G'day All;

Due to the multitude of virus/bug problems encountered by many members recently, plus the varying opinions of which A/V program works best; I decided to test some of the A/V programs offered by the major software manufacturers.

I had done a similar comparison 3 years ago and wanted to see how things had changed.

I decided to test:

Avast! Home Edition 4.8.1229 (Freeware)

Norton AntiVirus 15.5.0.23 (Payware)

McAfee VirusScan 10 (Payware)

Kaspersky Anti-Virus 8.0.0.454 (Payware)

AVG Free Edition 8.0.173 (Freeware)

------------------------------------------------------------
The test rig: My old Dell P3 866MHz 256MB RAM 40GB H/D

Please note that this box is old & slow. Use the scan times only to compare the speed of the different programs.

For example: AVG Free 8.0 took 3hours 41min. to complete the scan.
On my new P4 3GHz 2GB RAM; AVG takes 1hour 40min. to scan the same number of files

------------------------------------------------------------
NOTES:

- could not load & test Kasperski due to a conflict with the previously installed & removed: McAfee & AVG. This is a real shame as it was 2nd best in the previous testing. I was unable to locate the source of this conflict as both has been properly removed, all residual files were erased & the registry thoroughly cleaned.

- all programs have e-mail scanners, resident shield and some type of browser protection, plus "pop-up" blockers.

- both payware programs have their own firewalls

- AVG Free also has AntiSpyware incorporated into the program.

- all programs update daily. AVG Free updates twice per day.

- all programs were set to perform the deepest scan possible (scan the maximum number of files) This is why some of the scan times are very long.

---------------------------------------------------------

My purpose here is to compare the programs. To me; scan time is second to the depth of the scan & number of files checked.

I don't want to start any arguments or piss anyone off; but there is a clear winner here. I have included screenshots of all the test results to provide proof of my findings. I am sure many of you will be surprised by the results.

---------------------------------------------------------

Test Results - Worst to Best

McAfee - 197,975 files scanned in 2h 20m (time approximate - not stated in results)

AVAST - 375,926 files scanned in 5h 57m

Norton - 490,629 files scanned in 1h 5m

AVG Free - 1,078,498 files scanned in 3h 41m

-----------------------------------------------------------

Comments:

AVG Free clearly checks the most files, more than twice the number of Norton.

I was surprised that Norton came in 2nd. In the previous testing it was dead last. Congrats to Symantec for seriously upgrading their product. I suspect this is a result of the changes needed to make it compatible with WinVista.
(Symantec & McAfee whined, bitched & complained the loudest when they found that their previous products were not compatible with Vista)

McAfee was 3rd in the previous testing. I am personally shocked at it's last place position this time. Not to forget it checked less than 1/5 of the files that AVG Free does.

I had heard good things about AVAST but never tried it personally. It scored better than the payware McAfee & is free; but checks less than 1/3 of the files that AVG Free does.

--------------------------------------------------------

To all P3 users:
When AVG Free upgraded from V7.5 to V8.0 (a few months ago) this was the single most important thing that made my P3 obsolete. With combining A/V & Antispyware plus the addition of Resident Shield & browser protection; the drain on the limited system resources caused a major & very noticeable decrease in performance & speed. The machine became frustratingly S-L-O-W.........

---------------------------------------------------------

Well there you have it; the poop, the whole poop & nothing but the poop; like it or not, these are the facts.

.
.

Told yer so:costumes:

Longjock

Hi all,
You should try PC Tools free A/V program.Combined with their free firewall and Threatfire program it works as a great Internet security suite.

Buddha13

Try Avira Antivir - it's free and it's good, although lately it's been picking up stuff in some of my old downloads - false positives?

I have tried quite a few ....I like AVG the best:applause:

Hey Moe, me too. Off the subject, but if there is ever a contest for best Outhouse avatar....You win hands down. :costumes:

:costumes::costumes:, tanks
Hey Moe, me too. Off the subject, but if there is ever a contest for best Outhouse avatar....You win hands down. :costumes:

But how do they perform in a dogfight? Betchya get flamed from behind quite a bit using Mcfee. :costumes:


Actually though I have followed Dirtmans recommendations on security and have not had any serious problems, Thanks Dirtman :ernae:

....that the number of files scanned is a valid test of the various programs' effectiveness?

I think you might be making a false assumption here. Each program has a set of scan options, some of which are extremely detailed and cannot be duplicated in the other programs. Different settings mean different numbers of files are scanned. Heuristic Scanning, for example, is one such feature which allows (amongst other things) the program to eliminate certain files from the list of those needing a thorough scan. Also, the payware programs that have their own firewalls will not rescan files that were scanned as they came through the firewall and have not changed. :kilroy:

...TR quote
"Heuristic Scanning, for example, is one such feature which allows (amongst other things) the program to eliminate certain files from the list of those needing a thorough scan"

.........yep.........scanners have encryted and salted logs so that troj and worms cant easily breach their defenses(which crackers are always trying to test)
so "heuristics"(anti-viral signatures based on "rules of thumb", educated guesses, intuitive judgments or simply common sense.) are used against changes in the registry to decide if there has been a change since the last scan
.and if no such changes have taken place those files will be ignored on that scan as having been checked
(until such time as they are changed in which case will be re-scanned next time)

....that the number of files scanned is a valid test of the various programs' effectiveness? I think you might be making a false assumption here.

Past experience. I once noticed that the number of files on my box was growing almost exponentially each day - without good reason. It took allot of digging but I eventually found the worm.

In my opinion: The more files that are tested, the more secure you are.
This is a logical assumption.


Each program has a set of scan options, some of which are extremely detailed and cannot be duplicated in the other programs. Different settings mean different numbers of files are scanned.

Yes I am aware of this. That is one reason I spend a few days with each program. I prefer to use the deepest scan possible. - I try them all.

While testing McAfee I found 2 types (of scans). Ran both (several times) found one checked slightly more files. When added together, the total was still less than 400,000.

I watched which files were scanned & saw the same ones during each scan - I didn't watch each file for the whole scan. I assumed one was a "quick" version. Perhaps I was incorrect in this assumption. Does that mean that I'd need to do 2 complete scans with McAfee to have complete protection? I doubt it, but it is within the realm of possibility.


Heuristic Scanning, for example, is one such feature which allows (amongst other things) the program to eliminate certain files from the list of those needing a thorough scan. Also, the payware programs that have their own firewalls will not rescan files that were scanned as they came through the firewall and have not changed. :kilroy:

A very valid point. But what about the files that already exist on a mature system? (like the test rig) I noticed McAfee's file count increased slightly each day, never decreasing. Virtually no new files entered the box, just program updates. (no surfing)

Two things are for sure:
1) Any app. will only scan the files that it is directed to scan.
2) Any app. will only find the malware that it is programmed to look for.


Personally; I have the time to spend on long scans. One nice feature in AVG Free is it will auto-quarantine any bugs it finds & auto-shutdown the box at the end of the scan. This is perfect to use at the end of the day.


I do not use auto-update or scheduled scans.
How many people have been screwed up when some program decided to update itself?

- Last January, poor Obi called me in a panic on a Sunday evening; he was transferring some of his work to another h/d when AVG began to update. He lost the whole enchilada.......
My advise? Update manually EVERY DAY right before you are going to scan. If someone is too dumb to remember to do this; - in my opinion: they deserve to be infected.



Thanks for your comments Brother; I know you've been doing this whole computer thang allot longer than me. I have no formal training either, just experience in what works & what don't.... solving problems are they occur.

Dirtman-:wavey:

Thanks for taking the time to test all these softwares and sharing your results with us. I've been using AVG for over a year now and I have to say, I agree with your findings. I very much like the fact it checks for updates twice a day.
Great insight on all of them!

.........yep.........scanners have encryted and salted logs so that troj and worms cant easily breach their defenses(which crackers are always trying to test)
so "heuristics"(anti-viral signatures based on "rules of thumb", educated guesses, intuitive judgments or simply common sense.) are used against changes in the registry to decide if there has been a change since the last scan
.and if no such changes have taken place those files will be ignored on that scan as having been checked
(until such time as they are changed in which case will be re-scanned next time)

Thanks for the deeper explanation Bro. Many of us are either: too poor or too cheap to afford the payware apps. which have this more advanced function.

I use Spybot's "Tea Timer" (freeware - optional in S&D 1.6.0) which alerts me when anything tries to change the Registry or add itself to the "Start-up" file list.

I could not use this function on the old P3 due to the limited system resources.

.
.

Hi Dirtman,
You should try these programs,
PC Tools free A/V program.Combined with their free firewall and Threatfire program.
Or atleast the Threatfire program.
You can get them at,
www.pctools.com (http://www.pctools.com)

Buddha13

I have been testing it (PC Tools A/V) for the past 24hrs.
Gonna give it a couple more days before posting any results.

I tested Threatfire about a year ago & went back to Spybot S&D.:running:

I'm happy with the generic WinXP SP2 firewall at this time. :jump:

Thanks for the H/U Bro!! :173go1:

:costumes: :costumes: :costumes:

Hi Dirtman,
From what I understand about the Windows firewall is that it only scans in one direction,Inwards.So if something does get past your a/v software you would not know if it was connecting to the internet.
The PC Tools one like many others works both ways.So if there is a program/file you do not want connecting to the net you can stop it.

Buddha13

1. Everytime one of the troops here at SOH reveals that he has a bug, it seems that he was relying on one or more of the freeware programs mentioned above. I've never seen a complaint of a virus, trojan or worm from someone using updated McAfee AV/AS/FW. (I have found problems with Norton being used by friends, and had to do a manual removal for them using tools available at McAfee Support and McAfee Forum.)
I've been using McAfee for ten years, and have never contracted any infection...though many have been caught trying to get in....and I visit some risky areas on the web.

2. Expensive? I paid $39 online initially for the suite I use and get a special member annual renewal for $29, including tech support that is superlative. Anyone I know who has lived through an infection (even if they eventually got rid of it) would have been happy to pay $29 to have had it not happen. While some of the freeware works medium well, it is written by volunteers and is never as tight or up-to-date as the commercial stuff.

3. I maintain that the number of files scanned is not a valid indicator of effectiveness, at least in the case of McAfee. McAfee's a ram hog of a program because it is capable of determining whether or not a file requires a scan. It's called efficiency.

4. If you want a good indicator of effectiveness, you're better off using the size of the software install and the amount of RAM it is using in Task Manager. The bigger the install, the more RAM in use, the better your protection. Skimpy code, skimpy RAM usage = skimpy protection.

I admire Dirt's analysis and his resolve in carrying through, but I hate to see it generate a false sense of security. I've worked for years in the computer side of several businesses, including computer training centers, all of which are hands-down McAfee devotees. My wife's office will only allow access to their VPN via the internet by computers using McAfee. There is a reason.

:ernae:

quote DIRTMAN
"I use Spybot's "Tea Timer" (freeware - optional in S&D 1.6.0) which alerts me when anything tries to change the Registry or add itself to the "Start-up" file list."

....excellent proggy TEA TIMER is a very good registry mod proggy definitely rivalling other PAY progs
......( i'm a firm beleiver in "if i use a proggy a lot i pay for or donate to it"

.....as ive stated before my EMAIL system is
........"mailwasher"(to remotely look at headers on the isp)
.......any email reader other than OUTLOOK(i use PEGASUS)
.......this system stops about 90% of infestation

......ZONE ALARM PRO, AVAST PRO ....both paid for,(AVAST this week) and SPYBOT SD tea timer resident
(my personal decision based on performance and like TR i hang out in some of the most unsavoury areas on the net:d

........but whatever you use make sure you use
..............a FIREWALL
..............a VIRUS checker
..............a SPYWARE searcher
and most importantly a REMOTE EMAIL VIEWER(like MAILWASHER) so 90% of the nasties wont even make it to your machine

I am a comcast subscriber and a student at UVU, so I can get the McAffee suite free two ways... why don't I?
When I was younger, about 13, I discovered the internet. I was rather ignorant, though, and I ran my computer on the internet heedless of any problems, with no Antivirus, Antispyware, or even any firewall. I was running Windows98, too, so many of the very newest bugs even then simply did not work on my machine. After two years collecting bugs of all sorts, I finally pulled my head out and looked for AV. I ran three (3) different programs before my machine was clear!
First, the payware PCDoctor. It spent a whole day and three reboots scanning and got some 6000 bugs... not bad it seems until you see what was left behind.
Next, I followed it with the McAffee scanners I could get free from comcast... that took about 5 hours and found roughly another 1500 bugs the first time I ran it. Still not shabby - until you know what it left behind!
Finally, I ran the latest AVG all updated up... that took 2 hours and rooted out a further 600 bugs!
Because AVG at the time did not include anti-spyware, I ran AdAware by Lavasoft - it found about 100 pieces of spyware the others missed.
Subsequent scans with a number of other scanners found nothing more.

Wow! PCDoctor left more than 2000 bugs! McAffee left 600! that is alot to miss... and it speaks something that AVG caught all that was left all the viruses that were left. It also is good to note that AdAware likewise found more junk the others had missed...
Looks like free is the best way to go!

My specs at the time were:
Win98SE
1x 7GB HD
1.5 GB RAM
533 MHz CPU
all the other chips integrated.

thus, the speed figures should also be noted... even with all that crap and a slow processor, it should not take 5 hours to scan a thoroughly defragged 7GB HD!

....You've got a lot of choices from this great discussion. Just make sure you use as much protection as you can get.

- I will say that currently McAfee combines all of the features of all of the programs described above into one package....AND tests of any kind done three years ago have no validity today...particularly when done with the limited edition 'free' McAfee provided by some ISPs, which are not full-versions of the suite.

- I will also say that any program run on a massively infected computer will need to have multiple scanning runs done to get everything....no matter what program you use.

Be safe out there. And remember that the most dangerous information is not that which we do not have, but that which we 'think' we have. :wavey:

I will also say that limited edition free versions of McAfee also used about 256 Mbs of my RAM and slowed my computer to a crawl by hogging CPU time - and that last result is with my current system as can be found in my sig! AVG runs rather leaner, such that I can allow it to run a scan even as I run FS without loss of FPS. And, once again, AVG consistently finds junk McAfee missed - this with a firewall and a new computer that have never been heavily infected before...
sorry if I sound rather partisan - that is not my intent. I only want to note my experiences with the programs listed...

I will also say that limited edition free versions of McAfee also used about 256 Mbs of my RAM and slowed my computer to a crawl by hogging CPU time - and that last result is with my current system as can be found in my sig! AVG runs rather leaner, such that I can allow it to run a scan even as I run FS without loss of FPS. And, once again, AVG consistently finds junk McAfee missed - this with a firewall and a new computer that have never been heavily infected before...
sorry if I sound rather partisan - that is not my intent. I only want to note my experiences with the programs listed...

I don't understand. I'm running the full McAfee suite with all features activated on four computers. The slowest and lowest RAM of the bunch is this laptop with a 1.8G Single-Core Celeron and 512M of RAM. According to Task Mgr the total RAM being used by McAfee is 27MB(5 separate processes)...and it has not slowed this system down noticiably....which is also loaded down with the full M$ Office Pro suite and a whole lot more software than a little computer like this should be asked to handle.

I suppose it's senseless to continue the back and forth.....as everyone has his own favorite. :d

G'day All;

I seem to have stirred up a bit of a hornets nest here. Let's please get our feet back down on the ground and remember what the reason of this thread is.

My purpose here in testing these security applications is so that we may all compare, learn and hopefully become safer when using the internet.

There are no winners & losers here, just a deeper understanding of how things work, what they look for & how we all might be better protecting ourselves.

In any discussion there will be varying opinions; this is the cornerstone of freedom & democracy. But in order to learn; we must first open our minds and listen closely, (without prejudice) and then ask the correct questions in order to obtain the correct answers.

The first question I found was in regard to McAfee. (low file scan count) I have found TR's answers & explanations to be extremely interesting & enlightening. I have learned allot as I hope everyone else has too.

TR & I are personal friends. (I pay him 50 cents per month) I know he uses McAfee. I also know he has built & maintains a number of websites. Therefore: I do trust what he says.

He has also proven himself to be pretty crafty around the computer. (which is why I pay him 50 cents per month :costumes: )
I now feel we all have a better understanding of the method employed by McAfee.
WOW! we've learned something and it didn't hurt at all!! :applause:

We'll try harder for you next time Collin :a1089: :costumes:


The point I'm trying to make is that we need to listen to what each person says. Accept or reject whatever you please & draw your own conclusions.
Everyone has their own personal preferences; but let's not degrade this discussion with the: "my Chevy is better than your Ford" attitude.

Every piece of equipment or software has it's virtues & pitfalls. Understanding the differences will allow everyone to make an informed decision of which one they want to use.

-----------------------------------------------
More Data: In regard to RAM usage.

Thanks Guys!!! I hadn't thought of comparing spec. :banghead: DUH.. :isadizzy:

EMatheson mentioned 256MB of RAM used by McAfee Free.
This does seem I bit high. Are you sure this figure is correct Sir?
Was this the basic amount of RAM used or the amount used during a scan?

I had tested: McAfee VirusScan 10 which is the "full-on" free trial version with all the "bells & whistles"; but I never checked the RAM usage.
(Please don't think poorly of me. I'm Kanadian & of Irish decent .... my brain-damage is therefore hereditary :d)

BUT... I can supply the RAM usage spec's for the 2 current apps: :applause:

AVG Free 8.0 = 61.9MB (4 processes)
- AVG Free uses the WinXP SP2 firewall unless to get the "payware version"

PC Tools Anti Virus Free Edition 5 = 5.6MB (2 pro's)
PC Tools Firewall 4 = 16.9MB (2 pro's)
Total = 22.5MB
- this kinda looks like the saying: "A strong offense is the best defense" don't it???

TR: Does the 27MB used by McAfee include the firewall?

------------------------------------------------------
Email Scanner

All of the apps tested have email scanners. Unfortunately they were not tested as I no longer use the test rig ("UNIVAC") as my main box.

But in 4 years; the AVG Free email scanner has only missed one bug. (that I know of)

I use Outlook Express for email. Many people say: "Oh that's dangerous!!"
No it's not. Actualy using an "in-house" email proggy affords two levels of protection.

#1 My email carrier scans all emails (at the box) before forwarding them to Outlook Express.
#2 AVG scans all received emails (scans out-going too)

Had an buggy email in June 07. Slipped past "Trend Micro" (owned & used by M$ Hotmail) and was missed by AVG too.

I noticed it had a ".dat" file attached (which made it suspicious) so I forwarded it to my other email boxes to see if anything would be detected.
(each email carrier seems to use a different A/V)

Of the 4 boxes; only Yahoo tagged it as viral. Yahoo scans with Norton.

It turned out to be a brand new bug, only Norton had discovered it at that time.

So you see my friends; nothing in this world is 100% except for death & taxes!!!

:costumes: :costumes:

-----------------------------------------------
Two Slick Apps:

The first is something to measure your RAM usage.
It's called: FreeRAM XP Pro - see screenie below
Sits in the tray & shows the amount of free RAM on your machine.
It can be configured to display a number (percent of free RAM) plus a bar graph.
- it will also "auto-defrag" the RAM if the free space falls below a predetermined level.
I've used it for the past 3 weeks & found it very easy to read.
- uses about 1.66MB of RAM

Find it here:
homepage info: http://www.yourwaresolutions.com/software.html#framxpro

download: http://www.download.com/FreeRAM-XP-Pro/3000-2086_4-10070530.html?part=dl-FreeRAMXP&subj=dl&tag=button&cdlPid=10516960

******

The other is called: SHAPlus Bandwidth Meter
This app displays your bandwidth for: now, today & total for the calender month (auto resets on the 1st)
- uses about 4.16MB of RAM

Homepage & download: http://www.shaplus.com/bandwidth-meter/


I hope many of you will find these useful.
.
.
.

We'll try harder for you next time Collin

Promises, promises, but don't worry, Tango Doenitz still luvs ya and will be sending you some lupins. :costumes::costumes:

regards Collin:ernae:

.... and blatant act of highwaymanship, Collin has extracted 54 of my precious lupins as ransom for my safe passage on the low road. And in a shocking gesture of charity has decreed that they be sent to Dirt. The lupins are presently tied-up in Canadian Customs....and I hope none of the inspectors are lupin fans. All surviving lupins should be immediately installed in the main directory of your C drive, as no malware can survive exposure to the omnipotent lupin. (Each lupin requires only 8KB of space and uses only 16KB of RAM, but kills all the badies. It's FM, simply F***ing Magic.) :173go1::costumes::costumes::costumes:

.... and blatant act of highwaymanship, Collin has extracted 54 of my precious lupins as ransom for my safe passage on the low road. And in a shocking gesture of charity has decreed that they be sent to Dirt. The lupins are presently tied-up in Canadian Customs....and I hope none of the inspectors are lupin fans. All surviving lupins should be immediately installed in the main directory of your C drive, as no malware can survive exposure to the omnipotent lupin. (Each lupin requires only 8KB of space and uses only 16KB of RAM, but kills all the badies. It's FM, simply F***ing Magic.) :173go1::costumes::costumes::costumes:

URGENT MESSAGE:

I have just been informed by Canada Post that the entire shipment of lupins has been smoked by those darn Canadian Customs Inspectors!!!

oh the colours....the colours....

:isadizzy: :isadizzy: :isadizzy:
.
.