|
The comparison
was conducted in October
2004 (26 September- 1 October
2004) on a sample of over 9000
infected files. Files were infected
with old and new virus, mildly
harmful and very harmful, in
addition to worms, trojans and
similar. These files were unpacked
in a dedicated folder where they got
analysed by the different antivirus
systems.
Each antivirus
was set to operate to the top of its
heuristic and scan
potential. It is
important to note that in the
results enclosed below, the
slowing down of the
OS has not been taken into
consideration. The only factor that
has been considered is the
individual ability of each virus to
detect and remove virus, worms,
trojans and so forth.
Table 1: Results
in descending order of ability
|
Ranking |
Name |
licence |
Percentage virus detected
|
Percentage virus removed |
Scan speed of
9000 infected files |
|
1 |
McAfee
Viruscan Enterprise 8 |
shareware |
93,29 |
91,10 |
2' 34" |
|
2 |
Kaspersky Anti-Virus Personal |
shareware |
93,13 |
- |
3' 50" |
|
3 |
Extendia AVK Pro11 |
shareware |
93,09 |
- |
2' 15" |
|
4 |
Antivir PE |
freeware |
92,96 |
90,63 |
1' 41" |
|
5 |
F-Secure 2004 |
shareware |
92,87 |
90,95 |
3' 20" |
|
6 |
Bitdefender free
7 |
freeware |
92,55 |
92,05 |
1' 23" |
|
7 |
Trend Micro PcCillin 2004 |
shareware |
92,51 |
- |
4' 54" (virus cleaning included) |
|
8 |
Panda Antivirus Platinum |
shareware |
92,36 |
- |
39'30" (virus cleaning included) |
|
9 |
McAfee Viruscan Pro 9 |
shareware |
92,05 |
- |
5'05" |
|
10 |
Norton Antivirus 2005 |
shareware |
91,02 |
90,98 |
2' 45" |
|
11 |
Symantec Antivirus Corporate 9 |
commercial |
91,01 |
91,00 |
98'50" (virus cleaning included) |
|
12 |
Ez Trust Antivirus |
shareware |
90,73 |
90,70 |
3'14" |
|
13 |
ClamWin |
open source |
90,11 |
- |
4'40" |
|
14 |
Avast! Home free |
freeware |
90,05 |
88,02 |
8' 55" |
|
15 |
F-Prot
3.15 |
shareware |
89,72 |
85,12 |
5' 00" |
|
16 |
NOD32 |
shareware |
87,1 |
- |
0' 58" |
|
17 |
AVG Pro 7 |
shareware |
85,5 |
- |
5'58" |
NOTE:
·
Percentage virus detected = ability
to find a virus.
·
Percentage virus removed = ability
of completing removing the virus
detected from the system, so that
when you restart your computer, the
virus will no longer be there.
·
If
the two percentages (i.e. detecting
AND removing) are the same, then the
hyphen sign (-) appears in the
“percentage virus removed” column.
As you can see,
no antivirus software has reached 100%
performance of detecting AND
removing virus, worms, trojans etc.
from the system.
The best
performing anti-virus software was
McAfee Viruscan Enterprise 8.0 and closely afterwards came
Kaspersky. The latter was more
successful at detecting and removing
the most recent types of virus,
whilst McAfee Viruscan Enterprise 8.0
was unbeatable with more dated types
of virus.
I was impressed
and rather surprised at first with
the good performance of Extendia
AVK. But then I understood why.
It uses the same
scan engine as
Kaspersky plus an internal engine.
The performance
of some free antivirus was also
quite good, including Antivir PE.
However, I was
really not impressed by the
performance of several commercial
anti-virus.
Please remember
that the performance of the software
tested only relates to past and
present virus, and that there is
no guarantee that they will be
just as good with future types of
virus.
Besides the virus
software enclosed in the main table
I have tested several others but
they are less well known, more
difficult to find and their
performance was also rather poor
(e.g. Sophos 3.84: 89,11, Norman
Virus Control: 88,1, MKS: 87,8). |
