We looked at eleven antivirus packages from around the world. G-Data Antivirus 2010 wins for its outstanding malware detection; Norton Antivirus 2010 comes in a close second thanks to its polished interface.G-Data Antivirus 2010
Most security programs use a single antivirus engine, but the German-made G Data ($25 for a one-year, single-PC license, as of 11/20/09) uses two separate engines: BitDefender and Avast. That double coverage may have helped it rack up an impressive 99.95 percent block rate for traditional, signature-based detection of known malware, a rate better than that of any other app we tested. It was likewise strong at blocking annoying adware, running up a 99.8 percent score, and these strengths helped it earn top billing.
G Data's dominance continued on heuristic tests that use two-week-old signature databases and newer malware to simulate how well a program can detect threats that don't yet have a signature. In this test, G Data blocked 71.9 percent of the samples used by AV-Test.org--again, the best mark we saw. And in behavioral detection tests--which checks how well antivirus software recognizes malware based solely on what it attempts to do--G Data again led the pack by blocking 12 out of 15 test samples.
Despite this stellar performance, G Data AntiVirus isn't perfect. It put up a few false alerts in the behavioral tests and prevented three benign apps from adding Registry entries that would allow them to automatically start with your PC. And it didn't fare well at removing active rootkits, a type of stealth malware. It identified and blocked all ten test rootkits before they could install, but in the case of already-active rootkits, G Data removed only seven--fewer than any other program tested.
In on-access scan speed (how quickly the app can automatically check files when you save or copy them, for instance), G Data finished in sixth place with a 10.15MB-per-second throughput.
G Data's user interface is clean and well organized, and makes it easy to get to most things from the opening page. Unlike many of the apps we tested, however, it requires you to select an action in a warning pop-up if it finds something suspicious on your hard drive. You can change that default action--to quarantine, for example--but this takes a little digging around in the settings.
If the program finds what it deems to be threatening code during a manual or scheduled scan, you'll have to double-click every item that it flagged and decide what to do with each discovery. But the scan results window doesn't present this option intuitively.
Less technical users who are willing to forgo the best malware detection in favor of a more set-it-and-forget security solution might prefer our second-place finisher, Norton Antivirus. For anyone willing to put in a little extra effort, however, G Data is a clear choice.
DOWNLOAD G-Data Antivirus 2010Symantec Norton AntiVirus 2010: A Polished InterfaceSymantec's Norton AntiVirus ($40 for a one-year, single-PC license) offers some terrific extra features and a polished user interface. But subpar performance in one detection category prevented it from capturing the top spot in our chart of stand-alone antivirus programs.
In traditional detection tests using known Trojan horses, spyware, worms, and other baddies, Norton successfully detected 99.5 percent of samples from AV-Test.org. That's a good showing, but other apps did even better, leaving Symantec's entry in a middle-tier sixth place in this category.
Norton dropped toward the bottom in heuristic tests designed to simulate a security program's ability to ward off new and unknown malware. It blocked only 42 percent of two-week-old signature files and newer malware, the second-worst showing in the bunch. But it did much better in behavioral analysis (which identifies malware based solely on how it acts), identifying and blocking 9 out of 15 samples, for third place. And it correctly removed the same number of files based on its behavioral analysis--better than any other app.
Norton's throughput of 9.26MB per second for automatic scans of files as they're opened or saved put it squarely in the middle of the pack. But it did a superb job of dealing with rootkits, blocking and removing all ten samples of this type of stealth malware.
While Norton's protection ability is decent (albeit not the best), it is head and shoulders above the rest in features and user interface. For example, the Insight feature lets you see Symantec's assigned reputation for a running program, or for a downloaded or saved file. These reputations are based on such factors as whether the file is digitally signed and how many other Norton users have it. The program uses that information to decide how thoroughly to scan any given download; you can use it to help you decide how much you want to trust a program.
Also impressive is a tool that offers a wealth of information about your PC's performance and history of changes, including when you installed programs, saved new downloads, or ran scans. One easy-to-read graph lists all the events that happened on a given day, while another shows how much of your CPU and memory was in use over time.
These and other features are easy to find in a smooth and polished user interface that includes plenty of quickly available descriptions. Settings are easy to reach, but techies might bemoan the lack of any option to have Norton ask you what to do when it finds a threat. The default action of removing or quarantining a discovered baddie is appropriate, but power users who want maximum control will be out of luck.
More technical users who are willing to deal with a less polished program in exchange for the best protection should take a look at G Data, the number one antivirus app in our roundup. For those more concerned with a smooth program that is less likely to require your attention, the number-two Norton is a good choice.
DOWNLOAD Symantec Norton AntiVirus 2010
Kaspersky Lab Anti-Virus 2010
Kaspersky's third-place ranking in our roundup of stand-alone antivirus programs reflects its ability both to impress and to disappoint. It pairs competent proactive protection with below-average signature detection, and a strong feature set with an at-times annoying user experience.
In traditional detection tests performed by AV-Test.org, this Russian-made program ($60 for a one-year, three-PC license) detected 97.27 percent of known malware samples--lackluster when compared with the performance of some competing apps we tested, which caught 99 percent or more of the threats. It fared better in heuristics tests that gauge how well a program protects against new malware with no known signature. At a time when the bad guys crank out astounding numbers of malware variants to evade traditional signature scanners, such proactive protection is more important than ever. Here Kaspersky came in third with a 66.83 percent block rate.
Like Norton, Kaspersky did very well in rootkit detection: It managed to detect, block, and remove all ten stealth malware samples that we threw at it. It also detected and disabled all ten test infections, and proved more successful than most apps at getting rid of less harmful elements, such as Registry changes. Only Norton Antivirus and F-Secure Anti-virus were able to clear out more of the less-important junk.
In speed tests for automatic scans that typically occur when you open or copy a file, Kaspersky achieved a 12.15MBps throughput. Only the application from Avira--which didn't make our chart--was more nimble in that regard.
In features, Kaspersky has much to offer, with extras such as recommendations for system hardening, a virtual keyboard, and a scanner for out-of-date software. However, Kaspersky lacks descriptions for some of its recommendations, so you might be left wondering why you should take a recommended action such as disabling Autorun. And while updating old software is one of the best things you can do to keep your computer safe, you have to jump through many hoops to act on what Kaspersky finds.
The app's malware warning messages tend to be more confusing than informative. In our tests it displayed multiple different warning pop-ups for successive tests involving the same sample. And for either manual or scheduled scans, you'll know what it finds only if you happen to sit around and catch the pop-ups that appear during the scan. There's no scan summary window listing discovered files.
Kaspersky's antivirus app would likely get the job done when it comes to protecting a PC, but it's not the best bet for either detection or ease of use.
DOWNLOAD Kaspersky Lab Anti-Virus 2010/506DOWNLOAD Kaspersky Lab Anti-Virus 2010/736BitDefender Antivirus 2010
BitDefender Antivirus ($30 for a one-year, three-PC license) holds its own at dealing with malware, but its interface isn't especially user-friendly. Overall the program earned fourth place in our roundup of stand-alone antivirus programs.
This Romanian-made software did well in traditional detection tests that put it up against a collection of known malware kept by AV-Test.org. BitDefender detected 99.66 percent of all samples in a huge cache of spyware, Trojan horses, worms, and the like. But several other apps did even better, so that showing was good enough only for fifth place.
BitDefender did much the same in heuristic tests that simulate detection of newer malware by using two-week old databases.Its 65.34 percent block rate in these tests was respectable, but again yielded a fifth-place finish. The app did better in other proactive protection tests that measure a program's ability to block a baddie based solely on how it acts on a PC, blocking two-thirds of the brand-new test samples, earning it a tie for second place.
Presented with the task of disinfecting files, BitDefender disabled nine out of ten malware infections. By comparison, all but three programs in this roundup managed to remove every malware component we threw at them. And it languished in last place (along with G Data) when it cleaned up only seven out of ten active rootkits. It did clean up a greater percentage of the less-important files and system changes than most of the other security apps.
Despite some good features, BitDefender's interface isn't executed particularly well. For example, any security guru will tell you that keeping Windows up-to-date is essential for good security, and BitDefender can scan for missing updates. Unfortunately, it will display a critical warning if you happen to lack an optional package on its list--such as the Microsoft Base Smart Card Cryptographic Service Provider Package--even though it isn't really necessary to protect your PC.
DOWNLOAD BitdEfEndER Antivirus 2010Panda Antivirus Pro 2010
Panda Antivirus Pro 2010 ($50 for a one-year, three-PC license) ranks fifth in our current roundup of 11 stand-alone antivirus apps. It was buoyed by positives such as strong traditional malware detection, but dragged down by negatives like poor behavioral scans.
In scans performed by AV-Test.org, Panda did well in traditional signature-based detection of known malware. Its 99.8 percent block rate placed it third in that category, behind only the G-Data and McAfee apps. However, it didn't fare as well in tests that gauge how well a program can identify and block new malware that doesn't yet have a signature. In heuristic tests that use 2-week-old signature files, Panda identified 53.7 percent of newer malware samples, which earning it eighth place in that category.
The program's ability to immediately check unknown files against Panda's online servers can help mitigate that relatively unimpressive showing, since this cloud computing approach can use the latest signatures as soon as they're available. But the app also fared poorly in behavioral analysis tests that measure how well a security program can identify malware based on how it acts. In those tests it successfully blocked only two out of 15 brand-new samples, which put it in last place among those programs that include the feature (not all do).
This app did well at getting rid of existing infections, and successfully disabled all 10 test infections. It also did a good job with a third-place tie when it came to cleaning up less-important files and system changes made by malware, which are often left behind by antivirus apps. However, it left one active rootkit in place; many of the programs we tested were able to remove all these samples of stealth malware.
Panda does sport a solid array of features. The company doesn't offer any program without a firewall, so you'll get one with Antivirus Pro (although we didn't test it as part of this standalone AV roundup). It also scans Web, e-mail and IM traffic for threats, and can check for missing Windows patches (malware authors often target existing security holes that users may have left unpatched). And its program interface is easy to get around, with different tabs for status, scans, reports, and the like.
However, checking or changing the program's settings can be a pain. A preferences link at the top of its window only shows a subset of the available options, with others split between separate settings links on the status and scan tabs. And while some of the settings and other program areas offer links to the relevant help sections, not all do. Without such links you're stuck manually searching for what you need.
Panda's middle-of-the-road rank befits its middling status. It does a fair job, but it's outperformed by other apps.
DOWNLOAD PANDA Antivirus Pro 2010