Tag Archives: Avira

Drive-by Antivirus Test — Final Round

Crimepack control panel

Crimepack control panel

Here’s the final round of my antivirus drive-by test. Preparation for the drive-by test and setup configuration is described here (part 1) and here (part 2). First of all I wanted to see if major free antivirus programs would be effective against web threats. To make picture complete I also tested Norton Antivirus 2011 and ESET NOD32 Antivirus, yet surprisingly they did not show 100% protection as I expected from paid software. Again, it is important to note that I checked only the first lines of defence, because there are few of them to mention:  

1. web site blocking based on IP, from the list of known domains containing malware
2. detection of malicious scripts while browsing
3. detection of exploit code before a web browser triggers it
4. shell-code detection
5. detection of downloaded installer (based on virus signatures or heuristics analysis)  

As detection of sploit portion fully installed and functioning may take lots of man hours, I say an antivirus fails if it does not react up to 4th barrier, this is important to understand. 

Continue reading

Drive-by Antivirus Test — Avira AntiVir Personal 10.0.0.567

Avira AntiVir Personal

Avira AntiVir Personal 10.0.0.567 – Free Antivirus is under test today. Preparation is explained here (Part 1) and here (Part 2). I knew free edition of Avira would perform badly, as it is even stated on their website: no “AntiDrive-by [which] prevents against downloading viruses when surfing” and no “WebGuard [-] protection against malicious websites”. Anyway it did something, let’s see the results: 

Continue reading