Anti-Virus Comparison (from "The Journal")

Discussion in 'other anti-virus software' started by Capp, Aug 9, 2005.

Thread Status:
Not open for further replies.
  1. Capp

    Capp Registered Member

    Joined:
    Oct 16, 2004
    Posts:
    2,125
    Location:
    United States
    A very interesting article from "The Journal" 8/05 (further info here) that looks at:

    "How to keep your campus safe from infection"

    The Setup

    The antivirus software programs were tested on a fully patched Windows XP Professional machine loaded with Service Pack 2 and the latest software versions and definitions from each company. Only consumer products having some presence in the US (or at least I thought they did prior to testing) were tested. I did not read any manuals. Like most of you, I just want to install my antivirus product and know that I am protected so that I can continue with my chosen activity. The following products were tested on the same night. The viruses were then e-mailed that same night to each company (using a distribution list). Exactly a week later, I updated all antivirus definitions and retested; those results follow as well.


    http://www.thejournal.com/magazine/vault/images/a5421b.gif

    Antivirus Software Vendor Breakdown

    Sophos Anti-Virus Version 3.86.2
    Comments: This program has very few options, no manual update, and no way to unload from memory, which may or may not be a bad thing. It does have an option to scan for Mac viruses. However, it did lock up when extracting my zipped viruses, which made testing tough. The program is also fairly resource-intensive. When I called on a Saturday night, a technician answered the phone and was very helpful. He e-mailed me a nice script to help capture new viruses. It stated that they do not detect any Trojans used for spyware. This product has no online update service. When I downloaded the new definitions dated November, it was only the third week in October.

    McAfee VirusScan 9.0
    Comments: This is a great interface for someone who has no computer knowledge; it looks pretty easy to use with very limited options. This program is quite a drain on resources, and it locked up the computer when unzipping my viruses. Its interface encourages you to buy other security products. Very slow scan speed when scanning a single file. It also scans about 35 extra system files making it agonizingly slow. After sending several of the samples, McAfee e-mailed back saying they were new viruses, but its software still did not detect them a week later. When McAfee e-mailed back the results, they included an updated definition called extended.dat. However, they didn’t send any instructions regarding what to do with it. After searching with no results for an existing file by the same name, I put it in the folder with the clean.dat and the scan.dat file, but it did not seem to do anything even after a reboot

    eTrust Antivirus Version 7.1
    Comments: This program kept locking up. When I rebooted the computer, the SP2 fire wall prompted me to allow eTrust to connect to the Internet, but it still didn’t run properly until I completely disabled the firewall. eTrust has two different scan engines you can choose, although neither one of them found my viruses. The options available were few to moderate. It took a lot of work to get this product to function, only to have it find one new virus. The company’s Web page is difficult to navigate, which is why I gave you a direct link to the product (these guys market a ton of solutions). You must disable the SP2 firewall or manually set permissions to update.

    Kaspersky Anti-Virus Personal 5.0
    Comments: No reboot required for install; nice, easy-to-use interface, nice options. This product also comes in a professional version for the advanced user. Great archive scanner prompts user for password on locked files. Didn’t update right away, but when I clicked on the update, it told me they were seven days old and updated. By far, the best Web site with the most information and an online scanner.
    NOD32 and Kaspersky were the only programs that caught my viruses as I copied them into my VMware session, and when I highlighted the file with the mouse without opening them. This is definitely one of the best products out there, and I could not stop laughing as it squeals like a pig when viruses are detected


    PC-cillin Internet Security 2005
    Comments: Nice pre-scan on the install; says it can detect spyware. Unfortunately, the program doesn’t seem to detect much of anything, but manages to delete an entire archive without asking, even if just one infected file is found.

    Panda Titanium Antivirus 2004
    Comments: One of the slowest products tested, and it requires the most memory out of the programs tested. However, the program did perform fairly well, and the company representatives were responsive to my e-mails.

    F-Prot Antivirus for Windows Version 3.15b
    Comments: Small and fast install, quick update (came with virus samples only a week old), but offered limited options. At testing, the definitions had not been updated in almost a month.

    Norton AntiVirus 2005
    Comments: Limited support plan, very high resource usage after install, needs extensive updates and a reboot (a problem for dial-up users.) Has a built-in pre-scan during install. Detects spyware, but not the Trojans used to install them. Did not autoupdate; I had to do it manually, and the product required a reboot to be effective.

    F-Secure Anti-Virus 2005
    Comments: Appears to consume a large amount of resources. Needed a reboot to work properly, but product did not indicate that was the case. Auto-updated a week later with no manual interaction required. Very fast scan, works very well.

    BitDefender 8 Standard
    Comments: Nice package, however the software offers few options and was semiresource intensive

    NOD32 Version 2
    Comments: Very low overhead; advertised as the fastest scanner in the world. Web site lacks a little information. Internet module watches IP stack and intercepts viruses before they make it onto your computer. Great support; no automated answering menu; always a live person and never any wait times. Great heuristics; in fact, some of the best reported by independent testers. (Tests report 85 percent, while NOD32 claims they are at 91 percent.) Automatic updates start immediately; no reboot. One of two products that caught viruses importing into my VMware session. After detection, it would no longer allow me to access those files. It is also worth noting that the last few big viruses that disabled other antivirus software products did not disable NOD32. This is an outstanding product, probably the best. These guys are definitely not marketing their product enough, as they are the most decorated antivirus software out there.

    Norman Virus Control Version 5
    Comments: No reboot required after install, but a little sluggish. Technician did return my phone call

    RAV AntiVirus Desktop Version 8.6
    Comments: No reboot, says it protects against all malware—107,060 different pests/Trojans to be exact. Not sure the ondemand scanner really scans anything since it always reports the same number of files each time. This product is temporarily unavailable for download, but I found it on the company’s FTP server. According to the company’s Web site, Microsoft acquired RAV’s intellectual property rights, and the company closed down its direct sales (including its e-store) in September 2003. And although the site still offers updates, they seem to have little to no effect


    Final Results

    *Scott Brown is an information security analyst at Colby-Sawyer College.
     
  2. Capp

    Capp Registered Member

    Joined:
    Oct 16, 2004
    Posts:
    2,125
    Location:
    United States
    BTW...I did not post this to start a war...just to show an article that I found very interesting.
     
  3. hbkh

    hbkh Registered Member

    Joined:
    Jan 15, 2004
    Posts:
    128
    Location:
    Ohio, USA
    This article has already been covered here. ;)
     
  4. Capp

    Capp Registered Member

    Joined:
    Oct 16, 2004
    Posts:
    2,125
    Location:
    United States
    So I see. I just got the magazine in today so I thought this was new news.

    Oops!

    Well, I posted the results to save everyone the time of having to browse their website for them.

    Seems like quite a lengthy discussion too over it ;)
     
  5. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    I thought BitDefender had Heuristics called HIVE?
     
  6. Detox

    Detox Retired Moderator

    Joined:
    Feb 9, 2002
    Posts:
    8,507
    Location:
    Texas, USA
    *spanks Capp*

    ok - not really but let's keep the discussion in the original thread for the sake of keeing things organized - I'll close this one and discussion may continue there.
     
Loading...
Thread Status:
Not open for further replies.