By John E. Dunn
02 March 2007
A new test of anti-malware programs has found that Microsofts OneCare
software is by some margin the weakest product on the market.
Austrian outfit, AV Comparatives, found that out of 17 programs put
through extensive tests against a wide range of malware, OneCare was
only able to detect an average of 82.4 percent of what was thrown at it.
To put this into context, the next worse program, Dr Web, scored 89.27
percent, with the other 15 programs under scrutiny scoring rates from
approximately 92 percent to 99.5 percent.
The top-scoring programs were G Data Securitys AntiVirusKit
(99.45percent), AECs TrustPort AV (99.36 percent), Aviras AntiVir PE
Premium (98.85 percent), Kaspersky Labs Kaspersky AV (97.9 percent), and
MicroWorlds eScan Anti-Virus (97.9 percent).
Rival big-name brands such as McAfees VirusScan, Symantecs Norton
Anti-Virus, and GriSofts AVG, scored 91.6 percent, 96.8 percent, and
96.3 percent respectively, well above OneCares poor showing.
The tests set the programs against a million-sample round-up of malware,
including Windows and macro viruses, worms, backdoors, rootkits,
Trojans, scripts, diallers, and spyware.
AV Comparatives also tested each program against a sample of polymorphic
viruses, a class of malware where a large number of related variants are
generated from an original piece of malware. Detection rates for these
are considered to be an acid test for anti-malware programs because it
demonstrates the flexibility of a products detection engine.
Again, OneCare scored weakly, detecting only 4 out of the 12
polymorphics pitted against it. The majority of other products found
between 6 and 12 of these, with only three programs achieving poorer
Unlike all of its rivals, Microsofts OneCare is a new and clearly still
immature product, and the company will no doubt aim to improve its
performance as time passes. Nevertheless, it has a chequered recent
history, falsely flagging Googles Gmail email service as suspicious,
only last November.
Then, two weeks ago, the companys Defender product scored poorly in
tests carried out by an Australian lab, Enex Testlab. Defender was only
able to pick up just over half of the malware tried against it.
Visit the InfoSec News Security Bookstore