectiveness can largely depend on the method of penetration, since for some antiviruses the threat of infection can be eliminated even at the stage of attempting to activate a malicious script on a web page, while for others it can be eliminated only by activating a loader program loaded with an exploit; for a third it goes even further - when running a downloaded malicious program.

In our comparative testing, we studied the effectiveness of antiviruses in countering the latest types of malware transmitted to users the most common way now- through infected websites. To do this, we collected links to infected sites from various sources (daily collections of links from MessageLabs + help from our community). As a rule, each of us stumbles upon such links in search engines, receives them by e-mail, ICQ or other means of Internet communication, including social networks.

The essence of comparative testing is to verify complex antivirus capabilities in countering the latest threats in the form of malware distributed through infected websites.

Benchmarking Methodology

The test took place from August 5 to September 15, 2008. Before starting the test, the testing environment was prepared. To do this, a set of clean virtual machines was created running VMware Workstation 6.0.3, on which the Microsoft Windows XP Pro SP2 operating system was installed (the latest updates were deliberately not installed). Each machine individually had its own protection program installed from those listed below.

Whenever possible, we tested products for integrated protection of the Internet Security class, but if there were no such products in the vendor’s line, we used junior products in the line. As a result, the comparison involved:

  1. Avast Antivirus Professional 4.8-1229
  2. AVG Internet Security 8.0.156
  3. Avira Premium Security Suite 8.1.0.367
  4. BitDefender Internet Security 2008 (11.0.17)
  5. Dr.Web 4.44
  6. Eset Smart Security 3.0.667
  7. F-Secure Internet Security 2008 (8.00.103, aka STREAM.Antivirus)
  8. G DATA Internet Security 2008
  9. Kaspersky Internet Security 2009 (8.0.0.454)
  10. McAfee Internet Security Suite 8.1
  11. Microsoft Windows Live OneCare 2.5
  12. Norton Internet Security 2008 (15.5.0.23)
  13. Outpost Security Suite 2009 (6.5.2358)
  14. Panda Internet Security 2008 (12.01.00)
  15. Sophos Anti-Virus 7.3.5
  16. Trend Micro Internet Security 2008 (10/16/1182)
  17. VBA32 Workstation 3.12.8

Also included in the comparison were two special programs for proactive protection against the latest types of threats of the HIPS (Hosted Intrusion Prevention System) class:

  1. DefenseWall HIPS 2.45
  2. Safe"n"Sec Pro 3.12

Unfortunately, during the test and processing of the results obtained, some vendors released updates to their products, which could not be reflected in the final results.

It is important to note that all antiviruses were tested with standard default settings and with all current updates received automatically. At its core, the situation was simulated as if a simple user with one of the tested security programs installed, used the Internet and followed links of interest to him (obtained in one way or another, see above).

Selection of malware

For the test, links to sites infected only with the latest samples of malware were selected. What does "newest" mean? This means that these malware samples downloaded via links should not have been detected by file antiviruses of more than 20% of the list of tested products, which was checked through the VirusTotal service (in total, 38 different antivirus engines are connected to this service). If the selected samples were detected by someone, the verdicts were usually inaccurate (suspicion of infection or a packaged object).

The number of images that met these requirements was small, which significantly affected the size of the final sample and testing time. In total, over more than a month of testing, 34 working links to the latest malware were selected.

Evaluation of results

  1. Detection of an exploit on an open web page (malicious script) or blocking page opening by the anti-phishing module.
  2. Detection of a downloader program transmitted using an exploit (a special program that is used to download other malicious programs, such as a Trojan, onto the victim’s computer) web antivirus or file antivirus.
  3. Detection of downloaded malware during its installation process (usually through behavioral analysis).

For any of the above options for preventing infection, the antivirus was set to 1 point. No distinction was made, since from the user’s point of view, it does not matter at what stage and which particular protection component eliminated the threat of infection. The main thing is that it has been eliminated. If the infection was not prevented, including partially, then the antivirus was given 0 points.

In reality, this assessment system means the following. 1 point was given if an infection attempt was explicitly detected or a suspicious action was detected, and the infection was completely stopped provided the user made the correct choice in the dialog box (about detecting a dangerous action, preventing an infection attempt, detecting an attempt to run a suspicious program, detecting an attempt file changes, etc.). In all other cases, 0 points were given.

It is worth noting that in some cases the presence of a malicious program on the computer was detected after infection using a file monitor or firewall/IDS, but the antivirus could not cope with the infection. In this case, the antivirus was still given 0 points, since it did not protect against infection.

HIPS class programs were evaluated according to the same principle as antiviruses. They were given a score of 1 in all cases where malicious or suspicious activity was detected and infection was prevented.

Benchmark results

The final results of comparative testing of antivirus programs and HIPS are presented below in Figure 1 and Tables 1-2.

Figure 1: The effectiveness of various protection programs against the latest threats

Table 1: Effectiveness of antivirus programs against the latest threats

Antivirus

% of max (34)

Kaspersky

Avira

Sophos

BitDefender

F-Secure
(STREAM.Antivirus)

Dr.Web

G Data

Avast!

Outpost

Trend Micro

Microsoft

Eset

McAfee

Panda

Norton

VBA32

Among the antiviruses, the best were Kaspersky Internet Security, Avira Premium Security Suite and AVG Internet Security, which were able to prevent infections in 70% of cases or more. Sophos Anti-Virus, BitDefender Internet Security and F-Secure Internet Security (aka STREAM.Antivirus) turned out to be slightly worse, having overcome the 50% barrier.

The high protection rates of Kaspersky Internet Security are primarily due to the built-in HIPS component, which allows you to evaluate malicious ratings of any applications using reputation mechanisms (whitelisting).

Avira Premium Security proved to be effective due to its high level of detection of exploits (see Table 3 in the full test report) and packaged objects (meaning detection of malware based on the packager used in it). Proactive detection technologies in the products AVG Internet Security, Sophos Anti-Virus, BitDefender Internet Security and F-Secure Internet Security (STREAM.Antivirus), which took 3rd to 6th place respectively, turned out to be quite effective. The application control module (DeepGuard technology) was noticeable in the work of F-Secure Internet Security.

It is important to note that when malware was detected (alerts), many compared products were often unable to prevent infections.

Table 2: Effectiveness of HIPS against the latest threats

HIPS

Number of infections prevented

% of max (34)

DefenseWall HIPS

Safe"n"Sec

As can be seen from Table 2, among the HIPS class programs, DefenseWall HIPS showed a very high result, being able to detect attempts to infect the system almost 100%. Safe"n"Sec turned out to be less effective, but its results are still much better than many of the antiviruses compared in this article.

Safe"n"Sec and DefenseWall HIPS products are very different in their approaches to interacting with users. If Safe"n"Sec is similar in principle to anti-virus products and does not require special training, then with DefenseWall everything is not so simple. To learn how to use the latter effectively, you need to at least have certain knowledge and experience, and also carefully read the user manual.

It should be noted that the above results are not the ultimate truth, indicating the super reliability of some products and the weakness of others. The test does not pretend to be absolutely objective - this is a small study that should be the first step towards comparative testing of complex antivirus protection products.

This article should be considered as a trial step towards comprehensive testing of the real effectiveness of antivirus program protection. In the future, we plan to improve the methodology for such comparative testing: use a large sample of malware, record and conduct an accurate analysis of the effectiveness of various product components, etc.

  • Ibatullina Liliya Zulkafilovna, bachelor, student
  • Bashkir State Agrarian University
  • AVAST
  • KASPERSKY
  • ANTIVIRUS
  • DOCTOR WEB

This article talks about antivirus programs and their comparison.

  • Legal regulation of accounts receivable accounting in the Russian Federation

To protect the computer and personal data, every user of the Windows operating system wants to find and install a high-quality antivirus on their PC, since no one wants to at some point experience data loss or disruption of the PC. Accordingly, the question arises of choosing an antivirus program.

Many people have a question: which antivirus should you choose? It all starts with searching for information on the Internet: you read articles, visit websites and study people’s opinions, ask your friends, and in the end you come to the conclusion that there is no consensus.

In this article I would like to compare antiviruses and at least answer the question a little - which antivirus is better. And the best, in my opinion, are the three frequently used antiviruses - Kaspersky Internet Security, Avast! and Dr.Web.

The relevance of this topic lies in protecting your computer and choosing an affordable, convenient, effective, and most importantly, high-quality antivirus.

Kaspersky Anti-Virus is anti-virus software developed by Kaspersky Lab. Provides the user with protection against viruses, Trojans, spyware, and unknown threats using proactive protection that includes the HIPS component. In addition to virus protection, Kaspersky fights adware, scans Java and Visual Basic scripts, analyzes and blocks vulnerabilities in browsers. The advantages of Kaspersky anti-virus are a high level of protection against viruses and spyware, high functionality and flexibility in setting up protection, the ability to control traffic, check sites and all kinds of banners.

Dr. Web - an antivirus developed by Doctor Web, designed to protect against email and network worms, file viruses, Trojans, hacking tools and other malicious objects, as well as spam. Dr. Web shows average results in terms of load on computer resources and is somewhere between Kaspersky and Nod. Advantages of Dr. Web - the ability to control work on the Internet, a high degree of self-protection. Copying files, booting the system, browsing the web - all this happens quite quickly. The disadvantages include the fact that when scanning a computer, the consumption of system resources is increased.

Avast! - antivirus program for operating systems Windows, Linux, etc. In general, criticism of the antivirus is positive. Users like the free version, which has everything a home user needs without any restrictions. The main advantage of Avast! is its low resource consumption and high speed of scanner operation. However, there are also disadvantages. One of the most famous is insufficient anti-virus protection (sometimes it allows viruses even in the paid version) and in most cases, such files are deleted or moved to quarantine.

I myself use Kaspersky Anti-Virus. Personally, it evokes positive emotions for me. Nice design, pretty fast work. It also blocks vulnerabilities in browsers, which is very convenient. Naturally, you need to purchase a licensed version.

Thus, choosing the best antivirus program is not as easy as it seems at first glance. There is quite powerful protection from Kaspersky, but it does not spare computer resources. There are free Avast and Dr.Web - which are suitable for those who do not want to spend money on buying anti-virus programs.

In general, each program has its own advantages on some points and opposite indicators on others. Therefore, each user will have to decide for himself what is more important to him - speed, security, price or something else.

References

  1. kaspersky.ru – website of the Kaspersky company.
  2. drweb.com – website of the Dr.Web company.
  3. avast.com is the website of Avast.
  4. New generation viruses and antiviruses. Blazutskaya E.Yu., Sharafutdinov A.G. website. 2015. T. 1. No. 35. P. 92-94.
  5. Features of the functioning of personal subsidiary plots in regional agricultural clusters. Sharafutdinov A.G. In the collection: Topical issues of economic-statistical research and information technology, a collection of scientific articles: dedicated to the 40th anniversary of the creation of the Department of Statistics and Information Systems in Economics. Ministry of Agriculture of the Russian Federation, Bashkir State Agrarian University. Ufa, 2011. pp. 129-131.

Ensuring information security of systems is one of the primary issues. In modern society, information protection plays a particularly significant role, since the Internet is teeming with viruses and even the simplest of them can cause serious harm to the computer and the data stored on it. These threats can be of a wide variety of nature - disrupt the operation of the system by destroying important system files, steal important information, passwords, documents. This leads to dire consequences - from reinstalling the system to losing important data or money. Therefore, the question of choosing an antivirus program for your computer that can protect important data becomes very important. In this article we will look at some popular antiviruses and try to choose among them the most optimal one for the average user (most of them will be free, since, after all, free antiviruses are the most accessible to a wide audience of users). So, we will consider 4 antiviruses - Avast Free Antivirus, Panda Antivirus, 360 Total Security, ESET NOD32. We will start with an introduction and brief information about each of them.

As one might expect, it is impossible to name the best antivirus program among the programs reviewed, because there are many criteria that users can use when choosing. One thing is certain - all solutions deserve the attention of users and are considered worthy. At the same time, the most functional among them is Kaspersky Anti-Virus, which provides comprehensive protection against the widest range of threats and has impressive customization capabilities. But in terms of the combination of high functionality and ease of use (that is, ease of use and minimal “visibility” during background work), we liked Eset NOD32 more. Avast Antivirus! AntiVirus and Avira AntiVir are also undemanding of system resources and therefore behave modestly when working in the background, but their capabilities will not suit all users. In the first, for example, the level of heuristic analysis is insufficient, in the second there is no Russian-language localization yet and, in our opinion, the management of modules is not very conveniently organized. As for Norton AntiVirus and Dr.Web, despite all the popularity in the world of the first and the well-deserved recognition for the past merits of the second, the palm from the perspective we are considering is clearly not on their side. Norton AntiVirus, despite the fact that its latest version is much faster (compared to previous ones) in operation and has a better designed interface, still significantly loads the system and reacts rather slowly to the launch of certain functions. Although in fairness, it should be noted that it performs the scanning itself quickly. And Dr.Web is not very impressive compared to other antiviruses, because its capabilities are limited to protecting files and mail, but it has its advantage - it is the simplest among the antiviruses reviewed.

Table 1. Comparison of functionality of antivirus solutions

It is no less interesting, of course, to compare the antiviruses reviewed in terms of their effectiveness in detecting malicious software. This parameter is assessed in special and internationally recognized centers and laboratories, such as ICSA Labs, West Сoast Labs, Virus Bulletin, etc. The first two issue special certificates to those antiviruses that have passed a certain level of tests, but there is one caveat - all known antivirus packages today have such certificates (this is a certain minimum). The antivirus magazine Virus Bulletin tests a large number of antiviruses several times a year and, based on the results, awards them VB100%. Alas, today all popular viruses also have such awards, including, of course, the ones we reviewed. Therefore, let's try to analyze the results of other tests. We will focus on tests from the reputable Austrian laboratory Av-Comparatives.org, which is involved in testing antiviruses, and the Greek company Virus.gr, which specializes in testing antivirus programs and compiling antivirus ratings and is known for one of the largest collections of viruses. According to the results of the latest testing on Av-Comparatives.org, conducted in August 2009 for on-demand scanning (Table 2), among those examined, the Avira AntiVir Premium and Norton AntiVirus programs showed the best results. But Kaspersky Anti-Virus was able to detect only 97.1% of viruses, although calling this level of virus detection low, of course, is completely unfair. For greater information, we note that the volume of virus databases involved in this test amounted to more than 1.5 million malicious codes, and the difference is only 0.1% - this is neither more nor less, but 1.5 thousand malicious programs. As for speed, it is even more difficult to objectively compare solutions in this aspect, because scanning speed depends on many factors - in particular, whether the antivirus product uses emulation code, whether it is able to recognize complex polymorphic viruses, whether in-depth analysis of heuristic scanning is carried out and active scanning of rootkits, etc. All of the above points are directly related to the quality of virus recognition, therefore, in the case of anti-virus solutions, scanning speed is not the most important indicator of the effectiveness of their work. However, Av-Comparatives.org specialists considered it possible to evaluate the solutions, and according to this indicator, in the end, Avast came out on top among the antivirus programs under consideration! AntiVirus and Norton AntiVirus.

Table 2. Comparison of antivirus solutions in terms of their detection of malware (source - Av-Comparatives.org, August 2009)

Name Scan speed
Avira AntiVir Premium 8.2 99,7 Average
Norton AntiVirus 16.2 98,7 Fast
98,2 Fast
ESET NOD32 Antivirus 3.0 97,6 Average
Kaspersky Anti-Virus 8.0 97,1 Average
AVG Anti-Virus 8.0.234 93 Slow
Dr.Web anti-virus for Windows Not tested No data
PANDA Antivirus Pro 2010 Not tested No data

According to the results of the August testing of Virus.gr, presented in table. 3, the data is slightly different. Here the leaders are Kaspersky Anti-Virus 2010 with 98.67% and Avira AntiVir Premium 9.0 with 98.64%. By the way, it’s worth noting that the free Avira AntiVir Personal program, which uses the same signature databases and the same testing methods as the paid Avira AntiVir Premium, is quite a bit behind the commercial solution. The differences in results are due to the fact that different laboratories use different virus databases - of course, all such databases are based on the "In the Wild" collection of wild viruses, but it is supplemented by other viruses. It depends on what kind of viruses they are and what percentage of them are in the total database, which package will become the leader.

Table 3. Comparison of antivirus solutions in terms of their detection of malware (source - Virus.gr, August 2009)

Name Percentage of detection of different types of malware
Kaspersky Anti-Virus 2010 98,67
Avira AntiVir Premium 9.0 98,64
Avira AntiVir Personal 9.0 98,56
AVG Anti-Virus Free 8.5.392 97
ESET NOD32 Antivirus 4.0 95,97
Avast! AntiVirus Free 4.8 95,87
Norton AntiVirus Norton 16.5 87,37
Dr. Web 5.00 82,89
Panda 2009 9.00.00 70,8

It is also worth paying attention to the extent to which antiviruses can cope with unknown threats in practice - that is, the effectiveness of the proactive antivirus protection methods they use. This is extremely important, since all the leading experts in this field have long come to the consensus that this particular direction is the most promising in the antivirus market. Such testing was carried out by Anti-Malware.ru specialists in the period from December 3, 2008 to January 18, 2009. To conduct the test, they collected a collection of 5,166 unique codes of the latest malware while freezing the anti-virus databases. Among the antiviruses considered in this article, the best results were demonstrated by Avira AntiVir Premium and Dr.Web (Table 4), which were able to identify a relatively high number of malicious codes missing from their databases, however, the number of false positives for these antiviruses turned out to be high. Therefore, experts gave the laurels of championship in the form of the “Gold Proactive Protection Award” to completely different solutions. These are Kaspersky Anti-Virus, ESET NOD32 AntiVirus and BitDefender Antivirus, which turned out to be the best in terms of the balance of proactive detection and false positives. Their results were almost identical - the heuristic detection rate was 60% and the false positive rate was around 0.01-0.04%.

Table 4. Comparison of antivirus solutions in terms of the effectiveness of proactive antivirus protection (source - Anti-Malware.ru, January 2009)

Name Percentage of viruses detected False positive rate
Avira AntiVir Premium 8.2 71 0,13
Dr.Web 5.0 61 0,2
Kaspersky Anti-Virus 2009 60,6 0,01
ESET NOD32 AntiVirus 3.0 60,5 0,02
AVG Anti-Virus 8.0 58,1 0,02
Avast! AntiVirus Professional 4.8 53,3 0,03
Norton Anti-Virus 2009 51,5 0
Panda Antivirus 2009 37,9 0,02

From the above data, only one conclusion can be drawn - all the antivirus solutions considered can indeed be considered worthy of attention. However, when working in any of them, you should never forget about timely updating of signature databases, since the level of proactive protection methods in any of the programs is still far from ideal.