Posted at 11:45 AM ET, 12/21/2005 Ranking Response Times for Anti-Virus Programs http://blogs.washingtonpost.com/securityfix/
Anti-virus researcher Andreas Marx of Av-Test.org has concluded an annual round of testing to see how well the various anti-virus programs responded to recent outbreaks of viruses and worms. The results appear to show that while the major anti-virus products are still having trouble keeping up with the massive glut of new malware, most are starting to do a better job. Marx measured how quickly the anti-virus products responded with updates enabling them to detect variants of the largest 16 Windows worm outbreaks of 2005, including "Bagle," "Bobax," "Bropia," "Fatso," "Kelvir," "Mydoom," "Mytob," "Sober" and "Wurmark." Average Response Time -- Product Name Between 0 and 2 hours------>Kaspersky Between 2 and 4 hours------>BitDefender, Dr. Web, F-Secure, Norman, Sophos Between 4 and 6 hours------>AntiVir, Command, Ikarus, Trend Micro Between 6 and 8 hours------>F-Prot, Panda Between 8 and 10 hours----->AVG, Avast, eTrust-INO, McAfee, VirusBuster Between 10 and 12 hours---->Symantec Between 12 and 14 hours---->[none] Between 14 and 16 hours---->[none] Between 16 and 18 hours---->[none] Between 18 and 20 hours---->eTrust-VET More than 20 hours----------->[none] For the record, here were the response times from similar tests Marx conducted last year: Average Response Time -- Product Name Between 0 and 2 hours------->[none] Between 2 and 4 hours------->BitDefender, Kaspersky Between 4 and 6 hours------->AntiVir, Dr. Web, F-Secure, Panda, RAV Between 6 and 8 hours------->Quickheal, Sophos Between 8 and 10 hours------>AVG, Command, F-Prot, Norman, Trend Micro, VirusBuster Between 10 and 12 hours---->Avast, eTrust-CA Between 12 and 14 hours---->Ikarus, McAfee Between 14 and 16 hours---->eTrust-VET, Symantec The research shows improvements by several anti-virus makers, including Kaspersky, Dr. Web, F-Secure, Norman, Symantec, Sophos, F-Prot, Avast, McAfee and VirusBuster. Anti-virus products that fared worse in this year's test include Panda and eTrust-VET (the latter being the same virus engine used by Zonelabs Antivirus). It is also interesting to note that some of the free anti-virus software out there (AntiVir, Avast, AVG, e.g.) actually fared better than some of the more widely used products, like McAfee and Symantec. The notable exception was the free anti-virus engine eTrust VET, which again ranked among the slowest for the second year running. Response times are, of course, just one measurement of the quality of an anti-virus product. The amount of system resources consumed by each anti-virus product, and the number of false positives (raising the alarm on something that turns out to be innocuous) also are very important factors for many companies and consumers in deciding which product to use. Marx noted that corporations are extremely intolerant of false-positives, so Symantec, McAfee and other vendors widely used in corporate environments tend to have a more complex quality-assurance process to weed out false positives; this often results in the companies taking longer to get virus definitions in place. On the other hand, smaller anti-virus companies, he said, tend to have more problems with false positives. Regardless of the strengths and weaknesses of various anti-virus products, it is important to note for Windows users that using any anti-virus product is far safer than having no anti-virus software installed. You are a subscribed member of the infowarrior list. Visit www.infowarrior.org for list information or to unsubscribe. This message may be redistributed freely in its entirety. Any and all copyrights appearing in list messages are maintained by their respective owners.