hi

i know magazine tests of AVs don't generally go down well, but they usually make for good discussion, especially when the experts weigh in and pull them their methods to pieces!

so here is another one that has just been published in the UK by PC Pro magazine, quite a well respected magazine really - one of the most popular amongst IT Pros here I would say.

http://www.pcpro.co.uk/labs/155/antivirus-software/products.html

enjoy ;D

Some comments on NOD's rating in this test has already been discussed over on the Eset (http://www.wilderssecurity.com/showthread.php?t=179931) forum.

{QUOTE-> Some comments on NOD's rating in this test has already been discussed over on the Eset (http://www.wilderssecurity.com/showthread.php?t=179931) forum. <-QUOTE}
yeah, NOD32 didn't fair too well with this reviewer

I don't understand why they mix up paid and free stuff together.
Like avast! and AntiVir don't have their real counterparts...

And whats up with number of samples!? 200+ samples!? Give me a break... ::)

come on they tested on ~200 samples, that's a very conclusive test of detection rates. Also GUI reviews are subjective to the reviewer.

Oh yeah, BullGuard is better then Nod and Norton. Total crap.:thumbd:

at least they got onecare right :D

well that, and Avira almost.:D

I never pay very much attenshion to any of these magazine AV or AS reviews.
Take them with a grain of salt.

{QUOTE->
Take them with a grain of salt. <-QUOTE}

You are too kind, I would say 1 lbs of salt.;D

What I see here unchanged compareing this with other antivirus tests is that Kaspersky is nr.1.
As always. :thumb:

{QUOTE-> well that, and Avira almost.:D <-QUOTE}
they got avira wrong, they used the free version of it, they should have used the premium version, who knows how many of those "viruses" were adware/spyware and thus undetected by the clasic version

{QUOTE-> This month's Labs confirmed that the antivirus component of the package really does walk the walk: with a superb 93% malware detection rate, it came second only to Kaspersky. Notably, it was one of only four packages to identify the Clicker trojan, and one of only five to identify the Agent trojan-dropper in compressed form,

perhaps thanks to the DeepGuard heuristic analysis that's new to the 2007 edition. <-QUOTE}

does not make sense. ???

{QUOTE-> does not make sense. ??? <-QUOTE}
what do you mean?

hello,

perhaps because deepguard is f-secure technology and not kaspersky one, which is proactive defense module.

{QUOTE-> hello,

perhaps because deepguard is f-secure technology and not kaspersky one, which is proactive defense module. <-QUOTE}
well i think it's norman, but anyway i think they mean that the clicker & other trojan it found was due to that. it doesn't say deepguard is from kaspersky

re,

you're right about the article, I misinterpret it. my mistake. sorry.

{QUOTE-> what do you mean? <-QUOTE}
detection was made by the av parts, why do they differ?

and to think avg FREE beat 7 of those tested for detection, which is most of them..... is just stupid.

I agree. Who do you trust? Yourself.::)

i dont trust none of these, or even the big tests from av-test and av-comp.

i look at them in interest of course, but i dont personally take anything from them, i just find them interesting is all.

who i do trust?.....nobody!

live life on the edge, always alert, i believe thats the best way :)

well Chris, you opened the can of fishing worms. My dying question is, with nothing implied, why does AV Comparitives find Nod always number 1, and 600 other sites dont. I am not saying it isnt, because I like it, but the reality is, all this testing is bullshit. Pardon my, "you fill in the blank." But really, you best trusting source in this matter, is the frigging members here. Not a so called testing expert, not a magazine, not a young dude in Greece. It is the members here at Wilders. And that my friends, is the gospel truth. :D

{QUOTE-> detection was made by the av parts, why do they differ?
<-QUOTE}
kav 7 has new herusitic analyzer, maybe that's it.

i dont know why av-comp find nod32 so great and some others dont, i dont really look too much into these tests, like i said... i just find them an interesting read.

personally, i would have no problems what-so-ever using nod32 no matter what people said about it.

do you think i dont get the same comments for drweb?

it doesnt bother me one single bit, there will always be 'that-type' of people around, sometimes its fun to confront them :D

however, if i ever left my drweb which i very much doubt, id probably go-back to fsecure, as i had some good years with them and i know what they can and cant do and how things seem to run, or might give fprot a trial and see how that would go.

Ermm... nevermind ::)

if i created a website, did ZERO testing but posted the results... people would agree with the results.

lol, they would if i put avira, kaspersky or whatever at the top, with nods heuristics at the top, and but drweb near the bottom.

.....................

its pure fact that people would agree with the results, yet NO TESTING at all made.

i find that funny in itself, and just shows what people are like. ;D

{QUOTE-> if i created a website, did ZERO testing but posted the results... people would agree with the results.

lol, they would if i put avira, kaspersky or whatever at the top, with nods heuristics at the top, and but drweb near the bottom.

.....................

its pure fact that people would agree with the results, yet NO TESTING at all made.

i find that funny in itself, and just shows what people are like. ;D <-QUOTE}


I actually remember someone doing exactly this. ;)

{QUOTE-> Ermm... nevermind ::) <-QUOTE}

Come on Macstorm, add a little substance to after the "Ermm":)

{QUOTE-> Come on Macstorm, add a little substance to after the "Ermm":) <-QUOTE}
Sorry man, I was just about to add more fuel to the fire ;)
Enough to say I agree with most of comments here :thumb:

I have recently changed from Nod32 to Kis 7.0

All I can say is that kis 7.0 is IMO. much much better.

It has so many nice features that I dont see in Nod32, plus I found that the detection was much better.

And now in 7.0 they have their new heurestic analyser, plus they have the proactive defence modul.

All in all a massive securety suite with a very nice GUI compared to the look of Nod32.

Not trying to start a war here, just telling how glad I am with my change to kis7.0

{QUOTE->
It has so many nice features that I dont see in Nod32, plus I found that the detection was much better.
<-QUOTE}
so you actually found this out?

or was you told this?> i.e testing sites

i think the latter :wacko:

i notice their test methode is interesting, they tested the realtime protection, not juest a detections rate. 2nd is they tested the free one against paid ones, and we can see avast free is far behind avira free in realtime. and avira classic without ad/spyware detection is still almost as good as kapaski.

no,

because its all bullcrap.

avg free beats most of them, i dont think so.

nod32 soooo low, and also norton near the bottom too.

cmon, get real...... like i said, its bullcrap.

:thumbd:

{QUOTE-> so you actually found this out?

or was you told this?> i.e testing sites

i think the latter :wacko: <-QUOTE}

What I mean about the detection was that it found things Nod32 missed, also I like the way it can block viruses when you surf the net, instead of first having to deal with a message popup saying it has found this and that it can block it right away so that it dossent have a chance to load into the memory or temp internet files.

Also I like the GUI a lot more than the old clumsy design in Nod.

Some other nice things I like are the anti banner and the possibillity to launch my web browser with parameters so that if a program or something else is trying to load a page it can be blocked.

Plus much more.

I dont have a huge collection of virusses to compare the detection between kav & Nod, but it has already blocked 3-4 virusses for me from the web, and this within just one month. Also when you surf and it finds anything, then when you block it is takes you to a page with a short mesage at the top, displaying what has been blocked/deleted.

{QUOTE-> no,

because its all bullcrap.

avg free beats most of them, i dont think so.

nod32 soooo low, and also norton near the bottom too.

cmon, get real...... like i said, its bullcrap.

:thumbd: <-QUOTE}

Well I must say I was also surprised to see AVG score more than Norton and Nod32. Been a long time since I used AVG free edition so I dont know much is has been improved since that. It must have been improved a lot though since then, since it can score so high - because back then when I used it, it was indeed not very good.

{QUOTE-> It must have been improved a lot though since then, since it can score so high <-QUOTE}

The fact that it scored higher than other products in this particular test , doesn't mean it has improved or that it is better as a whole than the competition.

{QUOTE-> I have recently changed from Nod32 to Kis 7.0
All I can say is that kis 7.0 is IMO. much much better.
It has so many nice features that I dont see in Nod32 <-QUOTE}

Very well written , you don't see them . That doesn't mean they don't exist.

{QUOTE-> I like the way it can block viruses when you surf the net, instead of first having to deal with a message popup saying it has found this and that it can block it right away <-QUOTE}

In particular - NOD32 can do it , too . In IMON you just need to switch the option to
"Automatically deny download of file" and high the compatibility level and and then if a threat is found , you can only see a message like this
192057

So it can be done if there is a wish and need , instead of coming and bashing. If this was what you wanted you could have asked in the Eset forum

I don't completely trust magazine round-ups because I just get the feeling that they are trying to push certain products almost like advertising and they pocket something for doing so. I could be completely off the mark, but I am just suspicious lol
Another consideration is that they only used a limited set of samples, so I just don't see how such a test could be completely accurate.

Well I emailed the article writer and got a very good response from him. His name is Darien Graham-Smith.

I initially sent a very short email basically saying "did you even use the product" . So I got a reply and it says yes, what didnt you like about my article. Point by point I emailed what he had written and why I disagreed, he replied again explaining why he had made such points and to be fair and without getting into the actual AV testing he made some solid points which I couldnt disagree with. I think that if he had included the information that he told me then he probably wouldnt have got such a bad response from this community.

you cant brush off every test though you can look for a track record. If one continues to rate high in all tests then iy likely is, and if it rates low consistently, then the same. Tests are ok, you just have to look at the whole picture and not zero in on one or two.

OFFTOPIC:

haha
trjam changed again?
why f-secure this time?

:o Gee I can see why I changed to KAV 7 Now.

when I saw trjam had changed again I rushed to the f-secure site to see whether they had made any announcements.

no, nothing doing.

definitely an opinion-leader of Wilders!

I will be buying avira tomorrow courtesy of trjam being a follower - don't think I'll be following him in changing so often as it's too much of a headache.

Ian

I use 2, Avira and F Secure. THey are all good, just like the tests, you have to find the one you feel is right for you and go with it.Now if I was testing I would rank by catagory of all the test combined and it might look something like this.

Top Group-order reflects nothing in each group
Norton
Kaspersky
F Secure
Avira

Middle Group
F Prot
Eset
Dr. Web
Mcafee Virus Scan
Bitdefender
Norman
Panda
Avast-with potential to move up

Bottom
AVG
CA
Sophos
Trend Micro
Microsoft One Care

I think there is no need to rush after trjam - just sit tight and in about a week he will be back to Avira or Nod or KIS...:D and you will both again have the same AV;D

{QUOTE-> I think there is no need to rush after trjam - just sit tight and in about a week he will be back to Avira or Nod or KIS...:D and you will both again have the same AV;D <-QUOTE}

I'm saying nothing ;D.

{QUOTE-> What I see here unchanged compareing this with other antivirus tests is that Kaspersky is nr.1. As always. <-QUOTE}

Not as always, sometimes in the past Bit Defender, Nod and AntiVir got the crown in my tests. So don´t expect that Kaspersky has best detection rate, they are always high ranked, but not necessarily nr.1, maybe as security suite, but not always in detection.

I don´t believe AVG has merited such a high rank, in most earlier tests they ranked below midfield.

Monday I sent some commercial key loggers to Virus Total. I don't know what each
AV's settings are used at Virus Total but I know the same 8 AV's detected the key loggers. I think there were a couple AV's which used the same scanning engine and def's. What I was curious about is how Norton detected them all.
On a side note, I didn't install them to send separate files, I only sent the setup file to Virus Total. I might go back and resubmit the same versions today to see if they were added yet.
I can also tell you NOD & Mcafee did not detect them. I should have copied the results in case I needed them LOL
It is interesting to do your own testing as System Junkie does, just to see how fast an AV adds new def's
I know these tests make for good debate but I always wonder why people here don't just do their own testing by now?
I know there are still a lot of people out there that only switch AV's when they have trialled a new AV and it found something their old AV didn't and they keep switching over & over & over in an endless loop.
I think by now most of us know Av's can't keep up with maleware and especially against zero day attacks which are becoming much more common.
We all know that if you use your computer for banking without a password manager, and you get an infection your AV don't have def's for right away,
your account info might have been taken already.
Good proactive programs are needed more then ever now.
Does anybody know if they use NOD's proactive defenses at Virus Total?



controler

I don't think it's bullshit, I use NOD32 for about 2 years. It never found anything on my primary C partition, nor did the resident module, nor did the on-demand scanner. Last night I used the Kaspersky on-line scanner and it found 6 infected items on my C-drive. I tested them all 6 at http://virusscan.jotti.org/ and they indeed were all 6 infected.

It doesnt matter if folks here say all tests are bullshit. Because people read them, people trust in them, people buy based on them. And that my friends is all that really matters.

Most of these magazine tests are based on home-user type "suites" anyhow. So much of what GUI turns one tester on and another off seems to play a great deal into how much of this is ranked anyhow.

Personally, I detest most of the home-based suites because of the complete dumbed-down look and feel of most of this crap.

Another thought to go along with this testing nonsense. Check out the latest test from Consumer Reports. CR consistently ranked, get this: Trend Micro PC-Cillan their overall pick for: A/V suite, A/V and spyware. With only a slight ding for completeness, i.e. no built in HID.

Now, in case your unaware. Trend's spyware is getting better but still a bit lax on the definition of spyware/grayware.

The Consumer reports testing was already discussed in this thread.

http://www.wilderssecurity.com/showthread.php?t=181739

{QUOTE-> It doesnt matter if folks here say all tests are bullshit. Because people read them, people trust in them, people buy based on them. And that my friends is all that really matters. <-QUOTE}

Herein lies the fallacy of depending on others for guidance. People select a particular product or brand based on other's advice and recommendations. Your doctor can prescribe you an antibiotic which results in a severe anaphylactic shock reaction when all you needed is an aspirin. :o :wacko:

Just an update. Submitted the same keylogger setup files yesterday that I did a week ago & only the same 8 AV's are detecting them but like I said maybe it is not that important to flag a setup file.
Only way to know is to run the setup I guess and submitt the main program files.
Do any of you have sugestions for the best system file monitor. One that shows ALL new or changed files?

thanks

con

{QUOTE-> . Your doctor can prescribe you an antibiotic which results in a severe anaphylactic shock reaction when all you needed is an aspirin. <-QUOTE}
Lool, indeed, doctors love antibiotics.

{QUOTE-> It is interesting to do your own testing as System Junkie does, just to see how fast an AV adds new def's
I know these tests make for good debate but I always wonder why people here don't just do their own testing by now? <-QUOTE}
Exactly.

{QUOTE-> I don't think it's bullshit, I use NOD32 for about 2 years. It never found anything on my primary C partition, nor did the resident module, nor did the on-demand scanner. Last night I used the Kaspersky on-line scanner and it found 6 infected items on my C-drive. I tested them all 6 at http://virusscan.jotti.org/ and they indeed were all 6 infected. <-QUOTE}
Yes, nod lost a bit of his former power, but this scanner was always vulnerable for totally simple malware manipulation. Kaspersky still belongs to the top products against modded malware the same with AntiVir.

AntiVir made huge steps ahead in the last years, they surely have improved their team during this time.
They managed to jump from a middlefield scanner to a high end av in a time range of approx. 2-4 years.
But Kaspersky has the big advantage in making nearly no false positive, the worst case related to fp´s still
remains Dr.Web. (as I told sometimes ago: It´s unpardonable to show AOL as potential backdoor, that´s DrWeb)
Beside: Bit Defender is also a delicate candidate for the top 5 of most false positive´s but surely behind Dr.Web.

{QUOTE-> Do any of you have sugestions for the best system file monitor. One that shows ALL new or changed files? <-QUOTE}
Process Monitor (http://www.microsoft.com/technet/sysinternals/utilities/processmonitor.mspx)
InCtrl5 (http://www.pcmag.com/article2/0,4149,9882,00.asp)
:)

I really can't take any of these "tests" very seriously as they seem to vary from test to test, even by the same testing group. The only thing they're useful for is just a general impression, that's about it. Just my humble opinion....

{QUOTE-> I really can't take any of these "tests" very seriously as they seem to vary from test to test, even by the same testing group. <-QUOTE}

They vary because things changes, I give you a tip: Create about 40-80 unique common samples of malware, use different packers, crypters a.s.o. Then test the whole set against all scanners, do the same every 3-6 months. You will be surprised and it´s funny to see what has changed but one thing is to overcome: You need time and stamina because this could make a lot of work.

Lucas

I have used PM but never for monitoring an install. IS this a process where by you log the changes and go in manualy to delete them?

InCtrl5 is shareware and so I am not sure that would work for me. I used TotalUninstall a few years ago but didn't see it tracking all files & reg entries at that time.


con

{QUOTE-> I have used PM but never for monitoring an install. IS this a process where by you log the changes and go in manualy to delete them? <-QUOTE}
I never used PM to monitoring an install. It's a bit over my head :)

Process Monitor is the best tool available.

SystemJunkie

How do you use it for that? I was looking and didn't see anything except looking at the date time stamp, then removing things manually.
Just reinstalled PM today and had to uninstall KAv or PM would hang.

This is the big problem of Kaspersky´s klif.sys, the slow motion maker.

@controler: learning by doing, nothing else, just do it, test it then you will check it.

Oh and that really helps!!!!!

{QUOTE-> They vary because things changes, I give you a tip: Create about 40-80 unique common samples of malware, use different packers, crypters a.s.o. Then test the whole set against all scanners, do the same every 3-6 months. You will be surprised and it´s funny to see what has changed but one thing is to overcome: You need time and stamina because this could make a lot of work. <-QUOTE}

I absolutely agree. It is interesting to compare how the main vendors perform on the very latest stuff with today's updates, and then to run the same tests again three months later (with the latest updates but the same samples).

I would not entirely blame magazine reviews for the public's perception of what the best AV is. Walk into PC World and you'll see a small collection of options available (mainly Symantec- and McAfee-based). The general population isn't interested enough to even read magazine reviews, let alone specialised forums full of experienced users. It's frustrating.

Of course, every so often you get a magazine review that uses a decent, large sample of malware. These tests aren't bullet-proof, but they are more useful than the "Panda had a lovely interface, but I prefered Norton's" grouptests. I would count the tests that Computer Shopper and PC Pro have run recently as being useful*.

[* DISCLOSURE: But I would, because I am involved in the testing]

{QUOTE-> The general population isn't interested enough to even read magazine reviews, let alone specialised forums full of experienced users. It's frustrating.

Of course, every so often you get a magazine review that uses a decent, large sample of malware. These tests aren't bullet-proof, but they are more useful than the "Panda had a lovely interface, but I prefered Norton's" grouptests. <-QUOTE}

Lol, indeed, the mental darkness is still on a very high level it would need endless time to highlight the mass-spirit, probably it´d be in vain. If I were the creator of this world I would transmit each reasonable soul already a mass load of high-iq information from the start. I would stop the purgatory process of oblivion. ;-))