Originally posted by: John
Originally posted by: Ken90630
Yeah, I noticed that too. But there isn't a huge difference between the Advanced and Advanced + ratings, and all these companies ebb & flow in terms of being on top over one period of time and then slipping a little, then coming back .... Who knows -- maybe NOD32 will be back at Advanced + next time and one of the other top dogs will have slipped a bit. What suprised me a bit was McAfee's comparatively poor showing.
Yea NOD32 missed Advanced+ by <2% IIRC Esets advantage is in heuristics, and their downfall is adding samples and lack of signatures.
I also remember just a few years ago when Kaspersky was just another a-v product on the market with performance that wasn't anything to get excited about. Now they're at or near the top. Ditto F-Secure.
F-Secure uses the Kaspersky engine. So do several other well known AV companies.
I don't think there necessarily is a "best" anti-virus product on the market. It depends on a person's priorities and also their vulnerabilities in context with their entire computer security plan. I, for instance, would prolly prefer a product that scored Advanced rather than Advanced + in one test if that product was better in other areas that are also important to me. The chances of receiving one of the very small number of viruses that NOD32 or the other "Advanced" products might miss are pretty slim, and as long as they 'catch up' and get the necessary definitions released in a reasonable amount of time, I wouldn't lose sleep over it if I used one of those products.
I agree. It's not all about the detection rate, although that should be high on the prioroty list. Low resource usage, update frequency, gui, support, and other areas should be considered when choosing an AV. It's all subjective, and the independent reviews should be used a guide when making your decision. However as it stands you can't go wrong with the Kaspersky engine. Version 7 is in beta and the new heuristics module should rival Eset's.
I'll be particularly interested to see the next round of AVComparatives' tests, which they say will include rootkit detection performance. Since rootkits are reportedly all the rage among the malware-writing scum, we might see a real distinction between "the men & the boys" next time since a lot of a-v products don't have any rootkit protection at all. We'll see.
Avira added rootkit detection to their free version last week. In fact I think it's the only freebie with RK detection. Speaking of detection, check out the new PC World AV tests that were conducted by av-test.org which is one of the most trusted independent test labs.
http://www.pcworld.com/article/id,130869/article.html
Yeah, I think we're in agreement on pretty much all of this. And yeah, I knew F-Secure and others use the Kaspersky engine (hence their effectiveness!). As you prolly know, reportedly the only drawback to the "multi-engine" products, like those that combine two or even three engines in an attempt to get higher detection rates (an admirable goal, of course), is that scan speed suffers. But hey, it wouldn't bother me much to have a scan take an extra few minutes or whatever if it increases the detection rate by a few percentage points. Actually, NOD32 performs pretty darn well considering it's a single-engine product (and it costs a bit less than Kas or F-Secure, presumably because eset isn't having to pay a licensing fee to Kaspersky and/or others to use their engine). Whatever -- they're all good.
One thing I've been thinking about more & more is the importance of overall detection rates of known viruses vs. heuristics. I'm not a NOD32 fanboy or anything, but to me, I'm not that concerned with my A-V program's ability to detect some 2-year-old virus that reached its peak infection rate long ago and is all but out of circulation now. If I had to prioritize, I'd rather my A-V program have excellent heuristics, since it would seem that an attempted infection by the newer, more-difficult-to-catch viruses (and their variants) would be more likely to occur and more important to stop. Particularly when they're "zero day" malware that the A-V companies don't have definitions for yet. Whaddya think -- would you agree or disagree?
And yeah, if Kaspersky's new heuristics rival those of NOD32, Kas is gonna be tough to beat. I just wish they weren't headquartered in a country (Russia) that still has nuclear missiles pointed at you, me and our families. That's really the only reason I don't use Kaspersky myself.
I checked out those
PC World rankings. Without knowing the scope of A-Vtest.org's testing procedure, I can't really comment on those findings. (And what's up with BitDefender supposedly having a 124% system slowdown rating? Is that a typo? ) I will say that, like a lot of computer products tests/reviews, the results on A-V products tend to vary considerably depending on who does the testing. So yeah, like you say, just use them as a guide.
A-Vcomparatives.org's testing seems to be pretty exhaustive, I will say that. But like you also said, the "best" product is subjective. It would also be pretty hard to buy a product that is guaranteed to be the best and stay the best, by whatever criteria you choose, for very long. The differences among the top-tier products seem to be relatively small, and they change from year to year, so even the "best" product today might not be the best anymore six months or a year from now. I personally don't want to change A-V programs that often, so I think it's best just to pick one of the top 3 or 4 programs and stick with it as long as it works well for you.
Interesting thread.