- Apr 25, 2013
- 5,356
Poor Hands-On Test Results
BullGuard didn't fare nearly as well in my own hands-on testing. When I opened a folder containing my current set of malware samples, it did perform an on-access scan, but it only eliminated 21 percent of the samples at this stage. Bitdefender, F-Secure Anti-Virus 2015, and ThreatTrack Vipre Antivirus 2015 wiped out 83 percent of the samples on sight.
As always, I proceeded to try launching the samples that survived the initial culling. In a couple cases, I got a message from Windows Explorer saying that the file "contains a virus or potentially unwanted software." My BullGuard contact confirmed BullGuard was responsible for this message. In a couple other cases, it detected suspicious activity (changing the home page, modifying the HOSTS file) and offered to revert the change, but didn't otherwise identify the program as malicious.
Most of the other detections generated a popup stating that BullGuard blocked a suspicious file and asking me to decide whether to quarantine the file or let it run. I got that same message when running some of my hand-coded analysis tools. I'm very unimpressed with this mode of operation. It's never a good idea to rely on the user's judgment for important security decisions. I did choose Quarantine in every case.
With a 62 percent detection rate and 5.7 points overall, BullGuard has the second-worst score of any product that I tested using this same malware collection. OnlySuperAntiSpyware Professional 6.0, with 31 percent detection and 2.4 points, scored lower. That result really surprised me. The previous edition, tested with my previous collection, managed 94 percent detection and 8.9 points. Webroot SecureAnywhere Antivirus (2015)at Webroot aced the current test, with 100 percent detection and a perfect 10 points.
As always, I consider the independent lab results more important than my own tests. However, when a product scores this badly in my tests, I have to wonder what happened.
Decent Malicious URL Blocking
To check an antivirus product's ability to detect and block real-world malicious URLs, I start with a feed of recently-detected URLs supplied by MRG-Effitas. I launch one URL after another and note whether the product blocks access to the malware-hosting URL, wipes out the downloaded file, or just twiddles its thumbs. I continue until I have 100 test results.
BullGuard's behavior in this test was puzzling. The URL detection feature almost seemed to fade in and out. I'd go through 20 URLs without a single URL blocked, then find it blocked 10 in a row. In the end, it blocked 46 percent of the URLs, about half at the URL level and half by wiping out the downloaded malware. That's better than the current average of 43 percent, but not by a lot. By blocking 85 percent of the malicious downloads, McAfee AntiVirus Plus 2015 at Dell earned the highest score in this test.
A Tangible Decline
I've compared the 2015 version of BullGuard Antivirus with its own previous edition at several points in this review, because there's a tangible decline in effectiveness. Its antiphishing score went from pretty good to pretty poor. The previous edition earned good scores in my hands-on malware-blocking test; the current edition's scores are dismal.
Full Article