Whole Product Dynamic Test Overall Results August-November

I look at it from an entirely different perspective. Anti-malware software is intensive on the system in general and I do not like to switch products very often, especially since if I want the one that is the best, I would be switching every year--sometimes every half year. That is crazy to me. I would not recommend that to anyone. Every security vendor reacts differently to programs present on your system, so it is always best to pick a security solution and stick with it in my opinion.

I want a product that I can trust to catch all wild-list samples and have decent zero day protection consistently. I look for consistency of results in AV-Comparitive tests. Microsoft OneCare was useless to me because they scored really high in one test, then dropped to a standard rating. However, Microsoft's Security Essentials has very consistently earned Advanced and a few Advanced+'s, and I like the interface, easy of use and deployment, and the 1st party ease of integration into the operating system. Next to Prevx, it has been my choice of traditional security software for 1.5 years now and I plan to keep it for as long as Microsoft is serious about the continued development of it...which they are very. In fact, they plan to make antivirus software obsolete and integrate it into Windows 8. Now I do not believe they will accomplish that goal anytime soon, but it is definitely a huge step in the right direction.

Sure other free options like Avira/Avast have performed better from time to time in AV-Comparitives tests, but they are not consistently rated, and whenever I see other test sources, all the free AVs perform similarly in my experience.

And once again, I generally do not place much trust in blacklist based prevention measures in the first place. The heart of my security setup always involves making known-clean system images, software restriction polices, standard user accounts, leaving UAC on set to Vista mode (which does in fact make a huge security difference yet so many people disable it), and reducing attack surface with exploit mitigations found in EMET. And of course...update update UPDATE! If they release an update, you download it. You'll be thankful later when a gibberish URL takes you to a blank page instead of injecting malicious code into your operating system.

There are people that do what I do and do not use any real-time protection other than a firewall, and they will do a full system scan every month or so with a tool like MBAM or Hitman Pro. I prefer to have a real time product enabled, however. Other fans of whitelisting like myself use a HIPS product, which I also would condone, though I will emphasize again that I am not talking supplemental HIPS found in products like ESET 5. Those are by default set in a "learning mode" and are not true whitelisting measures. I am talking DefenseWall or Defense+ type of products.

Just my two cents. I am not an expert by any means. Sorry for the long post.

EDIT: One final note about my signature, which says I use Webroot SecureAnywhere Essentials. I should change that to say "AntiVirus." I only have Essentials because I got an upgrade for free when one of their support staff mistakenly gave me that license type. I generally do not like security suites and do not recommend them, though I must say I am very impressed with the 600kb suite they offer. ;-)

 

STVC0726:

How come you are using two real-time programs at once? (MSE and Webroot)

And, very well written post. Agree with you on most points.

 

I can understand why you would use F-Secure instead of Norton, but I don't understand how you could find these results fishy based only on your past experience with Norton. Particularly since Norton did not get a 100% protection rate.

 

There is nothing like a balanced and open view on a product,and this is nothing like a balanced and open view,its pretty obvious that even if Norton performed better than any other product for the next 10yrs that you would find or make up a reason not to use/like it

 

In every single Whole Product Dynamic Test (4) Norton has had the least compromises. Either Norton is doing something right or AV-C are doing something wrong. If it is the latter then other testing organisations must be doing something wrong too as Norton ranks similarly with them. (in the same type of test)

(I lean more towards the former as you would guess)

 

The Norton thing will never be settled.


Peace to you all and Happy Christmas

 

Avast really disappointed me

They perform POORLY all this year. Rethinking to switch back to NIS while I having 6 months before expire.

 

Avasts protection is still more than adequate.

 

Some antivirus software packages are more adequate than others.

Hopefully Avast can pick up their game. They have a large user base they should utilize more for improving zero day detections.

 

I can't believe how impressed I am with NIS 2012. In all my years as a tech, I could really never recommend the Norton/Symantic line to anyone. After hearing that they re-wrote everything from the ground-up and then started to perform (and out-perform) I had to download the trial and see for myself.

Running NIS 2012 on a 6 year laptop. Specs - 1.5 GHz single core cpu, 1 gig ram, windows 7 32bit. NIS is running smooth. Resource hogging, bottleneck problems gone. No problems whatsoever. I'm very impressed with the overhaul they did and the detection rates that the review sites conclude are very in-line with what I'm finding at home so far.

This is coming from someone with a hardcore anti-norton bias. And now, after a few days of testing, I'm strongly considering a 1 year license for 3 PCs and running this as my main.

 

Yeah it's a pity a lot of people still view Norton from 5-8 years ago and will not give the new versions a further chance.

IME, the last few releases have been stable, lightweight, very good detection and even the uninstall seems to be working to good effect. It's a shame that some of the other bloated suites do not undergo a complete re-code.

If you do not buy at the retail price, NIS/NAV is a very good choice at the present time.

 

Just because a product was poor or good in the past doesn't mean it will always be that way,nobody remember how poor Avira was or how a certain russian product was miles ahead of the others in detection/cleaning:-the performance of both these products/companies has changed over the past few years,the status quo never remains

 

One thing I haven't tested yet is norton's recovery disc. I generally use Kaspersky v. 10 and that does a fine job but I'm curious how Norton would perform on a heavily infected machine.

I see Kaspersky getting high praise in the removal category all the time. Norton scores a little lower but still puts up good numbers.

And Webroot....Mind telling me where your recovery disc is at?

 

Used to always Use Kaspersky but latest versions have had too many issues,even the tool they provide to remove their products can play havoc with an office install if used to "remove all known products" but it still offer good protection

 

Some more adequate than others? Sure. But my comments were made based on an apparent stated need to switch based on a testing orgs results as opposed to being personally repeatedly compromised. I know many people who are getting along just fine with Avast and who have never heard of any testing orgs period. Incidently it has been stated and not by me but someone in the industry that an Av scoring standard would be still be fine for the average user. Also the person whom I was replying to is using other safeguards. "Avast! IS | MBAM Pro | HMP | SpyShelter | SD"

 

The answer is simple!
The success of Norton is its Download Insight and SONAR. These 2 technologies make Norton really good in dynamic tests, but in on demand tests and tests done without internet connection Norton is not that great. So if internet connection is not a problem for you, Norton rules.

 

Although I am disappointed with Avast I would use it, but as with ANY AV I would run MBAM alongside in real time.
Jerry

 

I am by no means a fanboy of any AV,but i can tell that i like a product better or another,based on my experiences.Avast is one of them.No other AV can match Avast on lightness, speediness and trouble free on my system.And an average of 97% detection is not bad at all,that's why i will still use Avast with MBAM realtime (for a second realtime opinion) and a FW with HIPS,or not,depending on my mood. And as i use all my browsers sandboxed,Comodo Time Machine for quick recovery and Paragon as last line of defense,i can say that i'm worry free.I just simply don't wanna run and install another AV...i think it's useless this move.Well,at least for me.
Oh,and if every time when i'm scanning with Hitman Pro and another scanners the system is clean...why should i bother to change? Only because of a test?No sirree...

 

Because you can if you want a layered approach!

TH

 

That well depends on the products in question.

 

I'm just saying WSA can run with other AV's if wanted to, as most other AV's can't run with another!

TH

 

Wasn't trying to pick on you, just wanted to see that clarified.

 

No problem I understood!

TH

 

On the contrary, that is the precise criteria under which I specifically stated I would consider using Norton. That is, if they consistently remain one of the top products in multiple, reputable, third-party tests done by organizations like AV-Test and AV-Comparatives.

Personally, it is not about whether I would use Norton, as I currently do not believe in paying for anti-malware software for my own needs. What I was referring to, however, was if I would possibly recommend Norton to my clients - my answer to that was yes, if they prove themselves overtime by remaining great for as many years as they've been horrible.

This is not necessarily anything completely against Symantec per say; rather, it is a personal policy and belief I have because I refuse to change anti-virus applications every year based on which one scores slightly better than another.

So there you go...if Norton gives 5 years of a solid product that remains in an Advanced to Advanced+ category, I shall consider recommending it to my clients. There's a reason the saying is "road to redemption" - as in redemption must be earned - not granted just based on the results from a few tests.

And lastly...

As Joe (PrevxHelp) has stated before, Prevx (and now Webroot) spends a lot of time and effort ensuring their real-time product remains compatible alongside other, traditional anti-virus packages. I find having the option to run two adds peace of mind and arguably a margin of better protection, especially since WSA still has bugs that are being worked out. Generally, I would advise that Webroot or Microsoft Security Essentials is enough by themselves - and I especially would advise AGAINST running two real-time products together that were not specifically designed to be compatible in such a way.

Webroot SecureAnywhere & Prevx are rare, special exceptions to the good old rule of "Never run two real-time anti-malware applications at once!"

 

If you were an IT professional you would know the chances of any anti-malware product to remain at the top over a five year period is very low,how long as Avira had a good rep?used to be pretty bad,worse than Norton,the worst aspects of Norton of old wasn't so much detection,even though that could be mediocre,caused mainly by the period between data-base updates,days not hours as it is now, it was the very poor uninstall and the fact on install it seemed to go into places it had no need to AND was very heavy on system resources:-these are all things of the past,but if it deteriorated towards Norton of old I would have no qualms about dumping it:-I try to use and recommend what is best at any given moment in time,the past is the past and what may happen in the future is just conjecture and may never happen,but even if a product does perform at or near the top for 5yrs it may decline as soon as you do start to recommend it,I'm not an astrologist so I just go with today(and recent product history)