BlogsDave Keays's blog

"best AV" and free

Submitted by Dave Keays on Mon, 11/30/2009 - 02:34
Tags:

Probably the two most common questions I get about Anti-Virus software is "which one is best", and "are free AVs any good". Now "AV comparatives" has done a test to see which AV not only detects but removes and cleans-up after malware well. I see a few problems:

Problem #1: There is a question about which technique is more important. Once a virus gets past the detectors and infects your machine the game is over and your computer can't be trusted. Some serious thought should be put into maybe reinstalling the OS from scratch and maybe even trashing your whole system (both hardware and software) thanks to the bios viruses of today.

Problem #2: In reference to the question about how free AVs perform, the study didn't test free AVs. I doubt if there is someone sitting in an ivory tower commanding the armies in their capitalistic empire to "screw the public by ignoring free AVs". But AV Comparatives did only test 16 products. Too small a sample to get any reliable results.

Problem #3: Speaking of small samples, only 18 viruses were tested. They themselves talked about how we shouldn't jump to any conclusions for that reason.

I do have a couple of questions I wish were addressed:

Question #1: What would the results be on a Vista SP1 or whether

Question #2: How well do AV products cleaned-up the infections that got past their own detection? I really don't care how well my AV product cleans-up infections that it prevented from happening. Nor do I care about the sound of a fallen tree when nobody was around to hear.

However, I think we learned a couple of lessons:

Lesson #1: recovery is an iffy business so more effort should go into prevention.

Lesson #2: statistics can be used to prove anything so be cautious about studies like this.

Lesson #3: use as many scanners as possible for cleaning up an infection and detecting an infection after the fact.

There was a lively discussion about this study at the ZDnet blog (Ryan Naraine and Dancho Danchev) but it quickly degenerated into the best-OS sess pool. It is tiring when you are trying to learn how to protect a PC and you are told the only option is to switch to another OS and ignore all other reasons for using the OS you do. One comment put the issue in perspective:
my PDP/11-44 has never had a virus.

BTW: my last infection was in '99 or 2k (I forget which one). It trashed an NT box but not my Linux box so Linux is more secure. But my Win98 box was left untouched too. Is Windows 9x as secure as Linux?

http://www.av-comparatives.org/images/stories/test/removal/avc_removal_2009.pdf

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Just what the doctor ordered,

Submitted by Elora (not verified) on Wed, 12/28/2011 - 19:09.

Just what the doctor ordered, thank you!

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Allowed HTML tags: <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.
  • Image links from G2 are formatted for use with Lightbox2

More information about formatting options