Internet Security Tips and Advice

Welcome to the research section

July 3rd, 2008 by Igor Pankov

In the first of our series of research, we decided to pit against each other three popular security products – Kaspersky Internet Security, Agnitum Outpost Security Suite Pro and Eset Smart Security to find out which demonstrated the best aptitude to counter threats with the help of onboard proactive protection instruments – those that monitor system activity and alert to new or unknown program operations.

The testing methodology was quite straightforward: disabling all signature-related scanners, running the test malware sample and tracking how each product managed to prevent activation of malware after system restarted. All prompts were given the “block action” response, and the tools used for testing were Sysinternals Autoruns and Process Explorer.

Click the corresponding video file to see the products in action.


Video 1 – Product in action:
Outpost Security Suite Pro

View Video


Video 2 – Product in action:
ESET Smart Security

View Video


Video 3 – Product in action:
Kaspersky Internet Security 7.0

View Video


Posted in Research

11 Responses

  1. Peter Schnell

    I find your newsletters interesting and informative.

    I prefer text / html to video as not all countries have great connections.

    My businesses is “profitable marketing and selling systems” and it would be interesting to test whether video or still sells more in you situation. What I have found so far, is that “text” outsells video / cute etc by far.

    It also uses less bandwidth, but it does not entertain as well. Then our purpose is the deciding factor.

    Cheers Peter

  2. Juan

    Very interesting Igor!
    thank you

  3. Neil Robinson

    If the anti malwares hadn’t been disabled surely Eset and KIS would not have been infected!

    So although obviously a sales tool for Agnitum Proactive defense it should not mean the other 2 would not protect a user.

  4. NoOnw

    What a useless test. All of the products would have stopped the threat if all of the modules where activated. So who cares how it’s stopped as long as they all would have stopped the threat in real life.

    Also unless i’m wrong the tester works for Agnitum….it’s like Microsoft testing Windows vs Linux…..i wonder if Linux could ever win that test.

  5. GT

    Neither did outpost detect any threat in this test. A popup that always ask for permission regardless of a threat or not is not detection…’s just annoying. A good security program should detect threats and if no one is found never bother you. Even i could create an application that ask for permission whatever you do, but that’s not security….it’s useless.
    Also how should anyone distinguish a threat from a clean file with a warning that says “Application is attempting to modify a critical object”? This sounds serious in any case and if i start an application and see this message…how should i know if the file is infected or if this is normal behavior of the application?

    A tailor-made test with a single file performed by an Agnitum employee have no credibility what so ever.

  6. Sam

    Thank you for your video. From your video, we found that Outpost can successfully block the malwares’ attack at the very first beginning. How about if Outpost Firewall Pro is installed on a PC which has been infected with those testing malwares, is Outpost able to remove them all ? Can you record another video clip to demonstrate that ?

  7. Soldier1st

    You people Do Not Understand what he is trying to show us,what he attempts to show us is the capabilities of non signiture based detection,of course it could be stopped by signitures(if there is a signiture for the malware sample) but these days. signitures are not enough to provide enough defense.

  8. Jo154

    Good demonstration. Can you test also Bitdefender antivirus/internet security, Norton, Eset antivirus, kaspersky antivirus?


    Which program do you use to record the video? I really wonder…

    Your videos are great! We don’t like ESET NOD32 either.

    Greetings from Turkiye

    Take Care! ^_~

  10. Pavel Goryakin

    To Kizilsungur: it was ViewLet Builder.

  11. Greg

    It’s clear that the negative comments about Agnitum (or this test) were written by people who don’t understand the purpose of the test.For those of us who do understand,Agnitum has a superior product and is to be congratulated.