Slashdot Mirror

← Back to Stories (view on slashdot.org)

Test of 16 Anti-Virus Products Says None Rates "Very Good"

Posted by timothy on from the keeps-the-av-people-in-business-though dept.

An anonymous reader writes "AV-Comparative recently released the results of a malware removal test in which they evaluated 16 anti-virus software solutions. The test focused only on the malware removal/cleaning capabilities, therefore all the samples used were ones that the tested anti-virus products were able to detect. The main question was if the products were able to successfully remove malware from an already infected/compromised system. None of the products performed at a level of 'very good' in malware removal or removal of leftovers, based on those 10 samples."

19 of 344 comments (clear)

  1. Security... by xanadu113 · · Score: 5, Insightful

    Security is a process, not a product.

    --
    -Myke
    1. Re:Security... by davester666 · · Score: 5, Insightful

      It's like a piece of wood, a tape measure and a saw. If the person doesn't use the tape measure properly, and saws the wood too short, there isn't any magic that can fix the problem. Even buying a new piece of wood and a new fancy tape measure will still have the same problem if the user can't be bothered to learn how it works.

      And a computer is only slightly more complicated than a tape measure...

      --
      Sleep your way to a whiter smile...date a dentist!
    2. Re:Security... by Kratisto · · Score: 5, Insightful

      No, see, it's like a computer and a user and antivirus software. The user expects the antivirus software to either protect him from getting a virus to begin with, or to remove it swiftly if it fails. Unfortunately, the antivirus software isn't very good in the latter situation, and because the user is an idiot, no antivirus software can help him in the first situation.

      --
      Conscience is the inner voice which warns us that someone may be looking.
    3. Re:Security... by Leekle2ManE · · Score: 4, Insightful

      I've been reading slashdot for a while and I've avoided commenting because... I'm not a nerd. I'm a geek. Which my friend always find annoying because 'back in his day' nerd and geek were the same thing.

      I've been into computers for over 10 years now and while I know far more than the average user, I don't know enough to hold a flame to many nerdier folk.

      However. I've dealt with enough real life cases in computer security/maint to know that the average user doesn't care about a process. They don't want to hear about it being a process. They view the computer as a glorified telephone/television combo. They just want to be able to power up, do what they want and log out. The average user these days isn't going to spend time to learn about how to properly protect themselves online because they have other things to do.

      To expand on a car analogy someone else used...
      Likening computer security to a car would mean comparing it to car security. While some people might take their cars to a car audio shop to get a security system installed, most will just buy their car from the dealer and just want to push the button and have their car secured. Even if they won't always push the button. Unless they're in an 'unsafe' neighborhood.

      What the average user doesn't understand is that every time the get online they're in an unsafe neighborhood. They don't know it and they're not going to do the research to find out. They're not reading /. They don't see comments about Security being a process and not a product. They just want to start up the computer and feel safe that their security system is working. They're not going to search online to find the best anti-virus product(s) available. They're not going to look for reviews of 16 anti-virus programs reviewed. They quite simply don't care and don't feel that they should have to care.

      What good is firewall software if the user has no clue whether to allow a process access to the internet or not, but since it just popped up while they were installing something new, they allow it anyways? The firewall/software does nothing for them.

      And before someone brings up the Linux solution. I love Linux. I use it. It is NOT user friendly though. With all the different flavors around, the *cough* average user would just rub their temples in frustration and stick with Macrohard products. And if they did pick a Linux distro, they would have to pray that all the components in their computer are compatible. I've installed linux on multiple systems (which previously ran some variation of winblows) and every system has had at least one piece of hardware that didn't have a driver available.

      So, to make a long story short (TOO LATE) computer security for the average person will never happen. The only way to make computers secure for the average user to make the internet secure. The only way to make the internet secure is to allow your local ISP to start white-listing/black-listing sites, thus dictating where you can and can not go. And that's never going to happen. Or at least, we hope it doesn't.

    4. Re:Security... by interkin3tic · · Score: 4, Funny

      It's like a piece of wood, a tape measure and a saw. If the person doesn't use the tape measure properly, and saws the wood too short, there isn't any magic that can fix the problem.

      Ah muggles... you never cease to amuse me!

    5. Re:Security... by interkin3tic · · Score: 4, Funny

      My mom used to say 'Want in one hand and shit in the other and see which one fills up faster.'

      Well? What were the results? How many times did you repeat the experiment?

    6. Re:Security... by TheLink · · Score: 4, Interesting

      Most popular operating systems can be analogous to a house with locks and a separate room for "maintenance personnel only" that's locked, and your personal room with a door and lock too (there may be similar rooms of other people with corresponding doors and locks).

      The trouble is when you invite a guest into your house, there is no guest room that _you_ can easily use, so you have to invite him into your personal room. The design of the house is such that you cannot usefully interact with the guest while the guest is in a different room from you.

      This means he has full access to your personal room. The geeks who don't understand the real world will say "Ah, but OS XYZ is secure because the "maintenance personnel only" room is locked and unaccessible". But who the fuck cares? You keep most of your stuff and valuables in your personal room! Insurance can take care of recreating the maintenance room stuff - not hard since the stuff in there is the same for every house of that model. They'll never be able recreate your personal documents.

      This is changing a bit with Vista and Windows 7, but it's still not good enough IMO. As for Linux, I don't see much help with what I'm talking about for the average desktop user yet. Apparmor is not "desktop ready" yet, and SELinux is barely even ready for average admins.

      This test of AV products is like inviting a crook/spy into your whole house, closing your eyes and letting him mess it up (plant bugs if he wants etc), and then get someone to try to clean everything up and restore stuff back to what it was.

      Yes it can be done in many cases. But it's foolish to expect the clean up to be 100% in all cases.

      If you really want to do that, you use a special house. Then you invite the crook into that special house. Then when he's done, you press a button and the house reverts back to its original state.

      --
  2. Browsing safely by Utopia+Tree · · Score: 5, Insightful

    I don't think anyone sells common sense.

    1. Re:Browsing safely by Tumbleweed · · Score: 5, Insightful

      I don't think anyone sells common sense.

      It wouldn't matter if they did; no one would buy it as everyone thinks they already have it.

  3. WRONG SITE! by Anonymous Coward · · Score: 5, Informative

    They said AV-Comparative.org in the article. Try going there and see what happens. The correct site is av-comparatives.org.

  4. They tested Anti-virus software for malware by Jazz-Masta · · Score: 5, Insightful

    How about testing some malware removal programs? Malwarebytes, Adaware, Spybot?

    I find Malwarebyte's Anti-malware to work wonders. Paired with Avast home edition, it is a good free combination. I think most system administrators notice the difference between software primarily tailored for virus detection and removal, and ones tailored for malware detection and removal.

    They tested these:

    Avast Professional Edition 4.8
    AVG Anti-Virus 8.5
    AVIRA AntiVir Premium 9.0
    BitDefender Anti-Virus 2010
    eScan Anti-Virus 10.0
    ESET NOD32 Antivirus 4.0
    F-Secure AntiVirus 2010
    G DATA AntiVirus 2010
    Kaspersky Anti-Virus 2010
    Kingsoft AntiVirus 9
    McAfee VirusScan Plus 2009
    Microsoft Security Essentials 1.0
    Norman Antivirus & Anti-Spyware 7.10
    Sophos Anti-Virus 7.6
    Symantec Norton Anti-Virus 2010
    Trustport Antivirus 2009

  5. Stop with the recommendations by HermMunster · · Score: 4, Insightful

    Stop recommending products. The tests demonstrate that av products don't perform well. It is right on. 80% of my day is spent cleaning malware. I have written here many times about how you need a combination of products. I've also emphasized the need to do the initial cleaning with the infected drive as the secondary in a second machine.

    Until you do this day in and day out please stop with the recommendations, as you are not helping anyone one bit.

    --
    You can lead a man with reason but you can't make him think.
  6. No Joke by Das+Auge · · Score: 5, Interesting

    I've been working in the on-site support field for over a decade. I've seen the viruses get nastier and nastier.

    It used to be that the virus got a hold of the system, maybe did a little damage or had a little fun. Sometimes it was pretty funny. Such as screwing with the mouse.

    Then things started to get a little more serious. The virus would insinuate itself into the system folder and maybe IE. They stated doing tasks. Thus rose the botnets.

    Then it became big business for people. The spreading of spam and fake anti-virus (that wanted you to purchase the "full version" so that you'd get rid of the virus they said you had) was the order of the day. They started blocking access to the run box, the task manager, and sites that might be able to help you (online virus scanners). They started killing the AV programs. They also replaced the explorer.exe and iexplore.exe files. Hell, they even go after Firefox, Chorme, and Opera.

    They really get their hooks into in and don't want to let go because it means money. Big money. So I'm not surprised that AV programs are having a tough time getting rid of them. It hasn't been kiddies out for fun for a long time. Now it's all about professional programmers out to make an ill gotten buck.

    1. Re:No Joke by d3ac0n · · Score: 5, Interesting

      Ain't that the truth.

      The kicker? Most of the infections I deal with on a regular basis are coming from AD BANNERS. I have literally had people get a brand new machine, sit down at it, open IE8 and browse to one of the major sports news sites (ESPN, TSN, MLB, NFL, etc.) and get IMMEDIATELY infected by a banner ad!

      There are few things worse than giving someone a brand new machine, and before you've even been able to get back to your cube and sit down your BB is buzzing and you are being told to get back there because they have a virus! ARGH!

      Honestly, it's gotten so bad that with most of the fake AV viruses we just freaking wipe the stupid PC immediately. Format and re-image and done. It's faster and easier.

      --
      Official Heretic from the "Church of Global Warming". Proven right thanks to whistle blowers. AGW = Flat Earth Theory
    2. Re:No Joke by dangitman · · Score: 4, Insightful

      Most of the infections I deal with on a regular basis are coming from AD BANNERS. I have literally had people get a brand new machine, sit down at it, open IE8 and browse to one of the major sports news sites (ESPN, TSN, MLB, NFL, etc.) and get IMMEDIATELY infected by a banner ad!

      Hmmm... could a law suit (class-action or otherwise) be an idea here? After all, isn't it illegal to infect someone's computer with malware? How is it that these major websites are getting away with it?

      --
      ... and then they built the supercollider.
  7. The usual suspects by EmagGeek · · Score: 5, Informative

    Of course, half of the software they tested is not anti-Malware software (Avast, for example, is an AV, not an Anti-Malware).

    They also did not test MalwareBytes, probably because it would make all of the others look bad.

  8. Wipe It by Talisman · · Score: 4, Insightful

    Imaging products have become so good and fast that I no longer bother with 'scrubbing' a computer clean when it gets a virus. I can reimage the machine in less time; 15 minutes from start to finish, and I don't have to worry about viral remnants in the registry or some deeply buried hidden folder with a time bomb inside.

    I keep our company's image file up-to-date, and when something goes wrong with a computer (drive crash, corrupt registry, malware, whatever) they are back online in 15 minutes. Screw scouring the web for a utility to remove a particular virus that may or may not work, and screw relying on an all-in-one product to save you from malware.

    I have come to terms with the absolute fact that users are stupid and careless and aside from rare individual who bother to be responsible, they will always be stupid and careless, no matter how much I wish they would change.

    In a business environment, imaging is the way to go.

    (I use a Mac at home and don't have to worry about such things)

    --

    "Study your math, kids. Key to the universe." -The Archangel Gabriel
  9. Re:Sign of the times... by buchner.johannes · · Score: 4, Funny

    I can't provide citations to stuff I just made up

    --
    NB: The message above might reflect my opinion right now, but not necessarily tomorrow or next year.
  10. Re:I use Microsoft anti-virus and love it by baptiste · · Score: 4, Insightful

    BuY H3rB@l V1agaRa t0Day!!!

    I know you are going for funny with a shot at Microsoft (will that work around here I wonder? :), but you did notice that Microsoft Security Essentials was one of the best in the test? ;->

    No kidding. I am not an MS fanboi by any stretch, but when they released Security Essentials, I gave it a whirl and have now swapped out AVG for it on everything I run AND recommend it to many of my clients (who usually are complaining about how slow their computer is since they installed NORTON 360 or they have a paid AV that expired years ago) It's lightweight, easy to us, has a very easy to understand user interface that isn't so graphical (*cough* N360), and it just works. Nice to see it garner some of the higher ratings in this test.

    What amazes me is how much like Malware Norton, McAffee, and CA can be. Uninstalling them doesn't remove them completely. You HAVE to use their removal tool. I had to remove CA ISS the other day and it was painful. Had to remove it in pieces AND run a fix on the registry permissions which had been completely locked down to the point that 'Administrator' couldn't add/remove programs. So yeah - any time systems come into my shop, I recommend they drop whatever paid AV they're using and run MSE. No nag screens like AVG and it doesn't talk to you like Avast :) My only fear is that in a year they'll let it stagnate OR try to bloat it like the others. But if they keep it simple and go for the majority of infection vectors, hats off to them. Still won't make me use IE, but it's nice to see something like this come out of Redmond, even if they bought part of it.

    --
    Top Most Bizarre/Disturbing Error Messages