More viruses, more protection? In the stress test we show how well the new security suites protect against the flood of malware.
You would have to look deep into the architecture of the security suites to understand the developments made in the 2012 version. Even though nothing much appears changed, it’s worthwhile to take a closer look. How will these antivirus programs with their improvements fare against the current malwares, we test just that in the AV test lab. We are very keen to see if the developers have ironed out the biggest weakness of the software that was seen in the 2011 version – poor system disinfection.
The biggest danger for computer users currently is the sheer number of newer variants of known malware that keep popping up. Symantec registered a total of 286 million different viruses, Trojans, backdoors and others in the last year. Most of these exist on the web for a very short while – 75 percent of the malware do not affect more than 50 computers worldwide.
Collected knowledge about viruses
There are two sets of solution to fight malware: Information about viruses should spread quickly over the cloud, unknown malware should be better recognized with real time protection. Kaspersky distributes updates for new viruses to users just after 90 seconds they are out. Even ESET, one of the few products till now without a cloud connection, has followed suit with Smart Security 5. The result is remarkable: the latter that was beaten last year, this year Smart Security 5 recognizes and blocks all unknown malware without any errors. ESET now effectively detects even the malware programmed in the laboratory (zoo malware) with which AV-test checks the recognition mechanism. Together with improved system performance, the program catapults itself from the last place directly into the top group. Even in real time protection, which recognizes threat with the help of behavioural detection technology, developers have beefed up security. According to Stefan Wesche, Technical Expert Norton Products, the latest version of Norton Internet Security, supervises over 120 new behaviours in the active processes in real time. G Data has integrated proactive protection against online banking Trojans like Zeus. Both programs are among the best in malware recognition last year. Microsoft’s free scanner Security Essentials cannot exactly keep up with them, however it’s more effective than other full suites and even pushes McAfee to the last rank. Its Internet Security 2012 recognized too few malware like its predecessor. Even when McAfee assured us that there will be technical innovations in the beginning of the year 2012, we do not recommend the program in its current state.
Finally, better system disinfection?
 |
| System DISINFECTION : In comparison to last year, the cleaning of infected systems has improved. |
Stopped instead of removed
A cleaner and more secure computer is one thing, but it should also be fast. At least the security suite should not overly slow down the system. AV-test analysed the system load on a desktop PC running Windows 7 Ultimate, powered by a quad-core Intel Xeon CPU (2.83 GHz) and 4 GB of RAM. Typical tasks such as system startup, file transfer, download, website loading, application installation and launching were timed. Contrary to the widely spreading prejudice, Norton was the frontrunner in the overall performance test. This is not surprising since Norton was already at the second place last year in this assessment. What is remarkable is just the minimal lag in Windows startup in the range of milliseconds. Moreover, Norton scanned downloaded files faster than the competition and allowed programs such as Adobe Acrobat Reader or LibreOffice to install smoothly – only Avira and McAfee were better here. The activity for which the computer is most often used by many is very dangerous: surfing the web. According to Symantec, the number of web-based malware attacks has increased in the past year by 93 percent. Here, the security programs had to take a closer look without slowing down the browser. With the help of the information stored in the cloud database, the virus scanner analyses the reputation of the website you have opened. This is based on the experiences of the clients connected to the cloud – if the website has been identified as a source for viruses and malicious content, then it is directly blocked. For unknown sites, the scan engine analyses the downloaded HTML or Java Script code on the computer. The 2012 Internet Security suite from G Data seems to look even closer since it required a little more time to load sites such as Amazon, YouTube or Wikipedia – and that with a 100 Mbps dedicated line in the test laboratory. Neither the testers from AV-Test nor those from G Data could explain this. However, one reason could be the time-consuming scan with a second engine which had brought G Data to the last place in the performance assessment last year. For users who feel that the system should be fast with an antivirus installed, G Data shouldn’t be the first preference. However, for protection-oriented users, it offers the second best recognition rate in the test.
Less added value through new extras
 |
System LOAD :
Some suites slow down the computer to a great extent
during tasks like system start or downloading
|
Verdict
 |
First Runner Up : Kaspersky Internet Security 2012 uses a cloud-based
reputation database for effective threat detection.
|
Test winner
F-Secure offers the best protection and an easily understandable interface.
 |
Test winner : The Online Safety module in F-Secure Internet Security 2012 allows limiting
web access.
|
