Report: Antivirus Software from Major Players Offer Relatively Ineffective Protection

rated by 0 users
This post has 8 Replies | 1 Follower

Top 10 Contributor
Posts 26,171
Points 1,185,690
Joined: Sep 2007
ForumsAdministrator
News Posted: Wed, Jan 2 2013 12:12 PM

The antivirus market is enormous, responsible for billions in revenue each year. That being the case, it'd be easy to believe that current offerings are quite good, but not so claims a report (PDF) by security company iMPERVA. This report states a couple of alarming facts, including one that shows that less than 5% of newly-crafted viruses are picked up by scanners right away. For most antivirus solutions, it could take upwards of 4 weeks before a virus is even added to a detection file. For software that promises to keep you safe, this is a disappointing statistic.

It's all the more disappointing when you realize that $4.5 billion is spent by consumers each year on virus protection, whereas businesses spent $2.9 billion. Combined, this money represents more than a third of all funds spent on security software each year - yet, it has some serious flaws.

On the upside, the report also states that some free antivirus applications offer the same level of protection as the commercial products. These excellent freebies include those from Avast and Emsisoft. It is however noted that each of these can also trigger a greater number of false-positives, which doesn't surprise me as I regularly see Avast doing that for people when I peruse comment threads around the Web for either software or games.

The report urges antivirus makers to focus on detecting virus behavior rather than just seek out whatever's listed in the definitions file, which seems reasonable to me. While it's highly unlikely that you're ever going to contract a computer virus within the first month of its release, it could happen, and it'd be nice to know that the ~$40 license you purchased is actually going the extra mile to protect your system.

With all this information, you may be led to believe that virus protection simply isn't needed, but iMPERVA doesn't recommend getting rid of it. Luckily, the fact that the company backs up some free solutions means you can score fairly reliable protection on the cheap.

  • | Post Points: 110
Top 200 Contributor
Posts 385
Points 3,845
Joined: Jun 2011

In my experience, the best virus protection packages are freeware; specifically, Microsoft Security Essentials is the one I recommend (and I do NOT like Microsoft in general). I think the only reason McAfee and Norton get so much money is that they have paid PC OEMs to preinstall "trial" packages (aka "crapware") on new PCs, and Joe Average doesn't know that there are less-expensive (And more effective) options.

  • | Post Points: 5
Top 500 Contributor
Posts 164
Points 1,630
Joined: Nov 2010

MSE is a great product. Certainly better (lightweight, fast, as effective as the expensive ones) than any other free solution and most of the paid-for ones. Some like norton, macafee and trend are slowly getting 'less bad' but they still impose such a heavy load on the client PC and constant unjustified popup messages that its impossible to reccomend them to anyone.

Interestingly, the corporate version of norton always seemed to be really nice, but symantec really screw things up with their end-user version.

  • | Post Points: 5
Top 50 Contributor
Posts 3,105
Points 38,225
Joined: Aug 2003
Location: Texas
acarzt replied on Wed, Jan 2 2013 4:25 PM

I like Malwarebytes. I use the freeware version and i've yet to come across a virus it could not remove.

  • | Post Points: 5
Top 500 Contributor
Posts 184
Points 1,710
Joined: Nov 2010
lipe123 replied on Wed, Jan 2 2013 4:34 PM

I scanned this report and I have to say it seems rather ambiguous and they did not really do a proper sample size of antivirus software. Products like malwarebytes, sophos isn't listed.

Using the virustotal online scanner is just a cop out because it cant do any behavior analysis since its just a file scanner!

Saying things like: "For certain antivirus vendors, it may take up to four weeks to detect a new virus" Who are these certain vendors?

What about heuristic detection? From what I understand products like bitdefender scored a 100% detection rate on recent tests for both behavior and existing threats.

What they should have done instead of publishing a vague "some AV solutions is a waste of money" is to do a reverse version of this paper and say "here is a list of the best protections out there and this is their current shortcomings"

  • | Post Points: 20
Top 150 Contributor
Posts 756
Points 7,645
Joined: Nov 2012
Location: Dallas, Tx

I personally haven't used any anti-virus software in years... hell I can't even remember the last time I used any at all.  My gaming rig only plays games 99% of the time, and my/wife's laptop is just used for youtube, facebook, and googling wikipedia.  

  Anyhow, my point being.  Since I stopped thinking I was a 10 year old hacking prodigy and visiting shady sites, I haven't had any issues.  Since I actually stopped using anti-virus software, I can only think of 1 time where I was knowingly infected.  I mainly just check what processes are running from time to time, and if i spot something out of the ordinary, i'll investigate.

  • | Post Points: 5
Top 500 Contributor
Posts 191
Points 1,750
Joined: Aug 2012
Location: Canada

It's not possible for any anti-virus to pick up the majority of newly "created" viruses. There are malware programmers who are constantly redesigning and improving on malware already found in the wild and it is EXTREMELY easy for a newbie to visit a website, download an open-sourced trogan/RAT, encrypted to make it 'FUD' (fully undetectable) through use of another tool and spread it at their own whim.

The key to system protection (after using a bit of common knowledge precaution) is preventative software such as the Online Armor or Comodo firewalls which actively monitor processes attempting to run.

"You can't just ask customers what they want and then try to give that to them. By the time you get it built, they'll want something new."

  • | Post Points: 5
Top 200 Contributor
Posts 358
Points 2,565
Joined: Sep 2011

Multi layered approach is best. Nothing is absolute full proof, paid for or free. I like my Avast along with Malwarebytes and Spybot and Zonealarm. :-)

  • | Post Points: 5
Top 10 Contributor
Posts 4,830
Points 45,790
Joined: Feb 2008
Location: Kennesaw
rapid1 replied on Sat, Jan 5 2013 11:28 PM

I personally have started using Panda Cloud, it is very quiet as well as always there, it runs from the cloud over there servers to an internal small unit and seems to work very well. Of course I also have several external virus attack tools on my USB key if I ever get locked out event though I have generally always been able to get around that for me or customers. I like the idea of the solution being constantly updated externally and so far being unobtrusive and functional from all I have seen, even there PRO upgrade is well priced....

OS:Win 7 Ultimate 64-bit
MB:ASUS Z87C
CPU:Intel(R) Core(TM) i7 4770 ***
GPU:Geforce GTX 770 4GB
Mem:***ingston 16384MB RAM
  • | Post Points: 5
Page 1 of 1 (9 items) | RSS