Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

September 20th, 2009

Did Avast win the latest AV-Comparatives?

AV-Comparatives is one of the most respected antivirus comparison tests in the world and is performed twice a year. The latest test results were published over the weekend and we did very, very well. Although they never name an overall winner, I think if they did do so, we would have been the overall winner. At a minimum we handily beat virtually all of the premium products. This time around 16 products were tested including Symantec/Norton, McAfee, AVG, Avira, and Kaspersky.

AV-Comparatives is an interesting test because it measures all three elements a user should be looking at to choose the right AntiVirus product—the ability to detect malware; the ability to not falsely detect malware; and speed. So, the best product is not necessarily the one with the best detection—it is the one with the best blend of these three elements. These elements can be mutually exclusive and it is very hard to get top scores in each category. Products that detect a lot of malware can over-detect and have a lot of false positives which severely hinders users. A low number of false positives can imply a poor ability to detect malware. And it is very easy to do nothing very fast but increasing speed tends to lower the ability to detect malware.

AV-Comparatives assigns each product one of four scores: A+, A, Standard, and Tested (a nice euphemism for failed). To get an A+ one has to have 97% detection and fewer than 15 false positives.

This time around, we were the only AV product to score in the top-5 in each category (and no, that does not mean we were 5th in each category). We were #5 in Detection, #2 in False Positives, and #1 in Speed.

  1. Detect Malware. AV-Comparatives runs about 4 million malware samples through the products. One set of 2.5 million is old and they expect all products to detect them. Then they run a set of 1.5 million newer samples. To get a top score one must detect at least 97% of this second set. We scored a 98% for the #5 ranking. But, two of the higher detectors (Avira and McAfee) were downgraded for excessive False Positives. The top performer in this category was GData—a product that uses two AV engines (one of which is Avast) so it can maximize detections but at the expense of speed, false positives, and footprint. The only single engine A+ rated product with a higher detection than us was Norton and it was only slightly higher (98.3%). Many well known products such as Microsoft, AVG and Kaspersky failed to make the 97% threshold.
  2. Not detect false positives. If a product finds more than 15 false positives in the clean set, its score is lowered. This happened to us 6 months ago when we had too many false positives and we got downgraded from an A+ to an A. We spent a lot of time in the recent months upgrading our ability to not detect false positives—we added over 1TB and 150,000 files to our known clean set. The result was fantastic as we had only 5 false positives for the 2nd position and we were only 1 false positive behind the category leader. Some of the big names had tremendous problems this time around. McAfee with their “in the cloud” detection had 41 False Positives. Avira was downgraded to an A rating because of 21 false positives. Symantec barely made the A+ cutoff with 13 false positives.
  3. Process quickly (i.e. speed). We are usually in the top 1/3rd but we have been spending time optimizing our product and this time around we got the #1 position. Slightly behind us was Norton who has been heavily advertising the “Need for Speed”. We agree. Customers need speed—a fast product with high detection and few false positives. And that is Avast! Most competitors had speeds half of ours and some (such as Microsoft) were about three times slower.

So, were we the best overall? I think so.  Check out the results for yourselves and make your own decision: www.av-comparatives.org.   To find the report, click on the “On Demand Comparative August 2009″ link near the top right of the page.

  1. September 29th, 2009 at 20:57 | #1

    @Heather
    Heather, I think they are #2 and we are #1. They slightly beat us in detection. We slightly beat them in speed. We beat them by a large amount in false positives.

  2. Heather
    September 29th, 2009 at 21:05 | #2

    I would agree…but for a different reason…you guys are free, they are not.

    Question for you…what plans do you guys have to improve the UI for your products…seems like Symantec has done quite a lot of work on their product UIs. The product UI for the rest of your competitors (McAfee, AVG, etc) is aweful.

  3. September 29th, 2009 at 21:09 | #3

    @Vincent Steckler

    Thank you for information. :)

  4. September 29th, 2009 at 21:19 | #4

    @Vincent Steckler

    Avast is number one. I try Norton, AVG, Comodo, Avira, Kaspersky… Avast Pro is best for me and i use it. Good work. My PC very clean now. :)

  5. September 29th, 2009 at 21:44 | #5

    @Heather
    Heather…..try the V5 beta–maybe the folks in Santa Monica are already. You will see its UI is much different and better than the current. Consistency is also important. I find it difficult to use a product whose UI changes every year. Why should I have to re-learn a product constantly?

  6. September 30th, 2009 at 06:03 | #6

    Hi Vince,

    Good work for avast team, hopefully avast team keep consistently to earn a good quality. And then quantity will followed after quality.

    Regards,
    Yanto Chiang

  7. September 30th, 2009 at 12:04 | #7

    Eu estou precisando do registro do avast e ficarei muito agradecido se por gentileza vocês enviarem o registro do avast para o meu email:(paul_sergyo@hotmail.com)

    Obrigado a todos

  8. Björn Lundahl
    September 30th, 2009 at 21:43 | #8

    Vincent Steckler :
    OK, I have rewritten this posting several times for those that read quickly. Decided the simple answer is the best. First Bjorn, pardon our slowness but you did post on a Sunday and today (Monday) is a holiday here in the Czech Republic.
    The issue seems to be are we doing too much iNews? How about some other opinions? This is our way of communicating (NOT Selling) with our users. We have done 3-4 this year. Is that too much? Are they useful? What would you like to see?
    And Bjorn, I would hope that someone would not leave avast and use MSE over iNews. The first thing a security product should do is protect the user. OneCare (and MSE) got 14th out of 16 in this AV Comparatives–and just barely missed flunking the detection.

    Hi I have answered this and I wonder why my reply is not still here?

    I will reply again with a similar content to my last reply:

    You are right I was a little impatient.

    I think it is good with communication and news (if it is this it is all about) but
    what about the last pop up, was this about communicating or selling?

    The link to the last pop up that Alwil provided:

    http://www.avast.com/eng/news-at-avast.html

    Don´t you think that Microsoft did quite well in AV Comparatives test “Retrospective/Proactive Test, May 2009″?

    The link to that test:

    http://www.av-comparatives.org/images/stories/test/ondret/avc_report22.pdf

    I also want to point out that I am very grateful to Alwil as a company and satisfied with Avast as an antivirus software. The company and the product are the best.

  9. October 2nd, 2009 at 04:51 | #9

    Dear avast team,

    We glad to knew that avast earn award from AV Comparatives test, but we can’t open from : http://www.av-comparatives.org/images/stories/test/ondret/avc_report23.pdf

    If you don’t mind to share it with us, either for the summary report at this blog it would be a very informative to us to share with others.

    Regards,
    Yanto Chiang

  10. October 2nd, 2009 at 06:57 | #10

    @Yanto Chiang
    Hello Yanto. Instead of the direct link (which I just tried and it worked fine), just go to http://www.av-comparatives.org. Then click in the upper right where it says “On Demand Comparative August 2009″. That will take you to the report.

  11. Improvement?
    October 2nd, 2009 at 07:56 | #11

    Avast scored a 98.2% for malware detection,yes that is very good,however in the proactive/retrospective test(new/modifyed/changed malware) it only got a 42%. this is an outdated test results (both from av-comparatives.org mind you) and I think the new one will be coming out in a few months.

    But my question to avast is : are you going to improve on proactive security and detection? This is a big deal to me… seeing as how if a certain AV scores a 97.4% but a 59% in proactive testing,well that is something I can live with, I would really like to know if there is going to be an improvement here. As this decides which AV I will stick with.Or do we simply have to wait until the new test results come out for proactive/retrospective? If so, that is fine by me and I will wait patiently.

    P.S. I am not bashing avast in anyway (considering it’s currently installed >.>) I am just posing a question that is important to me.

  12. October 2nd, 2009 at 10:05 | #12

    j,knl

  13. vlk
    October 2nd, 2009 at 10:33 | #13

    Improvement? :
    But my question to avast is : are you going to improve on proactive security and detection? This is a big deal to me… seeing as how if a certain AV scores a 97.4% but a 59% in proactive testing,well that is something I can live with, I would really like to know if there is going to be an improvement here. As this decides which AV I will stick with.Or do we simply have to wait until the new test results come out for proactive/retrospective? If so, that is fine by me and I will wait patiently.

    Yes, the changes we have just recently added to the v4.8 engine, and more importantly, the changes implemented in v5, should bring these improvements. We expect to score somewhat better in the upcoming AV-C “proactive” tests than we did previously.

    On the other hand, I’d like to say that the way the “proactive” test is executed is not really that related to the real-world scenarios. What they’re basically doing is testing the AV with 3-month old definitions. But it’s still just an on-demand scanner that is tested — they don’t exercise any other protection layers of the product, such as: malicious URL blocking, drive-by download protection, behavior shielding etc. So, take these results with a grain of salt (as ever).

    Cheers
    Vlk

  14. Björn Lundahl
    October 2nd, 2009 at 13:17 | #14

    I would, though, think that the most important AV Comparative test is “On-demand Comparative” as this test overwhelmingly include about 1.500.000 malware and as above article suggest, Avast might be the winner. The “Retrospective/Proactive Test”
    include only about 22.000-23.000 malware.

    Björn Lundahl

  15. Pedro
    October 2nd, 2009 at 14:49 | #15

    @Paulo

    Para se registar e obter a chave de licença siga este link:
    http://www.avast.com/por/home-registration.php

  16. October 2nd, 2009 at 15:24 | #16

    @Björn Lundahl
    Good Day Bjorn. I too do not know where your previous posting is. It may have been flagged as Spam (they sometimes are). Our policy is to not delete any posting unless it is completely off subject. You can see we even kept the slightly sarcastic postings from a Symantec employee.

    As far as the last iNews, it had five elements. One was definitely a sales element–a discounted upgrade offer. The other four were informational. Two were I think fairly meaningful information–W7 certification and the spate of advertising malware. The other two were more publicity. Tell us what you would like or not like to see. And feel free to email directly; you have my email address.

    As far as the MSE/Microsoft performance in the Retrospective/Proactive test, we are suspicious of the testing methodology. It basically tests just signature and heuristic protections. The scores are uniformly pretty low–is the classical grading on a curve. The test does not take into account other ways of blocking malware before it is know by a signature. There is another posting here by Ondrej describing that. So yes, it did perform well on the test but that is not necessarily indicative of the real world in this case. We are hoping the testers will improve the methodology to look at a product holistically.

  17. Björn Lundahl
    October 3rd, 2009 at 01:08 | #17

    I was in a “antivirus testing mode” today and downloaded Antivir “Premium” and the GUI was just awful and messy. I was supposed to have 30 days trial but it kept remind me of that when I had booted the PC and when I was scanning it. It did not find anything either. It did not either seem to have much features. I uninstalled the whole thing and now I have Avast again.

  18. DarkLegend
    October 3rd, 2009 at 01:34 | #18

    This is a bit off subject,but at the same time it isn’t. I noticed avast only updates once a day (which drastically reduces the amount of issues as well as FP’s. Am I right?). Well, This is how it is still part of the subject as Updates have to do with how well it can score. No updates = doesn’t detect anything.

    So this is the question : why does avast have so little amount of updates? and will there be,preferably sometime very soon like in months, an increase in the amount of virus database signature updates? Or an increase in the amount of added viruses PER update?

    Norton has around (which has decreased as of lately mind you) 200 updates per day. I would agree that 200 is way to much and there can’t possibly be that many viruses that only they find and nobody else does. It makes me wonder what exactly is included in those updates. Or are they simply taking what they found over a period of time and spreading them out in small updates so that it seems like they have more than they do?

    Regardless, 200 updates is by far too many (to do any good or bring further security atleast). But the same could be said that 1 virus database update daily isn’t enough.

    So this is the question : why does avast have so little amount of updates? and will there be,preferably sometime very soon like in the months to come, an increase in the amount of virus database signature updates? Or an increase in the amount of added viruses PER update?

  19. October 3rd, 2009 at 09:16 | #19

    @DarkLegend
    Hello Dark Legend, this is much more complex topic than it seems on the surface. Most folks equate more frequent updates with better detection performance. But that is not necessarily true. I still remember an ad Symantec put out when they moved to the 200+ updates a day. They were trying to show that more updates = better detection. So they showed two tables. The first listed about 15 products and the number of updated they had a day. Symantec was #1 in the table with something like 232. Avast was dead last with 1. The table right next to it showed detections. Symantec was #1 but Avast was #2 and only very slightly behind.

    The other factors at play are:
    1. Sample collection–how many collectors are distributed and whether they are passing sample data back. This is where we excel with our over 90 million users. And not all AV products actually use their user computers as sample collectors. So just because someone has millions of users does not mean they collect samples from them. We do.
    2. How quickly samples are processed. We process all of our samples the day we receive them. I remember other companies in the past that processed very little of their data.
    3. What other types of detection are used. To detect 0-day threats, samples are imperfect. Instead heuristics and behavior detections are needed. We have these. Most products have heuristics but not that many (including MSE) have behavior detections.
    4. How generic can signatures be made. It is best for signatures to be pretty generic–they they have a greater possibility of detecting infections. But the better one is here, the worst the update count. Which is better–a product that needs 1 signature to detect 25 pieces of malware?…..or a product that needs 25 signatures to detect the same 25 pieces of malware? Our signatures tend to be very generic.

    So our detections right now are very, very good with only one update a day as we do the other elements very well–and probably better than most others do. But, to answer your question, we will be moving to “pulse” updates. Right now we release all signatures at the end of the European day (mid-day US). In the future we do plan to push out each signature as it is ready. While it won’t make a huge improvement in our detection, it will make this whole concept easier to message.

  20. Björn Lundahl
    October 3rd, 2009 at 09:40 | #20

    @Vincent Steckler

    Hi so if I want to avoid ads, publicity and all this information, I should upgrade?

    I have bought a professional edition with a three years subscription but I use that in my PC at work.

    I also have two laptops at home and this professional edition is quite expensive. That is why I use Home Edition at home and not the professional edition. It is a huge difference in price between Antivir Premium and Avast Professional. Antivir cost about 46 euro for three workstations and for a three year subscription. Avast cost about 171 euros!

    Björn Lundahl

  21. October 3rd, 2009 at 10:02 | #21

    @Björn Lundahl
    Hello again Bjorn. We have realized the price differences for multi-users vs. the competition. We are looking at how to change it for V5. In the industry, suites tend to be sold as 3-user and AV as single user. The 3-user products though tend to be limited to 3-users in the same household. We will be announcing pretty soon how we will do it. I do think it will solve your problem though.

  22. Björn Lundahl
    October 3rd, 2009 at 12:48 | #22

    @Vincent Steckler
    Thank you!

  23. Björn Lundahl
    October 3rd, 2009 at 18:47 | #23

    I wrote this:

    “Antivir cost about 46 euro for three workstations and for a three year subscription. Avast cost about 171 euros”

    This I will have to correct: Antivir cost about 110 euros for three workstations and for a three year subscripton. 46 euros is only for one workstation with a three years subscription.

    Björn Lundahl

  24. Björn Lundahl
    October 4th, 2009 at 00:51 | #24

    @Vincent Steckler

    Hi again, a thought caught me: do I actually avoid pop ups with inews in the professional edition? I can not remember that I have seen any pop ups in my professional Edition at work, but I am not sure.

    Björn Lundahl

  25. wonder
    October 5th, 2009 at 23:47 | #25

    Hi guys,a little information please:
    I notice that the updates are not so frequent in the last days..now are 23:40, and I’m still waiting for the daily update..
    I remember that untill 5 or 6 days ago there were at least 2 realase per day…

  26. wonder
    October 6th, 2009 at 00:00 | #26

    Ps. I didn’t read the Dark Legend’s topic, but, actually, my one is only to underline the daily updates decrease..it’s impossible for me to ignore this fact, since I prefer avast because of the update frequency :)

  27. October 6th, 2009 at 09:42 | #27

    @Vincent Steckler
    Hi Vince,

    I had been tried it many times, but still couldn’t download the file completely.
    Anyway, i got an information about malware tested file with some brands. I don’t know whether this is based on real action or not, please visit : http://www.medtecs.com.tw/

    Just for your information

    Regards,
    Yanto Chiang

  28. October 6th, 2009 at 16:01 | #28

    @Yanto Chiang
    Hi Yanto. I am not sure what you are trying to do.

  29. October 6th, 2009 at 16:01 | #29

    @wonder
    Hi Wonder. The updates are usually 1-2 a day.

  30. A. Senior
    October 7th, 2009 at 01:30 | #30

    I do not trust these tests, today was the home of a friend who used Avast Professional and was properly updated, but Windows showed errors and task manager was disabled, I installed NOD32 and it found 2 malwares after be removed from system, the task manager is returned to normal, I copied the files from quarantine of NOD32 and sent to virustotal

    1) —> http://www.virustotal.com/analisis/a06b66ea36adbb6b0507adb7567716e6631cc38aa3de08df9080928b950b6383-1254865381

    2) —> http://www.virustotal.com/analisis/8d2b46aa7d34c57626045f4f5e65043ce2d7c3f97e861f229b046c932603b203-1254865459

    Now answer me why I should trust this test?

  31. October 7th, 2009 at 02:50 | #31

    Great info…keep up the good work.Year back the reason for leaving Avast and migrating to other antivirus was only becoz..it gave lot of false positives…
    Keygens,crack patches give lot of false positives.. Really you need to improve..

  32. October 7th, 2009 at 04:50 | #32

    @Vincent Steckler
    Hi Vince,

    I am sorry, evidently my acrobat didn’t supported.
    But i had downloaded and could read Av Comparatives report already.

    Thanks for your support Vince

    Regards,
    yanto chiang

  33. October 7th, 2009 at 07:39 | #33

    @Tashi
    Hello Tashi. Keygens and crack patches can be expected to false positive….or even correctly alert. Hopefully you are not downloading those…..

  34. Björn Lundahl
    October 8th, 2009 at 13:57 | #34

    Björn Lundahl :
    @Vincent Steckler
    Hi again, a thought caught me: do I actually avoid pop ups with inews in the professional edition? I can not remember that I have seen any pop ups in my professional Edition at work, but I am not sure.
    Björn Lundahl

    Well now I have bought Avast Professional including two licenses for a three year subscription period. I downloaded and tested Antivir Professional and Bitdefender Antivirus but I did not really think they are good enough.

  35. Prem
    October 10th, 2009 at 08:36 | #35

    Dear Friends, i am using Avast Professional from January with no Issues till now. Its Excellent AV. Some Questions to be asked:-
    1.) Why So Less updates in one day – me 24/7 online – see only once update.
    2.) what ever Virus is detected is it send to the development team for review or not.
    3.) Can we have only Mal ware, Virus or ad ware scan functions only… like that, with no full system scan.

    Prem

  36. Buck
    October 10th, 2009 at 20:48 | #36

    I love AVAST, you have really caught up to the competition. I quit Symantec a couple of years ago over their customer service, after my hard drive crashed & I lost my license for the product I had purchased the month before. Instead of repaying for Norton Anti-Virus twice, I came to AVAST for free & now pay for the Professional Edition. The price of the product & quality beat the competition.

    My question is, does AVAST package an AV product license to cover PC & U3 devices? I’m accumulating several U3 flash drives (3) for work & would like to protect them without paying as much for the AV product as the U3 devices cost.
    Buck

  37. Björn Lundahl
    October 11th, 2009 at 11:28 | #37

    I think other antivirus vendors than Alwil produces a lot of hype. That is why I do not really trust many of them. Their software have a lot of features which are not needed but “they will sell” to the novice user. A lot of unnecessary features will also cause compatibility problems, disturbance and stress. Vincent has, for example, explained why “hourly updates” are necessarily not needed and that Avast still has a good detection rate despite that it only updates once or twice a day. That is very good, why update if it is not needed? But, of course, hourly updates “will sell”.

    When I, for example, tested BitDefender antivirus 2010 for about an half an hour it checked Windows update. I have Windows update enabled, so why should the company behind BitDefender named Softwin also check that the correct relevant security patches are installed? Does Microsoft not know what they are doing? But Microsoft made those patches and must therefore have the ability to choose which of them should be downloaded and installed. I have no reason to believe that Softwin knows this better. This is hype!! If it sells it sells!! Another “feature” I noticed was that BitDefender installed antiphishing capabilities in IE an Firefox. But they have those features already so why should I need this? It is only hype and Softwin might also sell the information where I am browsing. It is just awful! It also “informed” me that my password for logging in to Windows was a no good password. The truth is that I have no password at all for logging in to Windows but all my information that are for me relevant are instead encrypted in my PC, but BitDefender would not know this. So accordingly to BitDefender I had nine alerts or security problems. Well I thought that Bitdefender itself was the problem and uninstalled it. Hype, hype and hype!

    Björn Lundahl

Comment pages
1 2 594
Comments are closed.