2018 AV comparison
-
I sifted through last years AV-Comparison charts and put some useful info into context (hopefully)
Feedback is welcome.
https://dr-flay.vivaldi.net/2018-anti-virus-comparison/ -
Very good summary, although currently all the major AV do their work well, even in their respective free versions.
The differences are usually minimal with respect to the detection of viruses and malware.
The choice of an AV depends more on the preferences of the user and the impact that the AV has on the operation of the system. -
Yeah often there is nothing to chose between them, so I figure long term consistency of being good should be the main factor of choice.
I have tweaked the wording at the end as I forgot to add some context as to why you may want to pick Avira over Bitdefender if you go the free route.
I could go into more depth there, but that would really require a separate post detailing all the differences. -
@Dr-Flay said in 2018 AV comparison:
Yeah often there is nothing to chose between them, so I figure long term consistency of being good should be the main factor of choice.
I have tweaked the wording at the end as I forgot to add some context as to why you may want to pick Avira over Bitdefender if you go the free route.
I could go into more depth there, but that would really require a separate post detailing all the differences.Before with Windows I have always used the Panda AV Free, very light and efficient. Highly recommended especially in systems with limited resources. The latest versions include even a VPN service.
-
I have been aware of it for a while as it does occasionally make it to the top 5, but Panda (like its namesake) seems to be very patchy.
2017 was a good year for them but 2018 not so.
https://www.av-comparatives.org/vendors/panda/
https://www.av-test.org/en/antivirus/home-windows/manufacturer/panda-security/There is 1 notable absent package "Qihoo 360",
The last few years results are gone since AV-Comparatives changed the site.
https://www.av-comparatives.org/vendors/qihoo/
https://www.av-test.org/en/antivirus/home-windows/manufacturer/qihoo-360/This comes with its own very poor virus definitions but also uses the Bitdefender and Avira definitions, so was always up with the top 5 as long as either Bitdefender or Avira were in the top 5.
I have tested it, as is is one of the only current solutions that still supports XP
(It's OK. I have Win 10 and 7 on other rigs).
It is not difficult to recommend it, as it is packed with useful features I never thought about in a computer security suite, and you get most of it for free.
Among its many features it will for example warn you if your camera or microphone have been activated.
While Microsoft are patting themselves on the back for finally adding sandbox features to Windows 10, Qihoo users have had that luxury for several years.
I concede that an OS solution may be better on that score, but in practice the Qihoo sandbox works very well and is easy enough for "normal" users to understand.However, and this is a big however, Qihoo are notably absent from recent tests.
This may be down to politics, or the incident where it was found they were faking their performance in the speed tests by disabling the emissions regulator....
Ummm, sorry that was VW, what I meant was they were found to have disabled their own engine during the tests to gain speed while relying on the superior Bitdefender and Avira.As for trusting a Chinese AV that will obviously send all unknown files back home, all I can say is do not allow ANY anti-virus to send confidential files from your device. Always enable interactive mode so you can allow/disallow the upload of unrecognised files.
(This is a tip that CIA operatives should learn). -
@Dr-Flay said in 2018 AV comparison:
I have been aware of it for a while as it does occasionally make it to the top 5, but Panda (like its namesake) seems to be very patchy.
2017 was a good year for them but 2018 not so.
https://www.av-comparatives.org/vendors/panda/
https://www.av-test.org/en/antivirus/home-windows/manufacturer/panda-security/There is 1 notable absent package "Qihoo 360",
The last few years results are gone since AV-Comparatives changed the site.
https://www.av-comparatives.org/vendors/qihoo/
https://www.av-test.org/en/antivirus/home-windows/manufacturer/qihoo-360/This comes with its own very poor virus definitions but also uses the Bitdefender and Avira definitions, so was always up with the top 5 as long as either Bitdefender or Avira were in the top 5.
I have tested it, as is is one of the only current solutions that still supports XP
(It's OK. I have Win 10 and 7 on other rigs).
It is not difficult to recommend it, as it is packed with useful features I never thought about in a computer security suite, and you get most of it for free.
Among its many features it will for example warn you if your camera or microphone have been activated.
While Microsoft are patting themselves on the back for finally adding sandbox features to Windows 10, Qihoo users have had that luxury for several years.
I concede that an OS solution may be better on that score, but in practice the Qihoo sandbox works very well and is easy enough for "normal" users to understand.However, and this is a big however, Qihoo are notably absent from recent tests.
This may be down to politics, or the incident where it was found they were faking their performance in the speed tests by disabling the emissions regulator....
Ummm, sorry that was VW, what I meant was they were found to have disabled their own engine during the tests to gain speed while relying on the superior Bitdefender and Avira.As for trusting a Chinese AV that will obviously send all unknown files back home, all I can say is do not allow ANY anti-virus to send confidential files from your device. Always enable interactive mode so you can allow/disallow the upload of unrecognised files.
(This is a tip that CIA operatives should learn).It is true that Panda last year had bad results in one of the tests, but it was a punctual thing to coincide with the change of format from Panda Cloud to the current Panda Dome, which apparently had some problems at the beginning, coinciding with the date of the test.
In the following comparisons of AV test was again among the first positions, as usual. -
Yes I noticed the differing rating for Panda at AV-Test, and also for most AV.
I have never quite known what to make of the results there for comparison.
They have a more general Protection rating and don't show false hit counts, where as AV-Comparatives have proactive, reactive, and real-world ratings.The old VB-100 quarterly chart used to be very handy to see the placings of various packages. The results there are generaly closer to the results at AV-Comparatives
Ideally an aggregate result from the main testing sites would be nice, but even then I'm not sure how accurate it would be as there are not many sources.
For transparency I will say that personally I tend to use Avira, as I am a beta tester.
I also find the Avira portal very useful to add and monitor other peoples devices I want to keep safe. Those users can all be using the free version.
Indeed I could do all the monitoring and management from a free account myself.Generally I rely on my years of experience in looking for malware to avoid suffering from malware, so any AV I use is the last line of defence.
These days it is also much easier to test files and links with remote services, or even automate some of that in the browser.
I stick with the premise that no sites or downloads are 100% safe, while browsers lack certain basic security features.
eg. I don't even trust the download link for Vivaldi as there is no DNSSec TLS/DANE validation possible for the domains, and no hashes to validate the file integrity.
If a DNS poisoning or man-in-the-middle were happening "all bets are off".Hopefully if Panda have sorted things out they will be more consistently in the top ranks of the charts on all the sites. I do think there is a good chance this will be a good year for them, though obviously charts are comparative, so others may also improve.
The past 2 years have shown all have struggled at points with the ever increasing flow of new malware, so I think there is also a very good chance we see a lot of ups and downs from everyone.
Thankfully as a lot of it has now moved from ransomware to crypto-mining so the risks have changed a bit.What I predict is that more AV companies will be focusing on IoT, router and network security, as the rise of botnets is being fuelled every day by more and more stupid smart devices.
I know Bitdefender and Avira have both started down this path, but I don't think the solutions from either vendor are very good. -
I currently use Linux. Although neither Linux is completely immune to malware, the danger is certainly not anywhere near the same as in Windows (at the moment). Reason therefore, that most AV companies do not even have an AV for this OS (there ClamTk and few others). However, many manufacturers have verifications, both for Android and for iOS, after all OSs related to Linux (Unix).
Maybe in the future, with a greater diffusion of Linux changes this, to focus more threats to this OS, currently minority. -
It puzzled me for a long time why many AV vendors that offer a bootable Live ISO, that contains a Linux AV scanner, why no effort to put a proper GUI on it and offer it for desktop downloads.
Obviously they are intended for scanning infested Windows machines, but you get my point.
Malware is malware, so as long as the engine can tell a good file or behaviour from bad, The OS shouldn't matter (other than access to privilege escalation).I have always pointed out that while the majority of malware is not aimed at Linux (or Mac), the majority of malware is distributed by Linux servers all around the globe.
Linux and Mac can and do harbour malware that simply waits to arrive on the right OS.If good quality AV scanning was available to Linux owners as standard for the same amount of years as Windows, a lot less sites would have been acting as time-bombs.
Thankfully we are seeing a rise in popularity of Linux, possibly a reaction to Win10 and the amount of games now coming out for Linux, but whatever reason, with it comes the rise in popularity as a target.
There are plenty of AV and security solutions for business users, but not so many for home users.
Mac users are seeing a lot more options available for them, but I wonder if that is more due to being a better source of money. -
Sure business reasons are at stake, talking about large companies and it is also clear that malware can have Linux in a server platform although I do not believe that the home user is the first recipient. To this the worst thing that can happen is some malware in the browser (highjackers and similar) although these with some scriptblocker can be avoided fairly well, if one does not click on any link or banner without checking, common sense after all It is the best AV.
It is curious that in smartphones, it is precisely the little used Windowsphone the most secure OS, practically immune to any malware, as was proven in a hacker convention some time ago, where Android and iOS fell in a few minutes, while in WindowsPhone after half an hour they left it impossible to access the system. It is strange, then, that MS has not incorporated this bomb-proof Sandbox architecture in its PC OS.
In Linux, a good measure, apart from the very complete repository for software, is to require a password for any program installation and for the modification of sensitive points in the system. In the case of an infection that remains anecdotic, just create a new user to have a clean OS again.
And in general the software for Linux is almost entirely OSS and FOSS, which downloading from their corresponding websites and GitHub is not usually a source of infection very likely. -
I've been using Avast for years now, before that I used F-secure. F-Secure got too bloated and slow and at the time Avast seemed like a light-weight and powerful AV.
Now I am thinking of moving to BitDefender, it seems lighter, or finding some other solution. I don't even use half the "features" of Avast Premier. I only want File/Web/Behaviour shields, sandbox, and the Software Updater. Even thinking of giving up paid AV and just sticking with M$ Defender and Firewall. I think I'm security-conscious enough to avoid the worst sh*t anyway.
I have no use for all the other crap Avast constantly try to push on me, and I have to pay for. Because I have their software they see it as a way to push ads my way for even more stuff. I have to actively turn off every one of their notification settings to avoid this constant nagging to get their "Ultimate Edition".
Their support has also gone to the dogs. Outsourced to India or something. So it's a week just to even get a reply for customer support, an another week for a new reply... they used to have really good tech support.
Is BitDefender better or worse when it comes to this kind of customer-spamming and nagging of "Get this advanced feature now, 20% off!"?
Seems like most of the big AV vendors are basically the same these days, their products even look almost exactly the same.
๐ปVolunteer helper ยท Forum moderator ยท Sopranos tester ๐ ๏ธTroubleshooting ๐Report a bug ๐Markdown help
๐ฆ"With a rubber duck, one's never alone" -Douglas Adams๐ฆ -
This was also a point, because I was with the Panda Free. In its free version, apart from a small banner on its main menu page, there are no warnings or reminders to go anywhere.
By default small pop-ups sometimes come out with news about new threats and news and safety tips, but this can be disabled in the configuration. Apart from this you will not find out about it, more than when it has intercepted some malware, which reports it with only a small box for a few seconds in a corner.
Infected installation files that downloads are blocked, before finishing the download, is tremendously fast. -
@Pathduck I don't remember if Bitdefender nag you. Possibly but it was not so problematic that it left an impression on me.
I think Avira free will usually show a popup each day, but that never bothered me much.
I think both companies rely on people paying because they like and trust it, rather than pressure and nagging.
You certainly should not be getting that crap from paid products. I am certain neither Bitdefender or Avira nag you to buy more once you paid.
Avira gives you a little launcher that has all their products in it. You just install the free stuff you can make use of, and ignore the others.Worth remembering that Avast got in trouble twice over selling customer data (also from other products such as CCleaner), so don't forget to find that option they had to add to not share your data.
AVG also got into trouble over the same thing, but now they are the same company so as a bonus you will get the same support and trust as Avast.I have to say, F-Secure were one of the consistent top 5 options for a long time, but the past couple of years they are also up and down like a yo-yo, but mainly the false positives rate has become consistently bad.
They are still a serious player in the security world, and 1 of those groups you often see news reports from about some new threat they cracked, and even though they are as bad as MS with false positives, I would probably use F-Secure.
If I enable runtime scanning in MSSEssentials on my laptops, they are so slow to do anything I feel like punching them.It is worth noting that the MS tests that were done a while ago to prove how secure Windows is using MS security, relied on having Enhanced Mitigation Experience Tool installed, and set to high security level (eg. not the default), and relying on smartscreen protection in IE and Edge to talk to MS AV, because it does not talk to non-MS browsers ( they could make extensions for other browsers, but choose not to).
Who do you know that ever installed EMET let alone changed it from the default "recommended" setting to high ?
(Even though now they integrated it into Win10, the settings are on default opt-in, not high security opt-out protections.)
Who do you know that opts to use IE or Edge because of security ?
The MS tests did not mirror the average (or indeed any) computer setup or use, so all those researchers that kept quoting it should actually spend some time looking at the evidence, and compare to their own use.In laymans terms, when I get a PC come in for deinfestation of malware, I can almost guarantee it is "protected" by 1 of 3 usual suspects.
Norton, McAfee or Microsoft.
Or a magic 8-ball. -
@Dr-Flay said in 2018 AV comparison:
@Pathduck I don't remember if Bitdefender nag you. Possibly but it was not so problematic that it left an impression on me.
I think Avira free will usually show a popup each day, but that never bothered me much.
I think both companies rely on people paying because they like and trust it, rather than pressure and nagging.
You certainly should not be getting that crap from paid products. I am certain neither Bitdefender or Avira nag you to buy more once you paid.
Avira gives you a little launcher that has all their products in it. You just install the free stuff you can make use of, and ignore the others.Worth remembering that Avast got in trouble twice over selling customer data (also from other products such as CCleaner), so don't forget to find that option they had to add to not share your data.
AVG also got into trouble over the same thing, but now they are the same company so as a bonus you will get the same support and trust as Avast.I have to say, F-Secure were one of the consistent top 5 options for a long time, but the past couple of years they are also up and down like a yo-yo, but mainly the false positives rate has become consistently bad.
They are still a serious player in the security world, and 1 of those groups you often see news reports from about some new threat they cracked, and even though they are as bad as MS with false positives, I would probably use F-Secure.
If I enable runtime scanning in MSSEssentials on my laptops, they are so slow to do anything I feel like punching them.It is worth noting that the MS tests that were done a while ago to prove how secure Windows is using MS security, relied on having Enhanced Mitigation Experience Tool installed, and set to high security level (eg. not the default), and relying on smartscreen protection in IE and Edge to talk to MS AV, because it does not talk to non-MS browsers ( they could make extensions for other browsers, but choose not to).
Who do you know that ever installed EMET let alone changed it from the default "recommended" setting to high ?
(Even though now they integrated it into Win10, the settings are on default opt-in, not high security opt-out protections.)
Who do you know that opts to use IE or Edge because of security ?
The MS tests did not mirror the average (or indeed any) computer setup or use, so all those researchers that kept quoting it should actually spend some time looking at the evidence, and compare to their own use.In laymans terms, when I get a PC come in for deinfestation of malware, I can almost guarantee it is "protected" by 1 of 3 usual suspects.
Norton, McAfee or Microsoft.
Or a magic 8-ball.It is true that the free versions of most current AV do not differ in their efficiency of the Pro versions, the latter as a rule have only a few additional functions (family filters personalized technical assistance, access to other tools, etc.) -
PS I have better experiences with Glary Utilities than with the CCleaner
-
Ppafflick moved this topic from Security & Privacy on
