Results are available for AVComparatives Single Tests of CA Antivirus 2007, Trend Micro IS 2007 and Sophos Antivirus 2.0.

Only Trend Micro has a high enough overall detection to reach certification level. CA Antivirus and Sophos have such low detection as to not meet any certification level. Trend Micro reaches Standard Level.

http://www.av-comparatives.org/index.html?http://www.av-comparatives.org/seiten/comparatives.html

CA has probably left the Trojans/Backdoors/Other malware/OtherOS malware detection to PestPatrol, which possibly explains its poor performance.

No excuse for Sophos; the company should be ashamed at its poor performance. As for Trend Micro, I think they would have barely reached the Standard certification, I do hope they improve from here on out.

@IBK: You need to correct the Trend Micro PDF file. In the "comments" section of the Trend Micro PDF file, you have typed that "If you are going to evaluate CA Antivirus 2007 on your system, you will have to uninstall first any antivirus and antispyware you have already installed..."

A sizeable proportion of what sophos has detected would probably have been under "mal/packer" packer category detection, the fact that they still score poorly despite this does not look good at all.

Very interesting!

"Results are available for AVComparatives Single Tests of CA Antivirus 2007, Trend Micro IS 2007 and Sophos Antivirus 2.0. "

Does anybody know which suites and utility packages use or did use the CA AV and the Sophos AV?

Going by memory (mine not the PC!) CA was used by ZoneAlarm on it's pre KAV suite has replaced it with KAV with some ongoing problems.

Sophos is part of the SS 5.3 package (:gack: I've got that !) l leave AV off in favour of BD10.

Can't remember but iolo's System Mechanic had a AV or ASW but which vendor?

-{ Quote: "Very interesting!

"Results are available for AVComparatives Single Tests of CA Antivirus 2007, Trend Micro IS 2007 and Sophos Antivirus 2.0. "

Does anybody know which suites and utility packages use or did use the CA AV and the Sophos AV?

Going by memory (mine not the PC!) CA was used by ZoneAlarm on it's pre KAV suite has replaced it with KAV with some ongoing problems.

Sophos is part of the SS 5.3 package (:gack: I've got that !) l leave AV off in favour of BD10.

Can't remember but iolo's System Mechanic had a AV or ASW but which vendor?" }-
IBK used the standalone CA Antivirus and Sophos AV. Trend Micro is available both as a suite and as AV+AS packages.

ZoneAlarm used the CA engine in the past. Iolo's system Mechanic used to have KAV, but now it uses its own AV engine. I believe V-Com SystemSuite uses Trend Micro's engine for its AV.

Iolo now uses Command AV for up to 3 pcs.

-{ Quote: "Iolo now uses Command AV for up to 3 pcs." }-
Iolo has claimed in all their press releases that Iolo AV is home-developed. Why would they lie? ???

Maybe we are getting mixed up?

SM7 had an ASW / trojan hunter I didn't think it was an AV? The lines are blurring on these scanners these days.

The Gui is theirs, but other than that it is:
Command AntiVirus version: 4.94.139.35
engine version: 4.313

A bit disappointed at Sophos results. :( Sophos had been scoring very high detection rates alongside with Dr Solomon's Anti-Virus Tookkit and AVP (KAV) 7-8 years ago in some independent AV tests.

-{ Quote: "A bit disappointed at Sophos results. :( Sophos had been scoring very high detection rates alongside with Dr Solomon's Anti-Virus Tookkit and AVP (KAV) 7-8 years ago in some independent AV tests." }-

Perhaps, but 7-8 years is a long time in this field, just an opinion of course.

If my AV or ASW had dropped out of the top 5 and my subscription is about done well, time to switch IMO.

-{ Quote: "Perhaps, but 7-8 years is a long time in this field, just an opinion of course.

" }-
A life-time! Very recent detection rates are the most important; for example; look how well AntiVir is doing now in recent tests.

Have a look at my thread here as it reached a similar conclusion:

http://www.wilderssecurity.com/showthread.php?t=167941&page=2

And I thought Sophos were one of the best AV in the market despite of its exclusion on latest on-demand av-comparatives :(

-{ Quote: "And I thought Sophos were one of the best AV in the market despite of its exclusion on latest on-demand av-comparatives :(" }-

Data speaks for itself. There is a good reason if it is excluded.

I wish it was better, since I have indirectly in SS and use it as an occasional on demand tool. Maybe someday?

-{ Quote: "Data speaks for itself. There is a good reason if it is excluded." }-
AFAIK, those products weren't excluded in av-comparatives on purpose, simply they chose to not participate?
It's the same maybe ;D

i always thought of trend as a 90% av, and not too far off either.

as for the other two, as expected.

KAV ftw,
Im a KAV fan boy xP

-{ Quote: "AFAIK, those products weren't excluded in av-comparatives on purpose, simply they chose to not participate?
It's the same maybe ;D" }-

Well, as you say they were either excluded because they didn't meet the criteria AV uses for vendors to enter the tests or they choose not to participate.

For me, the results are the same, no data no selection by me!???

If a student says I'm not taking the math exam but let me graduate anyway.

What to do what to do....;D

escalader,
i have bitdefender 10 (suite) on a disc that i haven't even used yet. i would like to use it as an on-demand scan (both, the AV, and ASW) the same way that you use sophos. my primary real-time AV is kaspersky. can this be done? the bitdefender people told me that it can't.
sorry for going off-topic.

-{ Quote: "escalader,
i have bitdefender 10 (suite) on a disc that i haven't even used yet. i would like to use it as an on-demand scan (both, the AV, and ASW) the same way that you use sophos. my primary real-time AV is kaspersky. can this be done? the bitdefender people told me that it can't.
sorry for going off-topic." }-
Heavily doubt it, BitDefender is heavily sensitive to other Anti-Malware applications running on the system.

It would be nice to see Panda tested.

firecat,
isn't there any way that i can uncheck it from the startup list? i already do this with spysweeper, avg anti-spyware, and clamwin, and they work. i just want to use them in safe mode.

well i was hoping for a better showing from trendmicro...which showed-up only 87% detection-rates and was not particularly good in "other-malware/trojans" category..........but was good in worm detection....

-{ Quote: "Heavily doubt it, BitDefender is heavily sensitive to other Anti-Malware applications running on the system." }-

That explains in spite of winning my personal favor of it i just couldn't deal with constant conflicts/issues that no doubt was due to melding alongside my other security apps.

BitDefender you might say is my AV of choice even though i have KIS6 now and prefer everything about it.

Maybe one day..................:shifty:

Even if someone disables the real-time monitor of BD, other processes are still active. And these cause conflicts with other applications. BitDefender strongly recommends to not use any other Anti-Malware application along with it, and they warn of conflicts happening if someone chooses to do so. And this includes On-Demand scanners like Spybot, and also tools like SpywareBlaster.

-{ Quote: "escalader,
i have bitdefender 10 (suite) on a disc that i haven't even used yet. i would like to use it as an on-demand scan (both, the AV, and ASW) the same way that you use sophos. my primary real-time AV is kaspersky. can this be done? the bitdefender people told me that it can't.
sorry for going off-topic." }-

Hi ejames82:

You have some advice posted ahead of this reply. What I will say is a bit different based on my own experience with BD 10. I do have Spybot search and destroy used on demand without tea timer with no conflicts with BD10.

I have BD10 on right now along with SS 5.3, ZA Pro 7.0.377 and SpyBlaster.
I do run on demand sophos from SS and I get no on line conflicts from any of them. Not that it helps due to it's current low detection rates. I then turn off sophos in SS.

BTW in the ZA Pro 7.0.377 thread I am reporting huge SS scan time degregration due to ZA Pro 7.0.377 "update"

I have found that vendors tend to say it won't work with other products a bit too quickly. So if you really want to try, it needs testing doesn't it?

What you never want to attempt is having the 2 BD10 and KAV actively running at the same time!

But still, you want to run a strong AV as on demand, you want to exploit the BD 10 so try the following:

1) Go off line, disable the internet connection (this is just for safety when closing off KAV.

2) Exit KAV and all other applications,

3) Take full backup of your whole PC at least anything that can't be found on a CD/DVD or USB stick.

4) Still off line install BD 10 from your disk, unclick every single one off it's special shields in ALL it's AV and ASW settings including the advanced settings, run a deep scan.

5) Go back on line, register BD and update it, and run it's 8 different scan types. When done exit BD.

6) Report your results back here for everyone who may be interested!

7) If the predicted conflicts occur, uninstall BD 10 and use their free BD8 which updates still or their online scan service as a substitute.

8) I did a test for you as follows in case you need to disable BD tasks

Exited BD10, 2 of it's 3 obvious processes remain in the task manager list,

bdagent.exe
bdss.exe

I just used Task Manger to disable them. But these would remain as stated even when you are not using BD on demand unless you disable them each boot up which is a real pain.

That's it for now

firecat,
can't processes be ended in the task manager?

escalader,
there's alot there in your post to address. some of those steps, i have not performed in months. i would be asking for a lot of help. i feel uncomfortable, in that i don't want to be viewed as stealing the thread. i am going to start a new thread. i hope you, firecat, and anyone else contributes if possible.

everybody,
is escan a product of CA? they fare extremely well according to www.virus.gr. sophos and trendmicro, not so good.

thanks for the replies, firecat and escalader.

-{ Quote: "Well, as you say they were either excluded because they didn't meet the criteria AV uses for vendors to enter the tests or they choose not to participate.

For me, the results are the same, no data no selection by me!??? " }-
True.
That's why I said "it's the same maybe" before ;D

-{ Quote: "everybody,
is escan a product of CA? they fare extremely well according to www.virus.gr. sophos and trendmicro, not so good." }-
eScan is powered by Kaspersky AV engine :thumb:

-{ Quote: "eScan is powered by Kaspersky AV engine :thumb:" }-
But having a lot less features, and lacks a quarantine. I do not know what exactly is the problem with implementing a full-time quarantine, but if they didn't listen back in 2004, I highly doubt they will today.

Detection rates are the same as KAV with extended databases though, and I believe it uses the 6.0 engine currently.

-{ Quote: "True.
That's why I said "it's the same maybe" before ;D" }-

Ah, yes true, we agreed! Just wanted to add (poorly it seems) what the consequences are for the vendor at least for this user!

Cheers

-{ Quote: "firecat,
can't processes be ended in the task manager?

escalader,
there's alot there in your post to address. some of those steps, i have not performed in months. i would be asking for a lot of help. i feel uncomfortable, in that i don't want to be viewed as stealing the thread. i am going to start a new thread. i hope you, firecat, and anyone else contributes if possible.

everybody,
is escan a product of CA? they fare extremely well according to www.virus.gr. sophos and trendmicro, not so good.

thanks for the replies, firecat and escalader." }-


No problem helping you. Send me your link to the new thread so I don't miss it!

escalader,
it's right here at wilders security forums>security software>other antivirus software>kaspersky real-time AV, BD10 on-demand. possible?
thanks.

With regards to these single tests, it is important to know that the test report of Sophos Anti-Virus has now been removed from the AV-comparatives site.

There is nothing in the weblog about why it was removed, but I'm sure many of us will appreciate an answer. Did Sophos not like the result?

IBK will probably give the answer but yeah, I also think the reason for this is because Sophos does not like the result.

Will TrendMicro get the missed samples since it did score 85% or higher?

Hmmm...so a vendor who doesn't like the results can just demand that the results be removed from the website and that is that? That doesn't sound right. If Sophos asked for testing then the results should stay. Rather a bad precedent isn't it if a vendor can demand removal of results they don't like?

So, I'm all ears for IBK's explanation. I hope I'm all wrong.

-{ Quote: "Hmmm...so a vendor who doesn't like the results can just demand that the results be removed from the website and that is that? That doesn't sound right." }-
Same thing happened in the av-comparatives Anti-Trojan Test of March, 2006; TrojanHunter had their poor (http://www.wilderssecurity.com/showthread.php?t=125205&highlight=TrojanHunter) results pulled. Although, in contrast to the AV's he tests, Andreas did not have written permission from TH to publish the results.

I assumed he had written permission to publish the results. If so, then how can Sophos demand the results be removed? Maybe there is perfectly benign explanation for them not being there that we are not aware of. Where is IBK?

This happens when tests are done without the permission to publish the results. To avoid legal problems or similar, its easier to remove the report. Anyway, you all know that it scores under 85%. I will keep testing only home user products and with permission of the vendors. Please note that also the other 2 vendors have not give any permission to test, but so far no one complained.
TrendMicro scored 87%, but they had 2 months more time to add signatures.
When I have written permission, results remain in any case. Should someone make anyway problems, it will be noted and the vendor excluded from future tests (to do not waste again time for nothing, as main goal is to inform peoples).

Ahh..thanks for the explanation. Yes, we all know that Sophos did poorly so it doesn't really matter if the results stay there on the site or not. We really appreciate your testing these three and that is what matters.

Panda (and also TrendMicro) will participate normally in the regular tests of 2008.

Egads. :-[ I think it is time for some sleep. I knew Panda wasn't tested. Why I said "Panda" and persisted over more than one post in saying "Panda" when I meant "Sophos" I don't know. Sorry. I'll edit my earlier posts.

-{ Quote: "Panda (and also TrendMicro) will participate normally in the regular tests of 2008." }-

2k8? We're barely in 2007! I mean its great news that they'll participate... But a year to see their results... :(

I wonder if Panda and TrendMicro will actually pass. I think both their detection rates have declined since they have last participated. (TrendMicro had extra time to add signatures and only got 87%.

-{ Quote: "Even if someone disables the real-time monitor of BD, other processes are still active. And these cause conflicts with other applications. BitDefender strongly recommends to not use any other Anti-Malware application along with it, and they warn of conflicts happening if someone chooses to do so. And this includes On-Demand scanners like Spybot, and also tools like SpywareBlaster." }-

Yeah, the exact reason why i showed BD the door out. Sorry but will never trust a single product to cover all the bases no matter how high the claims or rate of successful coverage. Theres just too much at stake when it comes to protecting your computer and it's properties, not to apply some reasonable form of layered approach that is 100% compatible with most if not ALL other anti-spyware/AV apps & resident monitoring.

KasperskyIS6 is done magnificient in the compatibility department with various other security apps and i yet to experience a single issue conflicting with just one of the programs listed below in my signature when running together.

Regarding possible conflicts (see my software signature)

IMHO vendors say don't use other products with their's a bit too quickly. It is not surprising, they don't want us using the completion and they certainly don't want to "invest" technical effort figuring out how to make it possible.

That said conflicts can occur, but in my case anyway I can manage them. This is one of the jobs you have to do in a mix and match strategy. If not a suite is a simpler strategy, not my choice but simpler.

I use BD 10 and SS 5.3 at the same time with no crashes.

On the SS FAQ web page they say that their product CAN work with BD 10. This matches what I am experiencing in practice.

To minimize possible conflict I made a list of the shields and just enable 1 if both products provide that shield. For example both offer cookie control. So I turn off BD in favor of SS's. (it's older!)

I disable AV on SS. I disable ASW on ZA pro. All 3 of my mainline security tools are what one might call semi-suites in that they have these add ons.

In ZA I disable email scanning in and out in favour of BD 10. ZA's scanner for SW is weak anyway.

Again you would not want to have 2 dualing AV's like BD and Kav since the use of 2 AV's is a well know no no.

I do use Spyblaster with no trouble in spite of what BD says.

I think I'll sign up on new BD user forum and see what others are doing/learning/ saying over there.

Maybe I'm the only guy with these 3 working together on the planet!

I know one other user here who is doing exactly what I am only using NOD32 in place of BD. :)

"SS" 5.3? What is that?

SS=Spy Sweeper

-{ Quote: "SS=Spy Sweeper" }-

Too many short forms, added translations to my signature for this and future posts. Hope this helps!

-{ Quote: "With regards to these single tests, it is important to know that the test report of Sophos Anti-Virus has now been removed from the AV-comparatives site.

There is nothing in the weblog about why it was removed, but I'm sure many of us will appreciate an answer. Did Sophos not like the result?" }-

I just hope that Sophos AV 7.0, which will be released some time in June or July would do better. It is beyond my expectation that Sophos performed like this in the test. :( They should do more to improve the detection rate in addition to maintaining the stability of the software.

I don't Sophos wil get much better. it's detection rate has just been declining for many years.

feb04 86%
aug04 82%
feb05 79%
aug05 78%
feb06 ??
aug06 ??
feb07 under 77%

-{ Quote: "feb04 86%
aug04 82%
feb05 79%
aug05 78%
feb06 ??
aug06 ??
feb07 under 77%" }-
:(:(:(

Bad for Sophos. Anyway, will you be testing Panda also in one of these single tests? :)

no, Panda wants only to participate starting from 2008.

-{ Quote: "no, Panda wants only to participate starting from 2008." }-
I guess by then they'll be using a Kaspersky engine as well. ;)

I wonder if Panda will pass. if i recall correctly, the last time Panda participated, it scored 85% without the DOS viruses/malware category and 91% including the DOS viruses/malware category. Now that this category is not used to judge certification, I wonder if it wil indeed pass. I am also somewhat doubtful of trendMicro as it only got 87% when it had about 50 extra days over the regularly tested products.

-{ Quote: "I guess by then they'll be using a Kaspersky engine as well. ;)" }-
???

What do you mean?

I think hes joking