Viruses: Antivirus features

Product	Heuristic	Script blocking	Archive	Rookits	Sandbox
BitDefender
eTrust EZ Antivirus
fPROT
Kaspersky
McAfee VirusScan
Norman Virus Control
Norton AntiVirus
Panda Antivirus
The Shield

Heuristic scanning

Attempts to detect virus-like behavior, like writing to executable files or altering timestamps to hide activity.

Script blocking

Stops scripts and batch files from executing without permission.

Archive scanning

This looks inside archives for viruses.

Rootkit detection

Attempts to find any software that hides. See here.

Sandbox

Lets you place, or automatically places, programs inside a box. It then carefully watches what that program does, and sees if it makes sense or is virus-like behavior.

Script blocking is not that useful in fighting standard viruses, as viruses almost never use scripts. Don't worry about it.

Heuristic scanning almost never works, because viruses are smart enough to know what it's looking for and operate just under the thresholds. But that's not to say it never works, just that it's not worth basing a purchasing decision on.

Archive scanning, like network filtering, is actually just going to protect your unarchiver. The second a virus hits the disk, it would be detected anyway.

Rootkit detection is fairly new, but quite a lot of viruses have started using rootkit-like behaviors, so it's a good idea.

Sandboxes are a new-and-improved heuristic idea. Again, it's a good idea, we'll have to wait to see how well it actually works.