This thread shows results of my virus scanner tests for 2005. Every year I try to include more antivirus programs in my tests. Because there are so many products available and I have only so many resources and time available, I test only mainstream, popular programs. Discussion of my results and concerning other programs can be held in another thread in order to prevent this thread from becoming cluttered. PLEASE DO NOT POST QUESTIONS OR DISCUSSIONS PERTAINING TO RESULTS OR OTHER SECURITY PRODUCTS IN THIS THREAD

I haven’t really had a lot of time to devote to these tests as I’d like, mainly due to the fact that I have a new business which is growing. I’m also down a couple of systems because I’ve had to use them for the business. However, I believe that you do the best you can with what you’ve got to work with and things usually turn out alright. It took a little longer because having only one test system means more wiping and reformatting when a virus torches all the data in the hard drive. One bonus this year is due to having a computer store. Every day I get customers with systems infested by spyware and infected by viruses and Trojan horses coming into the shop. They run the entire gamut of antivirus software available on the market and I get to see how they work in everyday systems. I’ll update their av, run a scan and then install something else if I’m not happy with the results. If the replacement finds more malicious files then I know something is up.

You’ll notice that some of the information in this thread is copied from the 2004 test. No, it doesn’t mean I’m any lazier than I was last year, it simply means that the results didn’t change enough to alter the report. I just like to have everything in one post so readers don’t have to skip around from thread to another looking for something.

One term used in conjunction with antivirus products is HEURISTICS. Apparently there is a bit of misconception as to what heuristics can or can't do. Much of this is nothing but market hype and this feature is dictated by the software manufacturer. Heuristics are supposed to allow a virus scanner to detect previously unknown viruses by making comparisons with known virus footprints. They give the software the ability to do a more intensive search for newer hostile files not yet given definitions by the antivirus company. Unfortunately, to use true heuristics a virus scanner would have to be exceptionally intrusive. Due to public disdain of false positives and the desire for unobtrusive scanners, most companies do not employ the full blown technology. Others offer configurable options to allow users to maximize or lessen heuristics as desired. Because of this, a virus scanner is still confined to detecting known virus files as heuristic technolgy is actually not very effective at this time. As viruses become more complicated and heuristic technology advances, user interaction will become unimportant as the ability to detect new hostile files will become required.

So, without further ado, I proudly present Antivirus Test 2005. I hope it helps clear up some confusion as to what antivirus you should use. The new antivirus I decided to put on the chopping block this year is..........NOD32. Enjoy the read.


This year I tested Grisoft AVG version 7 http://www.grisoft.com/us/us_index.php and it once again it didn’t impress me. I’ve had several computers in the shop which were infected and even after an update the program didn’t fare too well. It didn’t do too well running in the test system either, allowing a host of malicious files to install without so much as a whimper. Sorry folks, but AVG just doesn’t cut the mustard. After all the messing around I’d say AVG stands at about 70% effective. Yuk!

Next was Etrust EZAntivirus http://www.my-etrust.com/products/Antivirus.cfm. This came as part of the security suite with the firewall, antivirus, spamkiller, etc, yadda, yadda. I will say they’ve gotten better, but not to the point where I would feel comfortable using it to protect my information. Not only that, but with all that other garbage included it was a resource hog. A couple of computers that came in had it installed at the suggestion of Time-Warner RoadRunner. While I didn’t find too many other malware files on their computers, EZ did let some well known Trojans and spyware associated Trojans slide right through. When I installed AntiVir it found about six more which EZ missed. That’s not good. On the test system EZtrust did better than last year, but not much more than AVG. Still, it’s better than AVG and on the test system scored about 80%. However, if we're looking at percentages, 80 percent of 120,000 or so isn't very good.

Norton Antivirus http://www.symantec.com gets the “Gnashing Teeth” award from me this year ARGH! I am so disgusted with those idiots at Symantec it’s not funny. I swear, that blasted program does selective detection. I’ve updated the definitions on customers’ systems and I’ve seen it miss a file one minute and find it the next. Not only that, but if you’re using Norton Internet Security 2005 you may find this software has the most problems with regard to interfering with connections, software conflicts and other misc. errors. What really steams my clams is that Symantec had to create uninstallers for their software because half the time they won’t uninstall normally. Truly despicable considering it's from one of the largest security software companies in the world. On the test system Norton was inconsistent at best, ineffective at worst. This is rapidly turning into a true piece of bloated junkware that gulps down system resources instead of doing its job. BTW, the corporate version is worse than the standard version, so don’t even go there.

Avast http://www.avast.com remains a good free scanner. Yes, I still wish it was as configurable as AntiVir from the start, and the registration process is inconvenient, but it’s a really good, free antivirus program, light on resources and easy to use. It was a little better than AntiVir, capturing around 97 percent of viruses. Freeware for home users only.

Norman Virus Control http://www.norman.com is an excellent program I still use every so often. I do like their sandbox feature and it remains one of the most configurable programs available. It's a very easy program to use, is exceptionally configurable and the sandbox feature allows testing suspicious files, allowing them to run as if they were active in the system but keeping them contained in a smaller, controlled environment. Norman also has no trouble scanning any format of compressed files I had to user defined depths and sizes. If a virus is found, Norman makes an attempt to clean and recompress the file. I used packers to ultra-compress a couple of virus infected files and Norman had no problems finding and repairing/removing them. Users may designate what areas and files to be scanned at various times or during certain circumstances using the programs' Task Editor. I found this to be very interesting because the program permits experienced users to completely custom design how the program works and looks for malware. Norman scans all incoming and outgoing email and newsgroups. Norman had no trouble detecting the normal run of viruses I introduced it to and even removed a couple of those annoying redirect viruses from infected sites I took the system to. It is as effective as all the top rated scanners I've seen which places it as one of the highly rated antivirus programs. It is still pricey (a one year home user subscription costs $61 USD), but it’s worth it.

AntiVir http://www.free-av.com is what I use on my other system on a regular basis. It remains small, easy on resources and simple to use. AntiVir has gotten very adept at ferreting out those pesky spyware trojans and is a perfect mate for your antispyware scanners. Since I only have one profile on my system it's more than adaquate. Aside from that, its small size makes it perfect for people connecting with dialup, and I love the name of their scanning engine-"Luke Filewalker". Ain't it great? By the way, AntiVir and Avast are both much more effective than Norton AV. Antivir proved to be effective about 95% of the time, not bad for a free antivirus. Freeware for home users only.

McAfee http://www.mcafee.com was ok, but not as good as it has been. Still a good antivirus, it also remained one of the top reasons why a system will slow to a crawl too or suffer from program conflicts. I don’t know why they still haven’t addressed this, but that's their cross to bear. However, I think McAfee has passed the torch to Norton as the most hated software.

KasperskyLabs http://www.kaspersky.com is another top notch antivirus, rating at the top. It’s user friendly and very effective.

TrendMicro http://www.trendmicro.com Well, if you’ve been to Trends’ Housecall online scanner you’ve undoubtedly seen some changes. Trend has purchased several companies and has incorporated their technologies into a variety of scanners, both online and software. The most recent acquisition was Intermute, the makers of SpySubtract and the owner of CoolWebShredder after Merjin either sold or gave it to them. This has reinforced the effectiveness of their security suite software and it does a good job. Resource speaking it’s a fairly large program but isn’t the pig that Norton is by any means. The virus scanner is still one of the best and had no problems defending the test system against everything I threw at it. However, as good as PC-cillin is, I don’t believe it matches AntiVirs ability to ferret out spyware associated trojans, so I’ll generally install and run AntiVir and then either use Trends’ portable scanner or Housecall. Still, I highly recommend PC-cillin as one of the best payware scanners on the market.

This year I decided to put NOD32 http://www.nod32.com to the test. All these NODheads keep telling me that this program is unstoppable, unbeatable, invincible and invulnerable. The first thing I’ve noticed about NOD reviews is that it has been stated other av software “pales” in comparison. I’ve been wondering what this antivirus program can do that no other is able to do. The answer is.....nothing. Is there some miracle that makes their programmers better than any others? That train of thought doesn't even make sense. A virus scanner is designed to do one thing-detect and remove active, hostile Internet code which seeks to damage data, steal information or offer unwanted access to your computer. NOD32 does this no better than any other good program and, in some cases, not as good as others. Surprised? Don’t be. Everyone likes their favorite and will staunchly defend it to the bitter end. That’s customer loyalty and it takes a lot of hard work to build it. So, let’s see if NOD32 holds up to its’ reputation.

The first thing I look at is ease of use. Programs like these should not be difficult for regular, everyday users to install and setup. After all, the main objective is to make it as simple as possible to stop viruses from doing damage and spreading, right?


From a regular user standpoint, NOD has a rather unattractive and confusing interface. There is too much to look at, too many options to choose from and none of it is clearly explained. The normal user is not going to know what to do with it all nor are they willing to learn all the technical jargon. It does offer some nice features though, from keeping the logs cleaned out so old info is removed to cleaning and removing viruses without disturbing the user (like AntiVir). For the experienced user, NOD32 offers a host of configurations, from scanning by extension to determining how to deal with detected files. Still, it can be very confusing for the unwashed to perform an optimal setup. NOD is light on resources. This means you don’t have to shut down your av because you’re going to be gaming or using resource intensive applications. Scanning speed wasn’t bad either-it scanned the entire test system (AMD 3400, 40Gb HDD, 512Mb PC3200, WinXP) in about 15 minutes (of course, there aren’t too many applications installed). It ran well, suffered no conflicts during the tests and is relatively small (around 8Mb), only being a little bigger than AntiVir, which is still the smallest.

Onto the viruses....
NOD did pretty well finding most of the samples placed into the system. It did choke on a couple of packed files and did serve up a few false alarms which concerned me (I don't like false positives). Other than that it did well, better than AVG, ETrust and Norton (what it's often compared to) but no better than Avast or AntiVir. It’s highly toted heuristic qualities are no better than any other scanner.

The conclusion is that NOD32 is a pretty good scanner, not great, but pretty good. I would suggest having an experienced user around if you’re not really sure how to configure it because all those options are confusing at best. Also, be aware there have been quite a few reports concerning NODs' incompatibility with some software. However, as it stands right now (I’m leaving it installed in the test system for a while to see how things go as time goes on) I wouldn’t chastise anyone for using it because it is in a similar effective percentile range as Avast and AntiVir. Still, I'm glad I took the time to take a look at the program and prove to those silly NODheads that their program isn't the end-all-be-all of antivirus software.

The Big Story....

If you want a free scanner, then choose either Avast or AntiVir. Of course, there are always downsides to everything. Avast requires going through an inconvenient registration process and isn't as configurable as I think it should be, and AntiVir has been seeing some difficulties updating through the servers for their free version. However, these are generally minor.

On the upside, they are both excellent antivirus programs. If you are concerned with percentages, the programs fall into the 95 percentile range on average. The payware versions these companies have offer more features and better support, but you're still not going to go wrong using the freeware versions.

As far as payware programs are concerned, PC-cillin, Kaspersky labs are the best choices. At this time I wouldn't say NOD32 is a bad program either although it still has a lot to prove to me.

I don't think EZ Antivirus or AVG are going to do the job and I don't recommend them. Until Symantec takes a step back for a fresh perspective and decides what it wants to do with their piggish program I wouldn't recommend them either. It's just going from bad to worse. McAfee? Well what can I say? I've never been fond of it. The av isn't necessarily bad, but the extra baggage, errors and the system slowdowns are the reason I don't like it.

No antivirus can detect all viruses. I don’t care what their claims to fame are or how good users say they are. To be safe during those uncertain times, I advise people to utilize a good scanner installed into their computer as well as a good online scanner, or have another antivirus program installed (but not active) in their system. The idea is to practice safe hex, keep your operating system updated and learn the proper settings to make intrusions into the system more difficult.


Online Scanners


TrendMicro Housecall
http://housecall.antivirus.com/housecall/s.../start_corp.asp is a plain-jane, no-nonsense online virus scanner based on the PC-cillin engine. reasonable fast (well, maybe except for the very first time), it allows users to choose what area of their system they want scanned and offers to clean or delete infected files. They now offer vulnerability and spyware scans. All these services offered free? You have to love those wonderful folks at TrendMicro!

Symantec SecurityCheck
http://security.norton.com/default.asp?lan...id=us&venid=sym does not scan compressed files, nor does it remove viruses if found. I find it useless to scan a system without cleaning it. Not only that, but I kept getting a message that said my ActiveX security settings were too high and couldn’t perform the scan. Eventually I was able to, but by that time I normally would’ve gone somewhere else.

McAfee's Virusscan Online
http://us.mcafee.com/root/mfs/default.asp doesn't remove infected files, but point users toward links and information to aid in removal. Still, doing a scan and not removing the virus is of no use to me or anyone else.

RavAntivirus
http://www.ravantivirus.com/scan/ scans as thoroughly as HouseCall, offering to scan compressed folders, unpack executables and remove hostile files from the system. Although I haven’t tested their antivirus program, research shows it rates about as effective as AntiVir, which isn’t bad at all. The online scanner did a good job and was pretty fast, detecting the virus files I placed in the system and effectively cleaning them out.

Panda's ActiveScan
http://www.pandasoftware.com/activescan/co...com/default.asp
only detects 90,000 viruses. This they state on the scanner page. Still, it may find a file another cannot, and the rule is to use every tool at your disposal to keep the baddies at bay.

So, there you have it. Just in time too, for another victim of malicious code is walking through my door. Buh-bye now.

John,

A very humble thank you for all your efforts. Everyone has opinions. Yours are based on fact.

I appreciate your time and work placed into this. As always, I printed and saved in my notebook for future reference.

Chris

Hey, Fearless Founding Member ...

I really appreciate the time and effort you have invested in this analysis. A big Thank You!

I have been using AVG 7 (paid for version) for the last 8 months or so after having my own set of horror stories with NAV. So far I haven't had any problems with AVG 7, but your test results (70% effective) certainly give me pause. I do believe I will give AntiVir a spin around the block.

Thanks for the info Interceptor

I went from AVG to nod32 and your spot on with what you’re saying about it. It does require the user to set it up for best protection and for this reason I won't recommend it to the normal user.

QUOTE

All these NODheads keep telling me that this program is unstoppable, unbeatable, invincible and invulnerable.

Arr the fans yes once they are convinced its the best thing since sliced cheese they defend it with all sorts of claims.

I also use PC-cillin on another computer glad you highly recommend it I won't switch it to nod32 as I see no reason to.

I've just ditched Norton in favour of Avast! My subscription had expired, and I thought that rather than renewing I'd try another one (especially as Norton isn't getting such a great press these days).

To be fair, I don't really like Avast's "media player" style user interface, but as long as it does the job and protects me from viruses then I'm happy with it.

My system is also a bit faster as well for having made the change.

I as well really didn't see the point in skinning an anti virus app, Avast, but you can disable the skins like I did.

Right click the Avast icon on your taskbar, next to your clock, and choose Program Settings, uncheck 'Enable skins for simple user interface', and click ok. Thats it, no more media player look. I prefer it this way.

Thanks Interceptor.

I had been waiting for this. Love the brutal honesty. Was just as informative (and funny) as I was expecting.

Thanks once again,Interceptor, for your time and experience in assessing the AV programs in your post.
I'm sure I speak for many, when I say we do appreciate it.

One question. May I post a link to this forum in other forums that I frequent so that others can become better educated when choosing their AV protection?

Paul

Good post, John; accurate and informative as usual!

Paul,

In reference to your link question, you should check with the rules of any board you wish to link us at. Some forums (ours included) have rules on outside linking. They may or may not have a problem with you doing it, so check their FAQ. And if that doesn't answer it for you, just ask one of their staff.

Yes Paul. As long as the forum you're posting it at doesn't have any problems with it, spread it far and wide.

Thanks for that, XPGeek! I've yet to play with the settings in earnest with it.

As for linking to us, usually there's not a problem unless there is a conflict of interests, such as another computer support forum. But it's always worth checking the rules and regulations there before linking.

I've already posted a link to here from another forum, and as it's a non-technical one it doesn't break the rules at all.

And they are VERY cagey over there as to what you can and cannot link to!

I just wanted to say thanks ... I too fix computers ... your results are dead on based on my customer's issues ... it's nice to have verification ... and you are correct, sir, that AntiVir rules ... goes on every system I touch ... and Norton comes off everytime I find it ...


Thank you, thank you,

Angusdhu

I am proud to announce that Ian "Gizmo" Richards of TechSupportAlert.com thought enough of the review to add it to TSA's monthly newsletter. TechSupportAlert is an officially recognized and sponsored utility, security, information and software resource website. I don't even want to hazard a guess as to the sheer numbers of subscribers to the newsletter. This was an enormous boost of recognition and legitimacy for me, and I deeply appreciate his taking the time from his busy schedule to fit Antivirus Test 2005 in during the midnight hour.

Here Here !!

You earned and you deserve it. Just surprised it took others so long to find out what everyone @ SAF knows; what a tremendous asset you are

Chris

Wow Interceptor!
What a FANTASTIC COMPLIMENT from TSA!
Many congratulations to you!

Congratulation Interceptor.

Good job Interceptor on their web page they say 55,000 subscribers

Many thanks again.

Is it worth mentioning that there are now two TrendMicro scanners, the original one you mention and also

http:// fr.trendmicro-europe.com/consumer/housecall/housecall_launch.php

My feeble understanding is that the original one uses ActiveX, while the new one uses Java and thus is more widely applicable. The new one also charges to remove (tho not to detect) malware.

Way to go, Interceptor

This round is on me.........

Well, I happened across a site called The PC News Digest. PCNG has given the test their own award.



Thanks very much to PC News Digest for the high rating. I'm very pleased indeed.

That's Fantastic, Interceptor

GOOD JOB !!!!

Just in case they take it down, full text here.

QUOTE

Thursday, July 14, 2005 AntiVirus Software Tested No, I didn't test 'em all, but John Bang posting as "Interceptor" over at Suggest a Fix PC Support Forums did. Big thanks, John. His antivirus software test results are witty, informative, and, based on my experience with Symantec, McAfee, Avast, Etrust EZAntivirus, and AVG, accurate and unbiased. John's recommendation overall is AntiVir, which he finds more configurable than the simpler, but slightly more effective, Avast. He says AntiVir was effective 95% of the time. Both are available free in personal editions; either should do just fine as long as the maker continues to provide regular virus signature updates. John's results are more valuable than most both because of his sensible test procedures,  and because he actually runs a computer repair center and has more than a little hands-on experience with infected machines. John's excellent work on a vital topic earns this week's PC News Digest Best Choice Award! Good show, John.

Hello Interceptor and all others on this board!

I would say that I do not agree with you at all.
As experienced PC technician I treid most of popular AV products in their real job, removing parasites from already infected machines.
I do for friends at least 4 computers per week, mostly infected with multiple infections...

In my expirience i have very bad results with PC-Cillin.. its detect capabilities are not bad but if it come to cleaning infected files that be aware of that product!

I agree that Kaspersky is one of the best AVs on the market, however I would add that it is the best AV in last 2-3 years as well as for now! 4.5 version was heavy on resources but this new version 5 is simply the best AV product. Thats my view.

For NOD32 I do not agree with you. Its heuristic detection in unbeatable! I do not know if you know but that product detected Mydoom, Mytob, Sober... without update and your review saying its heuristic is not better than any other product.. Many times that small software detected trojans that even Kaspersky missed and most of them by heuristic detection.
I would recommend you to spend a bit more time with that product.

I just dont agree with ya

Also comparing AntiVir and its per week updates with NOD32....


Awast is not bad but free version does not detect spyware related parasites including and very high number of trojan downloaders... so to detect them we have to purchase full version..

Viruses are not no.1 threat no more... trojans and spywares are no.1 today and Awast free just does not detect them...


I do not know if you tried ArcaVir yet??? That AV is promising... arcavir.com

I must agree with gregplus. I just don't understand how you found out that NOD32's heuristics is not better than other avs'? Everyone will say NOD32 has the best heuristics in the world. So please, before you write something like that, think about it and TEST it!

Thank you for your comments, and I respect your opinions.

If you noticed, I discussed heuristics. Please re-read this section:

"One term used in conjunction with antivirus products is HEURISTICS. Apparently there is a bit of misconception as to what heuristics can or can't do. Much of this is nothing but market hype and this feature is dictated by the software manufacturer. Heuristics are supposed to allow a virus scanner to detect previously unknown viruses by making comparisons with known virus footprints. They give the software the ability to do a more intensive search for newer hostile files not yet given definitions by the antivirus company. Unfortunately, to use true heuristics a virus scanner would have to be exceptionally intrusive. Due to public disdain of false positives and the desire for unobtrusive scanners, most companies do not employ the full blown technology. Others offer configurable options to allow users to maximize or lessen heuristics as desired. Because of this, a virus scanner is still confined to detecting known virus files as heuristic technolgy is actually not very effective at this time. As viruses become more complicated and heuristic technology advances, user interaction will become unimportant as the ability to detect new hostile files will become required."


Fosius made this statement: " So please, before you write something like that, think about it and TEST it!"

Most tests you read on the Internet are simple file scanning tests. They introduce an infected file into a system and see if the antivirus can detect it.My tests are much more comprehensive. My sample collection includes more than just old dos viruses. Scanners and viruses were introduced before, during and after infections in different order. A variety of binders and packers were used to compress files to varying degrees. Files were ultra-compressed, uncompressed, recompressed (if you do that often enough it will become an entirely new virus variant). Viruses were joined with other files, sent in various forms via email, in webpages, etc. I try to employ as many different methods as possible, taking most to extremes in order to test the limitations of the virus scanners. The test system used the most common operating system, which is WinXP Home with SP1 and SP2 in place. System security settings were set to medium, average for most users. The system itself was a little over the average, being an AMD 3400 with 512Mb of PC-3200 (not that it makes any real difference), so the test system had plenty of power and resources.

I watched how well the antivirus software removed the files associated with the virus, checked to see if there was collateral damage to system software, allowed viruses to run in the system for extended periods to see how well the av software could handle it afterward and checked system performance while the av software was running.

All in all the tests have taken about 4 months. Normally it doesn't take that long because I'll use 3 systems at the same time, but this time I only had one to work with and I had to devote time to my business, but I kept some late hours working on this. This is the forth....fifth....(I can't remember-old age) year I've been doing this. I have a variety of resources which offer the latest in hostile code. These are also submitted to most of the antivirus companies to ensure their programs have the latest updates against these threats. To date, the antivirus companies have received over 2,000 undetected viruses and trojans horses.

How people use the information I offer is up to them. This article offers unbiased information free from outside influences. Like I've stated before, if you think I'm wrong or my recommendations are inaccurate, then try other options. I hope you make the right decision.

Congratulations John, for the excellent job and for spending your time to provide us with free, accurate, and updated information.

We all here know you are not sponsorized by any AV builder and your analysis are totally exempt and honest.

Thanks for sharing this detailed information.

Interceptor has had years of experience in building PCs and helping people with all sorts of malware issues, such as spyware and adware removal, as well as viruses.

His review of the AV packages will have been carried out in a controlled environment, feeding the same baddies to the different AV packages to see how well they fared.

As has been pointed out, he does not work for any AV company and thus is able to offer free advice that is totally unbiased, based on fair, accurate, and honest testing of each product.

No, this test is not a joke. In this industry, you need to keep up-to-date or you simply won't cut the mustard.

Thanks again John for your review. Very much appreciated

As another founding member, I've seen John do this year after year and I know for a fact that his tests are deliberately difficult. He has his preferences, but modifies them as cirumstances dictate. He's been a security (paradoid) specialist for as far back as I've known him and with the skills I've learned from him I've become a much sought after individual where I work for dealing with security issues.

That said, I don't always agree with John and he knows it, but he really does know his stuff and while one must take any advice with a grain of salt, John's reviews are very thorough to say the least. Disagree with him if you must, but deal with him as the professional he is.

John is also a former moderator here and elsewhere and well known for his skills in professional circles.

Bolecter I am curious what exactly is your background and experince?

QUOTE (Bolecter @ Aug 4 2005, 03:53 PM)

Companies test these products for a living,

In addition to all of the excellent points made about your "'criticism':

Companies SELL (NOT test) their product for a living.

Companies may test their own products, but if they get a bad result, we will not hear about it. I do not see Norton advertising that their product is a resource hog, but they must know this from their system tests.

You can choose to believe all the advertising you want, but it does not make the claims true.

One thing more I must add, I did not comment on the differences in the programs with regard to spyware nor did I test keeping this in mind. This area is still relatively in it's infancy. Some programs do fairly well detecting spyware associated trojans and other files but not the "classic" types of viruses. Others detect the "classic" types of viruses and trojans but not spyware related files. However, I still view this as an oversight on my part, something I will attempt to address in future tests. In any case, the present results speak for themselves. Spyware related file detection is not the main indicator of an antivirus programs' performance, just part of it's overall effectiveness.

There is a shift occurring as I write this. Antivirus vendors are adding to their detection arsenal by purchasing antispyware companies or entering partnerships in order to incorporate spyware detection into thei programs. They are finally realizing that spyware is as dangerous as any virus and the line separating them has all but been obliterated. Unfortunately, at this time no antivirus is effective protection from spyware by itself, but the times are quickly changing.

QUOTE (Interceptor @ Jul 9 2005, 01:45 PM)

This year I decided to put NOD32 .... It’s highly toted heuristic qualities are no better than any other scanner.

For another test in this area folks might take a look at the "Retrospective/ProActive Test May 2005" on:
http://www.av-comparatives.org

Let me join in the accolades - very nice and informative writeup. It is very hard to get good information about this type of software, so recommendations tend to be important. Many recommendations, of course, are based on obsolete experience, word of mouth, and web sites of varying credibility. So when recommendations come along that have a well-founded background, I soak them up.

I'd like to add some of my own observations and experience - nothing more than anecdotal - but I am a computer professional and have seen some interesting things.

McAfee (at least version 8 - haven't tried newer) requires IE, and my system's tight IE security settings interferes with its operation. To me - that was a "deal-breaker" - I have been a McAfee "believer" since around 1990. Also, I have seen systems where IE does not work properly, and nothing I have done short of a format & reinstall have fixed it (repairs and full reinstalls of IE were not sufficient).

Norton installs (OS level) filter drivers that cause problems for some users - and some software - but not consistently. Somehow they either become corrupted, or they cause corruption in other software that causes strange behavior on the different systems. I have also had systems that refused to work after an upgrade from one version of Norton AV to a newer version (following the procedures on the Symantec web site - I knew there were some potential issues before I started). In those cases, the only expeditious resolution has been to remove Norton altogether, and install ANOTHER AV package.

I would also have liked to see (in your presentation) the actual results for all the AV scanners. You have included the detection percentages for some, but not all of them. Based on your comments, I assume you have (or at least had) that data available.

I would also love to see someone include the free version of BitDefender in a lineup with the other free AV tools. Just using an AV tool, you really never know how good or effective it is. Only if you get infected, you will know it wasn't sufficient. So an objective comparison test is very important.

Anyway - keep up the good work.

QUOTE (Interceptor @ Jul 9 2005, 01:45 PM)

The new antivirus I decided to put on the chopping block this year is..........NOD32. Enjoy the read. It’s highly toted heuristic qualities are no better than any other scanner.

http://www.pcmag.com/article2/0,1895,1850851,00.asp

Allow me to reiterate.

I do not CARE about other reviews. This is SAF, not those other sites. How you use the information I have supplied is entirely up to you. If you don't think my review is accurate or involved enough, then you are free to disregard it. We are not here to argue about it. Stop wasting your time trying so hard to convince anyone my review is incorrect. Nobody cares.

QUOTE (Tore @ Aug 14 2005, 05:32 PM)

I would also have liked to see (in your presentation) the actual results for all the AV scanners.  You have included the detection percentages for some, but not all of them.  Based on your comments, I assume you have (or at least had) that data available.

Me too. Also those malware categories are usefull to show us as well.

Best regards,
Firefighter!

Hi Firefighter, welcome to SAF

Interceptor's work is not based on public reviews, but on his knowledge and testings.

It's here only for your information, not to drive you to a sponsored choice. (he earns nothing on doing that), and he use his working or leisure time to provide us information. (thanks for that, man!)

We at SAF, knows his wondering about security, and we trust him. You are free to use any software you can, but always have in mind that this is a personal review, not a try to sell or earn some bucks on it.

This is only here for SAF members information purposes, not to sell anything.

Chris

QUOTE (Ironbender @ Sep 18 2005, 08:34 AM)

Hi Firefighter, welcome to SAF Interceptor's work is not based on public reviews, but on his knowledge and testings. It's here only for your information, not to drive you to a sponsored choice. (he earns nothing on doing that), and he use his working or leisure time to provide us information. (thanks for that, man!) Chris

I knew that already and that's why I wanted to see those categories detected by all tested scanners.

Best regards,
Firefighter!

Be comfortable to share your knowledge with us, Firefighter
Thanks for the feedback !

Chris

QUOTE (Ironbender @ Sep 18 2005, 10:13 AM)

Be comfortable to share your knowledge with us, Firefighter Thanks for the feedback ! Chris

Don't know about my "knowlegde", but I'm only playing with many security apps, mostly AntiViruses and some AntiTrojans, against my collected samples from the web.

Btw, this is a new Forum to me and that's why I'm so curious about all av-tests in here.

Best regards,
Firefighter!

hey cool, lol I always wondered how all these anti virus scans fared. I hate Norton, its what im using right now lol, I don't know why and when the subscription was up, I figured i would just go back to AVG but you have changed my mind lol.

Great job!

Thank You Interceptor
I was able to choose a virus protection that was right for me after carefully reading through your post.

I did the work but you gave me the bit to chew on. And I greatly appreciate your coming from your own experience. I've learned a great deal.