It is not a rare case when malicious programs have functionality aimed at overriding or disrupting operation of the system’s antivirus protection. Thus contemporary antivirus products should be able to resist such attempts, that is, they should include self-protection functionality. This helps them to resist even the most complicated attacks, such as when malicious programs use a variety of methods to disable protection, and remove the infection using standard tools.
In this test we examine the self-protection capabilities of complex Internet Security antivirus products against possible malware attacks. This was the first time we tested the software under Windows 7 x64. As before all tests were carried out with local admin privileges on the following levels:
In addition, taking into account the test results of September 2010, we analyzed differences in self-protection performance of antivirus products under Windows 7 x86 and x64.
Antivirus product self-protection testing methodology »
Analysis of self-protection test results and awards »
Основные результаты тестирования
![]() Platinum Self-Protection Award Download GIF image (500х500px) |
Kaspersky Internet Security 2011 (100%) |
![]() Gold Self-Protection Award Download GIF image (500х500px) |
ZoneAlarm Internet Security Suite 2010 (97%) |
![]() Silver Self-Protection Award Download GIF image (500х500px) |
AVG Internet Security 2011 (77%) |
![]() Bronze Self-Protection Award Download GIF image (500х500px) |
Eset Smart Security 4.2 (59%) |
Failed |
Microsoft Security Essentials 1.0 (30%) |
Key results of the testing of antivirus products in HTML»
Complete results for each antivirus product are available only in PDF or Microsoft Excel format:
Online criminal activities are gaining momentum faster than ever. Both the rate at which new types and modifications of malicious programs appear and the complexity of malware are on the rise. Cybercriminals use increasingly sophisticated methods, including masking the presence of a malicious program in the system, compression, encryption and incapacitating antivirus solutions.
Social engineering techniques make it easy to entice users to download and launch malicious programs as yet unknown by antivirus solutions. In such cases, in order to gain complete and uninterrupted control over the system, malicious programs search for an antivirus program, firewall or other protective solution in order to disrupt its operation.
Consequently, contemporary antivirus products should be able to resist such attempts, that is, they should include self-protection functionality. This helps them to resist even the most complicated attacks, such as when malicious programs use a variety of methods to disable protection, and remove the infection using standard tools after receiving the appropriate antivirus database updates.
In the test described below, we analyzed the self-protection capabilities of antivirus solutions that run under Windows XP SP3 and Windows 7 x86. Self-protection from the following types of attacks was analyzed:
Antivirus product self-protection testing methodology »
Analysis of self-protection test results and awards »
Test results (September 28, 2010)
Award | Products |
![]() Platinum Self-Protection Award Download GIF image (500х500px) |
Kaspersky Internet Security 2011 (100%) DrWeb Security Space 6.0 (99%) |
Gold Self-Protection Award |
Online Solutions Security Suite 1.5 (97%) Outpost Security Suite Pro 2010 (97%) Norton Internet Security 2010 (91%) Avast! Internet Security 5.0 (91%) Comodo Internet Security 4.1 (89%) Avira Premium Security Suite 10.0 (88%) BitDefender Internet Security 2011 (86%) ZoneAlarm Internet Security Suite 2010 (86%) |
Silver Self-Protection Award |
Eset Smart Security 4.2 (76%) Panda Internet Security 2011 (70%) G DATA Internet Security 2011 (70%) McAfee Internet Security 2010 (63%) |
Bronze Self-Protection Award |
AVG Internet Security 9.0 (59%) F-Secure Internet Security 2010 (57%) VBA32 Personal 3.12 (55%) Trend Micro Internet Security 2010 (50%) PC Tools Internet Security 2010 (49%) |
Failed | Microsoft Security Essentials 1.0 (29%) |
Key results of the testing of antivirus products in HTML»
Complete results for each antivirus product are available only in PDF or Microsoft Excel format:
Complete testing results in PDF format »
Complete testing results in Microsoft Excel format »
Our test was the first in the world to check how really effective are these popular filters in protecting children from unwelcome Internet-sites. The test results must help parents to choose the best and most qualitative protection for their children familiarizing with the global network.
It is worth mentioning that we did not compare the products functions, any settings and functions availability in this test. We checked the filters performance only based on the assumption that a child has Internet access and parental control is customized in accordance with the manufacturer’s recommendations.
Key results of the testing
Key results for parental control test in HTML»
In these days, rootkit technologies are gaining more and more popularity with virus writers. The cause for this is quite obvious: they make it possible to hide malware and its components from PC users and antivirus programs. You can find the source codes for ready-made rootkits easily in the Internet free access that inevitably brings about widespread of this technology in various Trojan software or spywares.
Rootkit (from the English root kit) is software for hiding the malefactor’s or malware presence traces in the system. Rootkit technologies allow the malware to hide its activity in the victim’s computer by disguising the files, processes as well as its presence in the system.
A lot of specialized software products known as anti-rootkits exist for malware detecting and removing.
The aim of this test is to evaluate the ability of the most popular antivirus and anti-rootkit products to detect and remove malicious programs (‘in-the-wild’ samples) that use rootkit technologies and actively circulate over the InternetWide-spread ITW malware testing gives us a good idea of how well the antirootkit software under analysis can cope with well-known rootkits.
It should be noted that although testing of in-the-wild malware samples is of real practical use, there is also a great deal of research value in ascertaining the capabilities of proactive detection when combating the hidden threat of rootkits.
Key results of the testing
Award | Products |
![]() Gold Anti-Rootkit Protection Award |
GMER 1.0.15.15281 (10,5 из 12 баллов) |
![]() Silver Anti-Rootkit Protection Award |
RootRepeal 1.3.5 (9 из 12 баллов) |
![]() Bronze Anti-Rootkit Protection Award |
SysReveal 1.0.0.27 (6,5 из 12 баллов) |
Failed
|
Trend Micro RootkitBuster 2.80 (3 из 12 баллов) |
Key test results for detection and removal of rootkits by anti-rootkit software in HTML»
Complete results for each antivirus product are available only in PDF or Microsoft Excel format:
Complite testing results in PDF format »
Complete testing results in Microsoft Excel format »
Thousands of new malware samples appear on the Internet every day. Virus-writers invent more and more new methods to prevent detecting and removing malware code from the system such as using rootkit-technology masking. No antivirus can guarantee 100% protection of your computer under such conditions that is why an ordinary user will always run into a risk of infection even if he has an antivirus protection installed.
In many cases, a malware let into your computer can stay unnoticed for quite a log time even if an antivirus is installed. In this case, a user will have a false feeling of protection as his antivirus will not alarm any danger while the malefactors will be collecting confidential information or use his computer capacities with the help of their active malware application. If also often happens that an antivirus detects a malware but cannot delete it that makes the user apply for technical support or remove infection by himself using some extra tools.
Antivirus vendors can protect their customers developing malware detection and removing technologies. But practice proves that only some of them pay due attention to this protection aspect.
The objective of this test is to check personal antiviruses for their capacity to detect and remove malware successfully (without interfering with operation system operability) after it penetrated into your computer, started acting and hid its activity.
Methodology used for testing antiviruses for the treatment of active infections »
Analysis of test results and awards »
Contents:
- Introduction
- Comparison of healing possibilities
- Final test results and awards
- Analysis of changes as compared to the previous tests
Key results of the testing
|
Dr.Web Anti-Virus 5.00 (81%) |
|
Avast! Professional Edition 4.8 (63%) |
|
Norton AntiVirus 2010 (56%) |
Failed |
Panda Antivirus 2010 (38%) |
Key results of the testing of antivirus products for the treatment of active infections in HTML»
Complete results for each antivirus product are available only in PDF or Microsoft Excel format:
Antivirus performance is the most important characteristic for most users as well as the quality of protection itself. This characteristic is the one that both home users and corporate customers pay their attention to when buying an antivirus. Nobody needs powerful but too resource-intensive protection with which you just cannot use your computer for doing what you would like to.
If the protection quality is very hard to evaluate all by yourself it is quite easy to notice immediately when the operating system and other programs slowdown or file copying and web-pages downloading "hang up". A reliable and practically unnoticeable antivirus is the biggest dream of every usual user.
The objective of this test is to show how personal antivirus software influences the typical operations performed by the user, slows down its work and utilizes the system resources.
While performing the tests, we measured and compared parameters having a direct influence on the user's perception of antivirus performance, namely:
The test results give a clear idea of the performance of antivirus represented in the market. Having compared this information with Anti-Malware.ru test results, every user can make an informed choice in favor of this or that antivirus solution.
Methodology used for antivirus performance testing »
Analysis of the test results and awards »
Contents:
- Introduction
- Antivirus effect on the operation system boot time
- Antivirus resource-intensiveness comparison
- On-access antivirus scanner performance comparison
- On-demand antivirus scanner performance comparison
- Antivirus performance comparison for office applications
Key results of the testing
Award |
The fastest antivirus on-access scanners | The fastest antivirus on-demand scanners | The fastest office application antivirus scanners |
Platinum Award | ![]() Avast |
![]() Avira |
![]() - |
Gold Award | ![]() Avira Norton BitDefender Sophos AVG Kaspersky Panda |
![]() Kaspersky Norton BitDefender F-Secure Outpost |
![]() BitDefender Avira McAfee Microsoft Eset Avast AVG |
Silver Award | ![]() Trend Micro F-Secure Outpost |
![]() Trend Micro Avast Sophos AVG Panda |
![]() Dr.Web VirusBlokAda Sophos |
Bronze Award | ![]() Eset |
![]() McAfee VirusBlokAda Eset |
![]() Outpost Panda |
No award |
McAfee Microsoft Dr.Web VirusBlokAda |
Microsoft Dr.Web |
Kaspersky Norton F-Secure Trend Micro |
Key results from the antivirus antivirus preformance test in HTML»
Complete results for each antivirus product are available only in Microsoft Excel format:
Recent comments
49 weeks 2 days ago
2 years 2 weeks ago
2 years 2 weeks ago
2 years 5 weeks ago
2 years 15 weeks ago
2 years 19 weeks ago
2 years 19 weeks ago
2 years 19 weeks ago
2 years 34 weeks ago
2 years 45 weeks ago