Home > software > An Unorthodox Antivirus Comparative

An Unorthodox Antivirus Comparative

Background

The computer world proliferates with malware. One of the most important lines of defense is the antivirus program. A good such program can make the difference between an infected computer that cause headaches within a few days of use, or months, even years, of trouble free service.

Professional Reviews

So how do you choose such a program? There are many professional reviews around the web that help you make a choice. And then you make an informed decision.

But how many times has it happened that the antivirus you chose did not live up to expectations? If you are a security concerned desktop user, the chances are that quite a few have had such an experience.

The fact is: most professional reviews are carried out in extremely standardized environments, tested against the exact same sample set of viruses and malware, and the system refreshed to its initial state before another antivirus is tested. This ensures a perfect, objective, comparison of antivirus programs.

Reasons

This is perfectly correct as far as it goes. The problem is that most desktops do not resemble the pristine state the softwares were tested in. Different programs are installed, long usage leaves computers in bad state of maintenance, conflicting softwares may be present, and there is a wide array of personalization on the average desktop. Professional reviews focus very much on effectiveness and speed, and much less on actual usability. This includes, but is not limited to, interface, update mechanism, resource usage, configurability, and obviously, the catch rate. There is also the feel, one that cannot really be defined by objective parameters, but an overall experience.

And so I thought: why not run my own sets of tests? Like all my interests, the focus remains on desktop usage. I have shifted to Linux as my primary OS anyway, so I could afford to take a few risks with my Vista installation.

The scenario

Before anything else, let me explain my scenario. I am a university student, and my university has a LAN network over which at least 500 computers are connected at any given time. Simultaneously, there is a powerful internet connection. And finally, there is burgeoning share of USB flash disks. The clinching point is that many (or most) people on the connections do not use antivirus software. This creates an environment where viruses, Trojans and the kind brew like bacteria in a germ culture.

I also note here that though the bulk of testing was done on my own computer, quite a lot was also done on the PCs of a multitude of colleagues. I acknowledge primarily my university roommate Ahmad Rafique, on whose PC I tested quite a few things.

Methodology

My methodology was simplicity itself. I simply installed the free versions of major antivirus programs (or the trials, where free versions were unavailable), run them in a regular use environment for some time and noted the overall performance and satisfaction. I do not mention the exact versions of the programs used, but suffice to say that they were the latest available at the time of tests, and were continually updated to their latest signatures. Only real-time scanning was tested: a good antivirus should have the option for a manual scan, but should never need to be called except for removable media.

Indeed, you could call this a mass test, more than review. But a review it is, nevertheless.

The testing window ranged from April 2008 to August 2008 (approximately a few days back).

Also remember that this is all very non-standardized, but then again, that is precisely the point. All this is such that the average, in use, desktop can relate to. I cannot (or did not attempt to) recall the exact viruses and malware that rammed through, but instead, the following is a generalized account.

Norton Antivirus 2008

This was one of the first ones that I tested, the prime reason being the high recommendation it receives in so many professional reviews.

I was not impressed. To begin with, I had installation problems on some computers, even on mine. On some, it was a hang; on others, it just refused to start installing with a variety of error messages. But on those where it installed properly, it continued to annoy. It was slow (despite many recent reviews claiming increased speed), an excellent resource hog (again, contrary to what many professional reviews would have us believe) and not very effective (I ended up with infected computers in at least two instances within a meager 5 days of use). Two out of seven or eight in such a short time? Not good.

Credit where credit due, the configuration was easy and the interface neat. But I also noted that the ineffectiveness was coupled with a very bothersome update feature – the size of the signatures was probably to blame.

All in all, a very pathetic experience.

McAfee Antivirus 2008

If I had thought Norton was the worst I could get, I was clearly wrong. Even less effective than Norton (an infection about 5 minutes after installation on one computer, from some hacking website), its insistence on taking over the Windows security center was unwarranted. I believe there is a way to disable this behavior, but that would defeat the whole exercise of this review.

Moreover, it was even greater in the slow speed department, turning roaring machines to whimpering one.

It was very, very bad. And this time, unlike Norton, no one even liked the interface.

AVG Free

It is free. Unfortunately, that is about the best I could say for it. It required user intervention for the simplest of tasks, ranging from updates to virus detection. The interface was so poor; it looked as if it were made in the antiquated Visual Basic 6, or worse. It was quite low in its system footprint.

Interestingly, it managed to detect plenty of viruses, but could not prevent them from slamming home. Half the time, it pushed out ‘virus detected’ messages, but was unable to clean or block them. I did not even bother fielding it any further: an antivirus that cannot do its job does not warrant more testing.

Kaspersky Antivirus

This was the first treat. It turned out to be highly effective, and my colleagues were all quite happy with its detecting and stopping power. The only malware that got through this was via USB flash disk, and even then only on one occasion.

Its interface, though not exactly pretty, was functional. It used very few resources, and was agile too.

Only its update mechanism left a bit to be desired: the signature files were rather bulky.

Overall, I was impressed.

AVAST Free

Another free antivirus that turned out to be much more effective than the AVG antivirus. It was light, and caught more malware than I expected. It was a bit nagging, and the interface was not so good either.

But the very fact that it was so good a catcher redeems it to some extent. Only a few viruses crawled through its defenses and that too, over a considerably lengthy period.

It was reasonably well liked.

Bit Defender

This was a peculiar one. As much as they advertise their sandbox heuristics, I was expecting a brilliant show in detection. It turned out to be great, but not quite there. A few viruses from infected USBs got through, as did one or two Trojans from the LAN. But this was during a particular period when a wave of viruses was sweeping around, so this is not necessarily as bad as it seems.

In terms of speed, it was a middle ground contender. The interface was boxy, liking it was purely a matter of taste: some found the configurability options fine, but I found it slightly dicey.

The whole experience though, had that neat and tidy feel that I mentioned earlier. But facts are facts: it was not perfect.

An above average performer.

Eset NOD32 Antivirus (v3)

I was not shocked. This is billed in quite a few places to be a good one. But so had been others, so far.

Thus, it was still with some surprise, that it surpassed even my own expectations.

Extremely light on the system, this one brought me a clean sheet. Yes, absolutely zero infections. And that would have been good enough anytime, but at a time when there were variations of a particularly nasty Chinese Trojan roaming around our network, it was a supreme result.
This alone would have been impressive enough, but it turned out that NOD’s updates were tiny; they would be ready within 3 or 4 seconds of going online. Even the interface looked nice and shiny. The whole thing amazed me.

The only complaint came from one of my colleagues: the advanced configurations were too deep and technical.

It was top notch.

Trend Micro Pc-Cillin

Much as I wanted to stop testing, and keep NOD32 for good, I still had one heavy weight left.

This turned out to be a certain step down from the lofty heights NOD had reached. Maybe it was in the shadow of NOD, but it was neither as effective (4 infections in 2 weeks) nor as light. It returned installation problems on at least two PCs (an error message on one, and a simple crash on the other). I liked the aesthetics, and the update set up, but the feel was missing.

Endnote

I cannot, certainly, do a ranking, as I do not have much numbers and standardizations to do a justifiable comparison.

But surely, NOD32 (v3) was the hands down virus-killer. An honourable mention for Kaspersky, and a slouch award for McAfee would be in order.

PostScript

Please note that I am not forming your opinions for you. You must do your own research, and remember that this experience is emphasized for the desktop only.

However, if any reader, or even the vendors of the softwares mentioned here, wants more exact details, or just wishes to provide feedback, you are more than welcome.

Advertisements
  1. Ali
    4 August 2008 at 3:34 PM

    You didn’t test Avira Antivir which I am using for quite some time 😦 I am quite satisfied with its performance.

  2. 4 August 2008 at 6:42 PM

    @Ali: I am sorry for that omission. Truth is, I did try to test it, but getting people to install it on their computers in the test zone is not always an easy task. Indeed, I did not even test Microsoft One Care, F-Secure or Sophos despite having the mind to do so.
    However, I may follow this up comparative up with another one a few months later, and having noted your positive experiences, will definitely test it. Thank you for the feedback!

  3. 9 August 2008 at 1:30 AM

    Your impressions pretty much coincide with my own after researching the subject. I used to use AVG when I used Windows, then tried Kaspersky after lots of good reviews. I found it to be very good, and since NOD32 does have that reputation of being complicated, I decided to promote Kaspersky on my website:
    http://DIYComputerHelp.com

    I may have to take another look at NOD32 though for advanced users.

  4. 9 August 2008 at 10:42 AM

    @fstephens: Please do take a look at NOD32. It is certainly a good choice.
    Not that Kaspersky is bad either 🙂

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: