This paper may be interesting, although Avast is not included.
How reliable are these products really and what kind of malware is intentionally not detected ?
It is very easy to manipulate AV test results in advance to yield favourable results for some vendor, simply by adjusting the test files. You may get rich by such schemes, for this is very big business. Comparing AV tests available on the internet - let alone the stories of “independent” reviewers - only confirms that you can’t trust them.
And what does a particular test tell you. You always read into it what you like to hear. Sometimes it is like comparing apples to pears. It cannot be done. AV products can be totally different, there are different leagues, and there are many factors that weigh in the balance. Some total anti-malware products can be overbloated and run very heavily on your system. It is the same in a dog fight, the size of the dog is not important in the fight, but the size of the fight in the dog. But the malware theater has changed completely. The Webroot Phileas botnet, searching for webpages hosting spyware or scumware has already found over 100.000 places on the net that better be blocked. It is also an indication of the gigantic amount of money involved. As long as big investors support this, we have not seen the end of it yet. On the one way they try to lift the protection of an e-mail in transit and rather to see it as a static mail forwarded,which is better to restrict protected downloads. Then the opt out system is not helping actually, and then when people want to block or filter, the marketeers complain they cannot sell their ads. I fear we have to live with malware for many days to come,
I found this paper quite interesting because so many people rely heavily on AV tests and don’t consider the entire issue. Like malware companies that sue the AV vendors because they don’t like to be unmasked. Or how much your particular computer will be slowed down and how much time it will take to perform a full system scan. In my opinion too, you cannot compare all those products (some use the same engine and databases !) in a reliable way.
It may be worthwhile to visit the forums of the various vendors (if any) and to see what problems are discussed. Sometimes difficult to find, like Kaspersky’s: http://forum.kaspersky.com
It is indeed amazing to detect the amount of commercial garbage they try to load on your computer and the tricks they use can easily be used for malicious purposes. Did the idea of the “electronic highway” not originate from guys in the Wild West ?
There are some that think that Al Gore has built the Internet.
Well I am joking a bit here. But in general when you analyze the malware front, you also have to consider where the money goes. The surge in spy- and adware and bogus anti malware programs comes down to the simple fact that there must be people who have a deep invested interest in scumware. But a lot a people do not know how it works, and that is why we have the situation, we have to-day. If for instance you link to the banner of someone else, someone is deprived of money payd out for clicks he expects there. Go to the site of Ben Edelman: http://www.benedelman.org/, and you will get a good picture of spyware and its implications.
Ben Edelman’s site, you mentioned, is good reading. What protection does he have himself against the threats: www.benedelman.org/spyware/threats ?
Suing may be the preferred way to threaten anti-spyware and -virus companies, but individual investigators already receive the message that they will be killed. For instance some Zotob variants contain such warning.
Our posts appear quite rapidly and prominently on MSN Search (has improved considerably now) and I’m sure there are some out there who don’t like our attitude. Found DSO-exploit in the Registry today, you see. Though, such risks of walking in Amsterdam at night are as yet much more obvious…
This appears to be basically an internal memo with some type of justifiction for a particular policy for a university starting in the fall semester. That NOD32 will be used on their machines and machines connecting to their networks. It appears the head of IT security at this school went to great lengths to get NOD32 approved or to find out which would be best for his peace of mind and the security of the systems. This is not an exhaustive scientific test. More of a detailed explanation for policy change.