This test is based on the most trusted list of Anti-Malware applications made by our users, the poll was conducted in the past 2 months and after more then 10.000 votes we picked the top ten.

1. AVIRA
2. a-squared
3. Avast
4. Kaspersky
5. G Data
6. COMODO
7. Nod32
8. Norton
9. AVG
10 Dr.Web

We wanted to put this lineup trough a Real Time test to check out how effective they are when day have to block real time threats.

List of programs and program versions:

1. Avira AntiVir Premium Version: 9.0.0.441
2. a-squared Anti-Malware Version: 4.5.0.19
3. avast! Professiona Edition Version: 4.8.1335
4. Kaspersky Anti-Virus 2010 Version: 9.0.0.463
5. G Data AntiVirus 2010 Version: 20.0.1.1
6. COMODO Internet Security Version: 3.10.102363.531
7. ESET NOD32 Antivirus System Version: 4.0.437
8. Norton AntiVirus 2009 Version: 16.5.0.134
9. AVG Anti-Virus Professional Edition: 8.5.406/1617
10. Dr.Web anti-virus Version: 5.00.1.08030

We used 22 malicious applications in this test.

List of malware samples used in this test:

1. Trojan-Dropper.gen
MD5: 3c75ba631a2dc028c3e5fa0cecad09c2
2.Trojan.Win32.Obfuscated.gx
MD5: ef89d307be646bd47fb962ca00501c44
3. Backdoor.Win32.Bifrose.belf
MD5: ea14ff0df82fdd6278b2a5245f505adf
4. Trojan.Downloader.Win32.FraudLoad.eoj
MD5: 2fa6484fa509be89286d1c217b50a154
5. Trojan.Win32.Agent.cllv
MD5: 9717362718984a7e162f138ca5d1bb6f
6. Worm.Win32.AutoRun.gas
MD5: 520356f2a753375bd2819668fef04984
7. Trojan.Spy.Win32.Zbot.wcs
MD5: fd89ca4d6cd72c7dc8cb684902f56dc0
8. Trojan.Downloader.Win32.FraudLoad.eys
MD5: e329fd89ac7d0973ea384febee8b9de5
9. Trojan.Dropper.Win32.Agent.auoy
MD5: effe8947b3d694bf92e314778fc26497
10. Backdoor.Win32.Bifrose.baor
MD5: d8b1f0123196595bafa539b3c70b74c9
11. Email.Worm.Win32.Joleee.bvv
MD5: a8401d0c6bafa5cd81aaa18fef770084
12. Trojan.Spy.Win32.Zbot.vyo
MD5: bc652ab21de0bc50b26ddc4c231a978b
13. Net.Worm.Win32.Koobface.ahz
MD5: 26c8d8272bab57f8e525193d7084ae24
14. Rootkit.Win32.Agent.mos
MD5: c08a2004119382e89bda8bbf68d8fb76
15. Backdoor.Win32.SdBot.nng
MD5: 4fd364e00a98ce49205043cbbd2bee31
16. Rootkit.Win32.Small.acd
MD5: d608bc383e507f68f5e04964472c9503
17. Trojan.Downloader.Win32.FraudLoad.exw
MD5: c5b1f6ebb38577fa2840ac1cc9d423b3
18. Backdoor.Win32.UltimateDefender.hux
MD5: 97219653a5bbac138fcb96dee90f6ddb
19. Backdoor.Win32.Bifrose.bksm
MD5: 151a51b0f0d76b3c6f1e6ed9ba4fcae3
20. Trojan.Win32.Inject.ahdt
MD5: 9e992be5953f717b7a48c45d7c0229d3
21. Exploit.Win32.Pidief.asz
MD5: 3d84e94ecd92fe4650c11340ec5f639d
22. Trojan.Dropper.Tiny.ck
MD5: 8836c9bed08a5d0f861597bbef7d53ca

Methodology used in this test:

1.Windows XP Professional Service Pack 3 is installed and updated with all important updates.
2. An image of the Operating System is created.
3. A clone of the Imaged system is made for each program to be used in the test.
4. An individual program is installed on each of the Cloned systems.
5. On each Cloned system the package containing 22 samples of malware is placed.
6. All the programs are fully updated.
7. Real Time protection/On Access scanners are turned on prior to the start of the test.
8. All 22 samples of malware are packed inside exe files (executable files).
9. The test is conducted by trying to run (execute) the malicious applications (samples).
10. After each program was tested on all 22 samples, the system is checked for potential infections/malicious leftovers in all vulnerable system areas.
11. Programs that manage to successfully block all 22 samples of malware will get a System Protected Award.
12. Programs which were not able to block all malicious applications from running will automatically fail this test, we will list all the samples that were not blocked.

System Protected Award winners:

a-squared Anti-Malware successfully blocked all 22 malicious applications, no harmful objects found on the system after the test was completed.

Avira AntiVir Premium successfully blocked all 22 malicious applications, no harmful objects found on the system after the test was completed.

List of applications which have failed this test:

avast! Professiona Edition failed to block the flowing malware samples:
Exploit.Win32.Pidief.asz
Backdoor.Win32.Bifrose.bksm

Kaspersky Anti-Virus failed to block the flowing malware samples:
Trojan-Dropper.gen
Trojan.Dropper.Tiny.ck

G Data AntiVirus failed to block the flowing malware samples:
Backdoor.Win32.Bifrose.bksm

COMODO Internet Security (Defense+ turned off) failed to block the flowing malware samples:
Trojan-Dropper.gen
Backdoor.Win32.Bifrose.belf
Trojan.Win32.Agent.cllv
Backdoor.Win32.Bifrose.baor
Backdoor.Win32.UltimateDefender.hux
Backdoor.Win32.Bifrose.bksm

ESET NOD32 Antivirus System failed to block the flowing malware samples:
Trojan-Dropper.gen
Backdoor.Win32.Bifrose.bksm

Norton AntiVirus failed to block the flowing malware samples:
Trojan.Win32.Obfuscated.gx
Backdoor.Win32.Bifrose.bksm
Trojan.Dropper.Tiny.ck

AVG Anti-Virus failed to block the flowing malware samples:
Trojan-Dropper.gen
Exploit.Win32.Pidief.asz

Dr.Web anti-virus failed to block the flowing malware samples:
Trojan.Win32.Obfuscated.gx
Exploit.Win32.Pidief.asz

Additional information:
COMODO Internet Security didn't have Defense+ enabled as it wouldn't be fair to other programs.

As an addendum to this test the following aplications were tested, using the same samples and methodology.

1. Prevx 3.0.1.65
2. MSE 1.0.1407.00

The tests were conducted within 30 minutes of the original test above, so as to ensure any cloud databases were approximately the same age as the local signatures used by the programmes in that test.

System Protected Award winner:

Prevx 3.0 successfully blocked all 22 malicious applications, no harmful objects found on the system after the test was completed.

Application which failed this test:

MSE failed to block the flowing malware samples:

Trojan.Win32.Obfuscated.gx
Rootkit.Win32.Agent.mos.sys
Rootkit.Win32.Small.acd.sys
Backdoor.Win32.Bifrose.bksm
Trojan.Win32.Inject.ahdt
Trojan.Dropper.Tiny.ck

Nice test! No surprise for Avira & A2.

Toby

Nice test ! I'm not really surprised to see that A-squared and Avira pass this one with ease.
Also thanks to Chris, I really wanted to see a test for Prevx, and it seems that they're doing fine.

Keep up the good work !
eXPerience

not real surprises, i would like to see how Panda Cloud AV works in the type of test.

maybe next time

Let me assure you all that this test was just beginning of what is coming
We plan to test many more applications in various scenarios, sometimes we will use many applications, sometimes less, sometimes we will use 0-day malware samples, sometimes we will use samples that are in the "wild", we will create as many scenarios as possible...
But lets talk about this test here:
1. COMODO Internet Security Defense+ off/result lower, but the result would be different indeed if we turned on Defense+ which would be unfair to other programs, of course some may disagree with this.
2. Samples used in this test are a mix of new (few days old) and a bit older (about one month old), and by no means we wanted to make them easy to detect/block, now I know that some people will say that some samples are relatively unknown/not in mass distribution as we like to say, but let me just point out that all 22 samples used came from infected machines, to be more precised the items that caused the infection.
3. We used only 10+2 programs in this test simply because it was an unofficial test and we didn't have to include the whole lineup that we normally use. Also don't mix the results of MSE and Prevx with the others, MSE is not a final yet and Prevx is not a standard Anti-Malware application (but showed excellent result).

By the request of COMODO Team, we have repeated the test with COMODO Internet Security, this time Defense+ was turned on.

COMODO Internet Security with Defense+ enabled successfully blocked all 22 malicious applications, no harmful objects found on the system after the test was completed.

In addition to this test, we are adding the results from Emsi Software's Mamutu, which blocks malware by monitoring live all active programs for dangerous behavior, it does not use signature based detection methods.

We used the latest version, Mamutu Version 2.0.0.10

Mamutu successfully blocked all 22 malicious applications, no harmful objects found on the system after the test was completed.

great test, thanks....
I am glad with including PrevX and Microsoft Security Essentials

I understand only programs included in poll were tested,

but I am asking why is not included Tallemu (Online Armor), Agnitum (Outpost) security products. An moreover noone from Symantec (Norton), SoftWin (BitDefender),
Trustport (Internet Security 2009),Iobit (Security 360)

Hopefully we see these programs in MRG No.20