2012 won't get here for several months, but plenty of 2012 antivirus tools have already arrived. Which is best?
New model-year security products used to come out in the fall, like new model-year cars. This year the first 2012 antivirus (G Data AntiVirus 2012 ($29.95 direct, 3.5 stars)) turned up way back in May. So far PCMag has reviewed nine antivirus tools explicitly identified as 2012 models, along with several others released during the same period. Which of these recent releases is the best?
Testing the Tools
To evaluate antivirus utilities I rely on hands-on, real-world testing. The malware removal test involves installing each product on a dozen malware-infested virtual machines and challenging it to clean them up. For the malware blocking test I attempt to install the same collection of threats on a clean system protected by the product being tested. These two articles explain how I get from those tests to the figures in the chart that follows: How We Test Malware Removal, How We Test Malware Blocking.
To evaluate antivirus utilities I rely on hands-on, real-world testing. The malware removal test involves installing each product on a dozen malware-infested virtual machines and challenging it to clean them up. For the malware blocking test I attempt to install the same collection of threats on a clean system protected by the product being tested. These two articles explain how I get from those tests to the figures in the chart that follows: How We Test Malware Removal, How We Test Malware Blocking.
I also refer to reports from major independent antivirus testing labs. The labs have vastly more resources than I do, so they can perform large-scale tests that would take me too long. The chart below specifically lists results for the companies whose 2012 products are rounded up here. For full details on how I interpret these lab results see How We Interpret Antivirus Lab Tests.
Webroot isn't included in this chart because the current Webroot antivirus is a completely different product from what the labs have been testing.
Cleanup-Only Tools
Three of these recent products are specifically designed to clean up malware infestations, with no real-time protection component. Malwarebytes' Anti-Malware Free 1.51 (Free, 4 stars) was the most effective of these. Its detection rate wasn't high, but effective removal gave it 6.4 points overall. At the time that was the highest score for 2012 products.
Three of these recent products are specifically designed to clean up malware infestations, with no real-time protection component. Malwarebytes' Anti-Malware Free 1.51 (Free, 4 stars) was the most effective of these. Its detection rate wasn't high, but effective removal gave it 6.4 points overall. At the time that was the highest score for 2012 products.
The commercial Malwarebytes' Anti-Malware PRO 1.51 ($24.95 direct, 3 stars) does add real-time protection, but it was the least effective of the entire group.
Norman Malware Cleaner 2.1 (Free, 3.5 stars) wasn't as effective as Malwarebytes. Its rootkit removal score is especially low because most of the rootkits it detected were still running after its alleged removal.
While not free like the other two, avast! Rescue Disc ($10/once direct, 3.5 stars) is inexpensive. Rootkits and other malware types that subvert Windows itself should yield to this bootable tool. However, in testing one rootkit remained running even after alleged removal.
Free Tools
As noted, Malwarebytes and Norman are free antivirus utilities that focus on cleaning up existing threats. A couple other free entries handle both cleanup and real-time protection.
Panda Cloud Anti-Virus 1.5 Free Edition (Free, 3.5 stars) doesn't have 2012 in the name, but it's contemporary with the 2012 products. It had the highest detection rate in my malware removal test, but incomplete cleanup brought its removal score down.
AVG Anti-Virus Free 2012 (Free, 4 stars) turned in a star performance for malware cleanup, taking the highest or second highest score in every category. It also scored well in malware blocking, and the independent labs give it good marks. AVG is our current Editors' Choice for free antivirus.
Mixed Ratings
Some of the 2012 products were a bit unbalanced. Outpost Antivirus Pro 7.5 ($29.95 direct for three licenses, 3 stars) did well in malware blocking tests but quite poorly in malware removal. Panda Antivirus Pro 2012 ($49.99/year direct for three licenses, 3 stars) was the opposite, scoring noticeably better at malware cleanup. G Data AntiVirus 2012 ($29.95 direct, 3.5 stars) had the highest detection rate in the malware blocking test and the second highest overall blocking score, but in the removal test its performance was just average. ESET NOD32 Antivirus 5 ($39.99 direct, 3 stars) did a decent job of malware cleanup but wasn't nearly as effective at blocking new malware attacks, especially rootkits.
Some of the 2012 products were a bit unbalanced. Outpost Antivirus Pro 7.5 ($29.95 direct for three licenses, 3 stars) did well in malware blocking tests but quite poorly in malware removal. Panda Antivirus Pro 2012 ($49.99/year direct for three licenses, 3 stars) was the opposite, scoring noticeably better at malware cleanup. G Data AntiVirus 2012 ($29.95 direct, 3.5 stars) had the highest detection rate in the malware blocking test and the second highest overall blocking score, but in the removal test its performance was just average. ESET NOD32 Antivirus 5 ($39.99 direct, 3 stars) did a decent job of malware cleanup but wasn't nearly as effective at blocking new malware attacks, especially rootkits.
TrustPort Antivirus 2012 ($39.95 direct, 3.5 stars) achieved good scores in both sets of tests. However, it crashed several test systems, and its behavior-based detection doesn't distinguish good programs from bad. Trend Micro Titanium Antivirus+ 2012 ($39.95 direct, 2.5 stars) detected most threats in the malware blocking test, but didn't thoroughly block the threats it detected. Kaspersky Anti-Virus 2012 ($59.95 direct for three licenses, 3.5 stars) gets rave reviews from the independent labs. However, it scored poorly in our own tests and needed help from tech support to clean up one threat.
More Than Antivirus
ZoneAlarm Antivirus + Firewall 2012 ($59.95 direct for three licenses, 3 stars) has added an advanced disinfection component that did a good job cleaning up detected malware, but its detection rate was low. It does include significant bonuses, adding firewall, phishing protection, credit monitoring, and backup.
ZoneAlarm Antivirus + Firewall 2012 ($59.95 direct for three licenses, 3 stars) has added an advanced disinfection component that did a good job cleaning up detected malware, but its detection rate was low. It does include significant bonuses, adding firewall, phishing protection, credit monitoring, and backup.
Bitdefender Antivirus Plus 2012 ($39.95 direct for three licenses, 4 stars) achieved good scores in PCMag's testing. It includes identity theft monitoring, private data protection, Facebook protection, and a powerful antiphishing component. The independent labs rate it very highly, and its new AutoPilot mode means it won't get in your face.
That brings us to Norton AntiVirus 2012 ($39.99 direct, 4.5 stars), an Editors' Choice for standalone antivirus protection. The labs give it good ratings and it scored very well in our own tests. It includes exploit protection that's better than what you get in suites from other vendors.
The totally new Webroot SecureAnywhere Antivirus ($39.95 direct, 4.5 stars) is also an Editor's Choice. It turned in a perfect score for malware blocking and came in second only to Norton for malware removal. Because its "brains" are in the cloud the local client is unbelievably tiny.
Not Yet Updated
This article focuses specifically on the 2012 products, whether or not they have 2012 in the name. The products that haven't yet been updated for 2012 were also tested with my previous collection of malware samples, so their test results aren't directly comparable. The chart below shows how thirteen significant products scored in my previous round of testing.
I expect to see the 2012 editions for these products over the next few weeks and months. In truth, McAfee's 2012 product line has been launched, along with the new McAfee All Access subscription, but a few features aren't online yet. I'll review McAfee when they tell me it's ready, and I'll update this roundup from time to time as more 2012 products emerge.
No comments:
Post a Comment