The State of PC Security

PC Pitstop Research analyzed 50,258 computers and found the following:

  • 23% of computers have no active security protection.
  • 14% of the computers had some sort of high level threat.
  • Spyware is the most common malware threat followed by Rogue Security Software.
  • Kaspersky protects the best against Rogue Security Software and Trend Micro is the worst.
  • Symantec protects against spyware the best, and Kaspersky the worst.
  • Trend protects the best against keyloggers and Avast fares the worst.
  • Kaspersky protects against viruses the best, and Symantec tails the pack.

Security Providers

This analysis looks at the security software actively running on the computer. A separate analysis, not part of this report, would analyze security software that has been installed but not active. The findings are that 23%, close to 1/4th of the computers, had no security software active. The analysis found a total of 40 different security products running on the target computers. For the purposes of brevity, this analysis focuses on the top 8 providers. Of those, Symantec/Norton is the king of the hill with 15.9% market share.

Malware Analysis

This study focuses on high level threats such as Rogue Security Software, Spyware, Viruses and Keyloggers. The study excludes lower levels threats such as malicious Browser Helper Objects, home page hijackers and tracking cookies. The good news is that 86.1% of the computers had no high level threats at all. Of the remaining 14%, the most prevalent form of malware is spyware. 10.5% of the computers studies had some form of spyware.

A new growing segment of malware is rogue or phony security software. This software becomes installed by popping up phony malware warnings. At the time of this analysis, 8.4% of the computers had an infection from this category.

Viruses were found on 1.8% of the computers. Last but certainly not least, key loggers and other surveilance software were found on 1.5% of the computers. This is a rather dangerous category since this form of malware can be used for identity theft, stalking, and other ugly and criminal activity.

This chart can be used to estimate the effectiveness of various security vendors across the malware categories. In the case of Rogue Security Software, Kasperspy was the winner. Of the computers that had Kaspersky protection enabled, only 6.7% of those systems had rogue security software installed. Contrast that to Trend Micro protection. Computers that had Trend Micro protection activated had rogue security software 14.5% of the time.

We define spyware as the software that is unintentionally installed on the target computer. Once installed, the software tracks user activity with the purpose of displaying advertising. Although perhaps the least malicious of the malware categories, it is also the most annoying. The king of the hill in spyware protection is Symantec/Norton antivirus. Only 9% of Symantec systems had some sort of spyware, as compared to Kaspersky which had 18% of their systems infected with spyware.

The reason why the entire security industry exists is because of viruses. Viruses are software written specifically to be mischevious or worse malicious. The king of virus protection is Kasperspy, and amazingly enough, the worst guardian against viruses is the market leader, Symantec.

Keyloggers are a category of software that is intended to monitor the activity of a target computer. Keyloggers can also be used for legitimate uses if the owner is aware that the software has been activated. However, once the user is unaware, they are suceptible to having their privacy invaded in a very major way. Trend Micro leads the pack and only .9% of their PC’s have a keylogger. The worst is avast! with 2.3% of their protected computers with known keyloggers.


The key conclusion is that no matter which software is running, users are still running a substantial risk of becoming infected. As we have done, one can analyze the strengths and weaknesses of all the competitors, but no matter which one chooses, there are still real and tangible risks. We believe that the customer expectation is markedly different than the reality. Customers believe that once they download or purchase a security software, they are invincible. Security software reduces the risk of infection, but it does not in any way eliminate that risk.

No one security provider is good at protecting against all aspects of security. As the analysis suggests, each vendor has some strengths and some weaknesses.

About The Study

This study analyzed 50,258 computers in April 2010. The data set was compiled by test records of PC Pitstop’s PC Matic or CA’s PC Tune Up. PC Pitstop developed PC Tune Up for CA. Both PC Tune Up and PC Matic are built on the principles of cloud computing. One of the major benefits is that all the malware scan information is stored on our servers. This enables us to quickly analyze, compile and share this report.

Both PC Matic and PC Tune Up use CA’s anti virus engine and signature file. Therefore this study analyzes strictly how well we as an industry detect the malware in CA’s signature file. CA has been omitted from the analysis, since CA does a great job of cleaning malware from its own signature.

Although this is a large study by most standards, we omitted many of the smaller security vendors for the purposes of accuracy and brevity. Speaking of brevity, this report was intended to be a summary. The scan records of 50,258 computers is enormous, and one can imagine all the other data that can be mined. Based on interest, we will continue to share more information about the state of the security industry.

We are very excited about the potential of this new data set and the potential of our cloud approach to security. We hope that by sharing this information that we all can build better products in the battle against malware.

More to Come

We are very excited about this report, but we feel that we are just scratching the surface. All of the information has already been collected, and based on public response, we are hoping to investigate the following areas in more detail.

Free vs pay software – Four of the eight security vendors distribute their software for free; Microsoft, AVG, Avira and avast!. Do the free vendors protect better or worse then their pay brethren?

Virus demographics – In many cases, we have cross tabs available for the data set for gender, age, and PC location. We can do an analysis whether our senior citizens are more likely than our youngsters to be infected. Or perpaps, whether women are more careful than men. Or on a serious note, whether infections happen more frequently in the home or business.

Malware prevalence – We are able to track real time which specific pieces of software are on the rise.

None – As noted, close to 1/4th of the computers had no security software. How well do they fare versus their protected friends?

Do you like this report? Do you want to see more? Leave us a comment below.

 6,977 total views,  3 views today

(Visited 1 times, 1 visits today)

69 thoughts on “The State of PC Security”

  1. To give a complete analysis I feel CA should have been included in the lists.
    The comment “CA has been omitted from the analysis, since CA does a great job of cleaning malware from its own signature.” and the information that PCPitstop use it does not provide any statistical data to enable readers to select an anti-virus program to use.

  2. I have had a computer in the house for over 25 years. The first came loaded with a very early version of CA EZ Antivirus and worked. I replaced that computer when the hard drive crashed due to overload. The next one and my current one also use CA, until they combined their product into their 2010 suite, at which time I started to have many site “access” issues – on secure sites. The final straw was when I uninstalled the program and became locked out internet access except for incoming text e-mail. I had to hire a consultant in an attempt to repair – resulting in having to restore my system back to factory delivery setting – losing all files (had back up on remote drive for most) .. still a pain to “reconfigure”. I now use Vipre and am very satisified with function, usage and customer support. I urge people to be careful – all systems respond differently to products – what works for one doesn’t necessarialy work for another.

  3. I used AVG freeware for quite a while and I thought it was good as I had no problems with it,I then paid for it and everything was going well so I thought I would trust them with my malware on my e mails. To cut a long story short it didnt work and I could not un install it or re install it. I asked AVG for help and it was almost non existent. My PC suddenly went into a mode of starting and restarting and it took me 7 hours to get my PC in a working order. I then had to take it to a PC shop and I had to pay £70 to have it fixed. AVG did not want to know even thought I had just renewed for the next 2 years so just be warned all you people who are thinking of buying AVG

  4. Having a hardware router is a great plan, and it’s possible to turn an older PC into one. If machines are dual boots, have different security software on them so that they can work on their strengths when needed. I have used Zone Alarm for a while, but running several machines, I tend to mix it up a bit. Lately ZA (Win XP) has been forgetting it’s settings and the machine has only failry recently had a fresh install. Vista Ultimate 64 bit has Comodo on Firewall and Virus scan and I will use other software now and then to check for spyware. Have just added Win 7 also for a while until I get the time and parts to build a new machine which will be dual boot with openSuse (I suspect).

    The answer it seems though, is to use Linux more for web browsing. It’s not infalible, but it’s a darn site better than Windows. I also use Paragon Hard Disc Manager to image my hard drives.

  5. Thank you for a provocative report! Makes re-thinking a “must”.
    If no one single software solution is adequate, can you discuss the effects of running more than one vendor’s software simultaneously? Does this make sense? Does it create conflicts and sluggishness?
    Thank you!

  6. I’ve had and worked on computers since the 80’s and to this day the two best software programs for recovery and repair are Malwarebytes and Antivir. Up until two years ago I was reinstalling my operating system (wife and daughter also use the computer) at least once every six months. I’ve installed both and work well togther (paid subscription). What one doesen’t catch the other does! Malwarebytes tech support is the best! Help is usually available within a couple of hours. Solved every problem with one email. By the way wife and daughter now have their own computer. Security problem solved!

  7. Sweet article, well done.
    Personally I have used Norton, it’s hopeless.
    I then used CA, started off ok but went downhill, also no good.
    For the past year I have been using ESET security Suite, have found it to be fantastic. I ran/run all of these on 5 PC’s. ESET rocks!

  8. I have used CA since it was orignally called Thunderbyte, before they went to the general public. Have used since 1995 and not had a problem ever. They are well worth the cost of $40. a year.

  9. Most users seem to have anti-virus and anti-spyware protection from my experiences, involved with the administration’s computer club here in Riderwood. In this Retirement community, of some 1700 residents, the free products offered have proven qualified, but additional web based scans would be desirable.

    Your comments will be appreciated. Thank you.

  10. Most interesting but you say some 50,000 plus, computers analysed… I am maybe naive but this seems to be a very small sample. Unless you need to sample in a very small space of time. I have no idea how many computers PC Pittstop analyses but I hope, for you, that it is more than this. It could well be that with a greater sampling the numbers would change… who knows, unless you do it but I like your analysis and the idea of what you are doing

  11. This report is a decent attempt at decyphering data and gererating conclusions, but needs to be taken with a grain of salt.

    I don’t really see the point in not including all AV/Anti-Spyware solutions. The statistics should be generated by percentage infected systems with each software. Then it would make no difference if a company is big or small.

    The responses that always make me laugh are the ones saying “I’ve used so-and-so for years and never had an infection”. Um, the point of this article (which is the best point of the article) is that if you don’t occasionally scan with various products, you’ll never know if you have an infection or not. Each definitions signature is different. Just because yours doesn’t include certain malware definitions doesn’t mean that they’re not on your system. 🙂

    Personally, I’d never run a single AV or all-in-one solution and assume that my system is clean. We have AVG Internet Security Suite on our home server scanning all systems daily, and a hardware firewall on our Draytek modem. Each system also has Avast 5, Malwarebytes Pro, SuperAntiSpyware Pro, and CounterSpy 4. Each and every one of these apps finds various things that the others don’t. I feel pretty good about our protection, but wouldn’t swear they’re completely clean either.

    If Eset (Nod32) wasn’t always conflicting with other programs, I’d still be using that. As it is, its not worth my time and effort.

    Also curious to the definition of “Rogue Security Software”. Does that include key generators? Because if so, and since 90% of the time that’s a false positive, I find that statistic to be very misleading. And since when is it the job of malware protection to police DRM? 🙂

  12. Dont know for sure why Vipre is hardly ever mentioned but they have a product that works great and a good firewall is included.PC Pitstop and some of its products have been OK but they have marketed some really useless dogs too. I Pain good money for some of their products for years untill I finally figured out they did absolutely nothing to improve a computers performance. Jim G.

  13. @Ann Distin: I wouldn’t use two different active virus scanners such as AVG and Norton at the same time. You may have as many virus scanners as you want on your computers, but only use ONE active guard. You could also get, say, AVG and Norton and just disable one of the active guards and leave the other running. Just make certain only one active guard (Like AVG’s resident shield) runs at a time. Running multiple active guards can cause them to clash and/or slow down your computer a lot.

    Very good report, by the way. Very useful. One thing I found funny though is this:

    “Do the free vendors protect better or worse then their pay brethren?”

    If you have to even ask that question, why would you pay for your anti-virus solution?

  14. Charles F Jones

    Great analysis and summary!

    One item of interest for your consideration in future analyses: what is the risk of creating problems, conflict with other security software, and/or potential for slowdown from having two or more such apps active on a computer? For example, I have AVG Free running, as well as Windows Defender (hard to get rid of…); is there a risk of the above considerations with such an arrangement. I also have MalwareBytes and AdAware on the system, but as far as I can tell, they are not actively running…or are they?

    Another item: I have used at various times Kaspersky, Norton, McAfee (“free” from Comcast), and Webroot Spy Sweeper. They all so hogged my computer’s resources that I uninstalled them. Can you consider an analysis of such resource use. I have a reasonable current system–1.9G processor, 1G RAM, 250G HDD–with a few TSRs operating.

    Keep up the good work!

  15. I do run various antivirus, etc. programs but, in my opinion, the most helpful in preventing any type of malware from entering my system is Email Remover.
    In being able to preview and know the sender of your incoming emails before downloading (or NOT downloading) them into your system is one of the best safety measures I can think of.

  16. Very interesting report…I liked it…

    I have a small computer support business…I support home users only…most of my clients are older, retired folks…with very little computer knowledge…
    Pretty much all of them think once they have an AV package of sometime, then guarenteed…no infections…

    Needless to say, I clean out a lot of computers…

    In declining order my users run…
    Trend Micro
    And I would say the results are very close to whay you found…

    As you continue these tests, I believe there are two AV/AS you need to include in your tests…they are small market players but I think very good…
    Eset and Vipre…

    Great article…keep it up…

  17. Once again our friends at the PIT are providing great information to the masses. Proud to be a member for 10+ years.

    I run a variety of the options described on this page, all have minor issues, all do as good a job as I expect of a piece of software. I run secondary security in the form of the TEATIMER option in SPYBOT Search and Destroy.

    Even if something gets through the anti-virus, this little baby pops up a message asking if you want things to happen, YES or NO, you have choices, and can make that decision permanent for that threat. Fantastic tool.

    Keep up the good work,

  18. Great start at informing PC network users of the risks and realities. No doubt the bad guys have an advantage as they only have to be successful a few times to create havoc. Security software has to be successful all the time, real time though; a daunting challenge! Thanks and continue providing information so we may make better choices.

  19. I had used Norton since windows 95 through XP. I had lost one hard drive due to virus years ago. Last several years, Norton started taking total usage of my CPU and I could not do anything until Norton had finished. I would take my computer to my local shop for repairs and cleaning, they told me to use Windows Essentials. I did not and starting using AVG. I liked AVG but after awhile, AVG starting using most of my CPU and my computer started running slow again. After taken it to the shop again several times and repeatedly being told to use Windows Essentials (it is free), I finally deleted all paid antivirus programs and loaded Essentials (did I say it was FREE?!!!!!). Essentials seems to work pretty good and I like the download and then forget it program. It does everything automatically. I liked it so much, I loaded it into all five computers in the house. One computer is an OLD laptop (HP Pavillion N5620 – 10 years old) that was very slow and now it even runs faster.

  20. I use CA on my home pc been hacked once or twice (spybot (freeware)fix those) but, has stopped many more. Yesterday some UPS confirmation. My work PC is running BitDefender and has never had any threats get threw.To me it seem like the bigger security company, the more of a chance of being hacked.


  21. The Best protection in my opinion is Kaspersky as your antivirus and having Malwarebytes as you spyware and everything else software. By combing the 2 I have never had any threats get to my system much less see any. I do some extensive web surfing and other things and I have found nothing to get through them. They are the BEST!

  22. It’s absolutely amazing to see the so-called ‘experts’ claiming “I’ve been using XYZ since Al Gore invented the Internet and I’ve *never* had a problem” …and while it may be true, cybercrime is now at an all time high and still escalating. Cybercrime has been MUCH more profitable than drugs for years and it’s continuing to get worse, not better. The ‘not me’ syndrome is the first sign you’re probably a victim.

    While, yes, a large majority of bot-nets are located outside the USA, there are still MANY tens of thousands of PC’s in the USA that the users have no clue are part of an elaborate bot-net hosting SPAM, adult/child porn, and malware for all sorts of cybercrime activities involved in stealing people’s identity, credit cards and bank account information.

    I believe the whole point of this article was to illustrate with a HUGE neon sign:
    “Just because you’ve never been infected doesn’t mean you’re not infected. It just means you would never know if you’re infected because the utilities you’re using to detect the malware you don’t want are **completely incapable** of detecting it.”

    The Matousec Security Challenge ( *REALLY* opened my eyes a few years ago when they illustrated that NOT ONE single firewall software (out of dozens) could pass even their most *basic* home-grown malware they wrote to bypass it. …and while several vendors have since stepped up to the plate, the vast majority still fail miserably against basic tests …and these are popular programs -most on the list here. Keep in mind, this is just ONE piece of the PC security pie.

    Naturally, I’d like to think I’m completely malware free… I run Vista x86 (soon to be 7) as a limited User (*NEVER* as admin or even a Power User), DEP (Data Execution Protection) turned ON -and my system supports hardware-based DEP, Outpost Security Suite (which used to be top on Matousec 🙁 with some customized ‘tighter’ rules, mostly use FF w/ NoScript and CookieSafe …all deny by default (rarely use Chrome), SpywareBlaster, *NEVER* use IE, I’m behind an NAT router/firewall (and I watch the logs), study PC security issues, and my computer is OFF when I’m not using it.

    …and, despite all this, while I’m “probably” clean, I’m not so naive to believe that my system is perfect.

    PC security requires a diligent, proactive, multi-layered approach including good sense, as someone above wrote.

    Thank you for this article. While to some of us it’s nothing new, it’s sad that some of the people who SHOULD be paying *VERY* close attention to the core message of this post are unaware of the severity of the online environment (even Google has been hacked!) while living in blissful denial …and I don’t mean a river in Egypt.

  23. i noticed that Webroot Spyware and anti virus were not mentioned in your report. I always thought Webroot spyware was the best. What gives?

  24. What was the best software to use to guard against rogue software that pops up as soon as you enter a website? Many of my friends can’t distinguish the difference between a real security software check versus a rogue security check. They believe it is their own security software PROTECTING their computer from attacks. Of course as soon as they click on the message that appears (or not) they become infected with rogue software. It does not seem to matter what level of computer knowledge one might have, I see all kinds of problems. Should we all consider purchasing the full security suite or just find a free version that will protect us from Fake software?

  25. 2. Id really like to see atleast a road map that the general public can use to have the best protection.

  26. While I think that the report is great and more needs to be done to allow the public to see what bang they are getting for their buck I have two issues with it.

    1.If the installed AV did not chatch what was on the machine, what did the report use to identify the existing threats in the machines.

  27. For years, I have kept a clean machine with freeware: Avast free firewall, ZoneAlarm free firewall, Spybot Search and Destroy (use their teatimer in the background), SpywareBlaster. I also use Trend Micro’s Housecalls (online scanner) and AdAware for insurance. I don’t see any ads online, using an old version of WebWasher – besides making web pages more pleasant, it blocks a lot of the scripts and cookie garbage. My browsers are set to automatically scrub after closing, though I back that up with CCleaner (free). This combo has not had a negative performance impact on my machine that I can tell and, even if it did, argument could be made: risk vs. performance.

  28. I was recently the victim of Rogue Security SW attack. The volume of alarms going off was incredible and both AvastPro and Spyware Doctor warnings were going off while the phoney crap was popping off. In the chaos I didn’t pull the ethernet plug soon enough so I was left with disabled .exe problems among others. Spyware Doctor and Malwarebytes along with a clean up and repair program xp exe fix brought me back to normal but it was an unsettling couple of hours. I was disappointed that the program was able to get by my security at all but no harm was done in the end.

  29. The single most important security feature is a back-up strategy. I use Acronis True Image to image the entire disk once a day to a second hard disk, and occasionally to an external eSATA disk. In 12 years of home computing I have never encountered any malware. I use Avast 5.0 and a router.

  30. Not sure if someone already stated this but these charts and statistics are completely user based stats. If there is a really dumb user that has little to know knowledge of how to safeguard there computer and they install Norton or avg that is not going to be the same stats as if someone that is a tech guru that installs the same software so not to throw all this out the window and great job putting together the article but no one should ever use this as reference i have used avg paid version for years with no issues and work IT its my life so that might have something to do with it. Theirs a lot of social engineering out there especially if your prone to it.

  31. Looking forward to the day when your data collection is also available from the cloud and I can begin my analysis with the statement – Select * from All_Objects.

    However, until you compare vendors to an industry wide composite signature file, the only conclusion is that every vendor’s signature file differs from the CA signature file. In other words, like they say on Sesame Street – Any one of the signature files is not like the others!

    Using a composite signature file, even CA protected computers may have some hits.

  32. The protection I use for years are, Zone Alarm Pro, Zone Alarm Forcefield, AVG Anti virus, Ad-Aware and Scotty. To protect myself against E-mails, I use MailWasher Pro, which get rid of all the rubbish and then I use Outlook Express. And all the software works fine for me.

  33. Hi There
    I use Outpost security suite and Eset Nod 32 for my Protection and so far, for the last 6 years, I have been save.
    I think also you should mention Firewall
    this will prevent a lot, for me a good Firewall is as essential as a good Anti-virus Software. I also run a Router with limited Firewall capacity. Also anty Mal-ware is of course very important too.
    Then I use Secunia to let me now how save my system is with its upgrades.

  34. So, I use my computer between 10 – 16 hours a day, mainly online, following links that catch my attention.
    I have been doing this since 2000, and using IE exclusively, and no running security software. Have been hit by 1 virus in all that time (and knew it as soon as I got it).
    I scan with Malwarebytes every few weeks and remove 5-10 low threats.
    Fairly simple.
    Internet Options>Privacy: Advanced: Prompt for 1st party cookies, Block 3rd party, and allow session cookies (yes, can get irritating, but filling in the “remember” box and allow for trusted sites helps)
    Internet Options>General: Clear browsing History on exit
    Scheduled Tasks: Disk Cleanup every night and auto-delete everything
    Outlook and Hotmail spam filters set to exclusive
    This has worked on XP, Vista, and 7 (though I had to manually clear browser history before IE8)

  35. I’d like to add a few things I did not think to mention in my earlier post but I would very much like to see included in future articles, and/or updates to this one.

    You only named, and give results for, the eight most popular security applications. I’d really like to know how the 32 others fared. I understand that some may have so few results as to be statistically unreliable, but at the same time, just because an application is less well known, or less used, does not mean it is a dog. Perhaps there are some gems to be found in the lesser known products.

    What was the methodology used to collect the data set?

    I realize that, depending on the methodology used to collect the data, it might not be possible to answer this but, as others have pointed out; it would sure be nice to know the versions and update status of the products in the survey. Of course a fully updated Norton 2010 is going to do better than, say, an un-updated AVG 7, but would the results still be the same with a fully updated AVG 9?

  36. John P. Guckel - Milwaukee, Wisconsin

    I find it hard to believe that you rate Norton at all. With all it’s historical problems it would be my last choice. I have been using Kaspersky, along with my customers, for over two years. It doesn’t gobble up resources and plague you with annoying pop-up’s on what it is doing. Only warnings are displayed. And who else does hourly updates?

  37. Informative article but at this point lacking in details.
    I’m particularly surprised at the lack of detail as to the AV programs used. (Versions, last updated, settings, etc)
    Unfortunately when not all of the contenders are set up the same way, theses statistics can be made to lean in favor of any product the writer may have a particular bias for.
    I look forward to the next article and hope these questions will be answered.
    Thanks chengrob.

  38. This year I’m running a packaged deal. Next year I might pick which ones work the best.
    Thanks for the information

  39. If you rely only on AV software this is a bad mistake. A hardware firewall is a must, as well as OS and other software updates.
    Then Microsoft Security Essentials or AVG will fill the gaps. Secunia is very useful on software updates.
    As others have hinted, common sense is an asset!

  40. I have used Norton products since I bought my first computer in 2004 (really, it came with it so I have stuck with it). I now have Norton 360, V3.0. I have had problems with it since I first got it. I also have loaded on my machine for free Avira Antivirus. I have it set up so that I get alerts when something happens. Avira has caught and blocked more malware than Norton 360. In fact Norton does not even catch what Avira has. Seems what Norton 360 Version 3.0 does from my experience shows tracking cookies. I do not care that much about tracking cookies. I do care about viruses and malware and from my experience Norton 360 does not cut it. And the price is high. My Norton 360 is almost up for renewal. I do not care for Norton 360 although Symantec rants about it. I might just get the plaint Norton Antivirus and keep the Avira which seems. When I first had Norton I did get a virus on my computer. But since then I have not had anything. I use PC Matic to scan and also scan with Norton 360 and Avira.

  41. I use and recommend a combination of tools. SuperAntiSpyware, malware bytes, and Avast 5.0. I update and run each on consecutive Fridays on computers I oversee. I also like to run the bootscan from Avast on a random cycle.

    I am pretty happy with the results. I used to run AVG, SpyBot Search and Destroy, and Ad-Aware, but found them to be older and slower.

    I might go back to AVG after this report and add it to the rotation.

  42. Another Eset user who feels very secure. Too bad your survey didn’t tell me whether that feeling is accurate or not.

    Good survey w/ useful info presented in a way that makes it easy to understand. I look forward to the other reports you suggest, and I would love it if you provided links to more exhaustive data for those so inclined.

    Thanks for the good work you do.

  43. Many thanks for all the hard work; those of us who use packaged security protection will continue to benefit from your work.
    This report takes a lot of time, scrutiny and money and to include all other programs out there may be next to impossible and I’m sure you have to draw the line somewhere.
    I have used Invisus for several years with excellent results, and they offer free assistance with their package ($100/year) at present.
    If you have time to manuever your own setup you would save money but how does that equate over a year? ($8.33/mo. for me). And what of the time required? Thanks for an enlightening report!

  44. Since you are specifically attempting to gauge interest in this report, as well as in what additional interest readers have, here is my input.

    In short, in answer to your concluding questions; yes I liked the story and yes I would like to se more.

    Specifically, I would like to know more about free vs. pay software and more specifically what is the best free security software and in what combination is it best used.

    It is my opinion that the best free security software is somewhere between almost as good as, and a bit better, than pay security software, but as security software is an ever evolving process I am quite interested in continued comparisons and ratings of the competing products.

    It is also my opinion, and one that appears to be further validated by this report, that no one security product stops every threat. Therefore some combination approach must be better than relying on only one product, but which combination?

    In my case, I use AVG Free as my core anti malware product (including their link scanner, although it seems to work only with some search engines.)

    To supplement AVG I use Spyware Doctor for additional anti spyware protection. I use this product with its anti virus engine turned off as I have read, many times, that running two AV products at the same time is a bad idea.

    For further, behavior based, analysis I use Threatfire

    I also use WinPatrol to keep an eye on what applications are attempting to add themselves as start ups, plus the other areas it monitors.

    For a firewall I am using Windows Firewall and on my Windows 7 machine I use the much maligned User Account Control albeit on the second to highest setting so I don’t get overly bothered.

    What I want to know more than anything is; is this a good combination? Is there a combination that would work better? Is it overkill? And, of course, are these the best programs for their individual functions in my security scheme?

    From my list you can, perhaps, see why I have an interest in free security software. Since I am using five separate security programs, or six if you count AVG link scanner as a separate program, the cost could easily build to several hundred dollars a year if I used paid equivalents, where they exist, for all these programs, especially considering I maintain three computers.

    I did wind up purchasing the paid version of WinPatrol (Mr. Pytlovany once made an offer I just couldn’t refuse, with a half price sale.) but everything else is the free version. As near as I can tell, the free versions work just as well as the paid versions, although they may have a few less features, but I would always like more data on this.

  45. A very informative report. I would like to see more of this kind of information. Over the years, I have used McAfee, Norton and AVG. Currently I use Norton.

  46. Here I stand looking out at a large building in downtown San Diego that says Eset on it. Yet you never mentioned Eset either. Their product plus common sense has kept me safe for many years.

  47. I use Zone Alarm, surprised you didn’t mention it. I am careful, i don’t open anything I am suspicious of.

  48. How stastically accurate can this be? Probably not too accurate, based on 1 billion in the world this survey covers .005%. Even assuming 20% of these are in the western world – it covers .01% of the world’s computers.
    I would treat the results with a shaker of salt.

  49. Hello,
    Thank you for a most valuable report. I did not know that no Antivirus software gives a 100% protection.

  50. Unfortunately, but understandably, at least two important pieces of information are missing in this study: version of the software being used and update settings/date of installed database.

    Surely some of those computers were running old versions of the A/V software and guaranteed many of them have out of date databases, both of which will skew these results negatively for products in unpredictable ways.

  51. This is the most useful single report I’ve seen to date. Sure makes me think twice about praising or damning a given product.

  52. Thank you for this report. But there was nothing in the report that I did not already know. But I still give you good kudos for trying to get the word out.

    I have not had a virus or malware infection on my computer since the year 2000. I do my best to stay informed. I run none of the products you mentioned above. Unfortunately in the year 2000 I was running McAfee.

    If you look at all the security software as a whole, you will see that ALL of them regardless of how good they claim to be, have good months and bad. Rather it be malware slipping through, or false positives.

    I have never relied on just my security software to protect me. I run several Apps. I have access to a online file scanner. I run in my browser WOT, and siteadvisor. I have a Firewall. I use Pctools for my AV, and I use Threatfire.

    I also use a lot of common sense. If the email does not sound like the type of subject language the person would write to me, or the size doesn’t look right, or it’s one of those dreaded forwards it gets trashed. If WOT gives a website a bad review, then I take their word for it. I don’t go to red sites, and although I may visit a yellow site, I never do business with them of any kind including emails. I never click ads that I do manage to see. (I use a ad blocker) If I need something, I go directly to the place. I also never answer, or click a link in a email asking for personal information. I use text only emails also.

    While you may feel that opening attachments is bad…for me they are not. I get a heads up the attachment is coming, with size etc. Plus I scan it. If something about the attachment doesn’t look right, I will scan it online at a AV website using a AV engine not related to the one I use on my computer. This all has saved me several times.

    My computer is clean. I scan using my AV plus I pick a random engine online once a month. (Maybe overkill)

    I think it is time to buckle down on these “I don’t care” knuckleheads. Plus business, and even the computer makers need to take security more seriously. I never have relied on security software 100%. But there is a lot that a manufacture could do to get the word out. Unfortunately I don’t know how many business establishments I have walked in their door to find their employees were downloading files on the IM, visiting websites that I knew had poor ratings etc.

    My computer is a investment. Maybe everyone else not secure has the money to blow.

    BTW I rarely use a IM. But I am a member of most of the biggest social sites online. In case anyone thinks I do nothing online, and that is how my box has stayed clean. I am very active online. Including IRC.

    whew! That’s enough… sorry for the long comment.

  53. I guess I have to be counted as one that does not have any PC security. The reason is because I run PC Matic weekly and I have to turn off VIPRE w/ firewall when I run PC Matic. I”m sure I show up somewhere in a server number cruncher as a dufuss!

  54. This was well done, informative, helpful. Thanks for serving the community.

    What about Intrusion Detection Systems? I do regular manual antimalware scans, but they aren’t running real-time. I use ThreatFire and WinPatrol real-time. How do they compare to running a signature-based antimalware product?

  55. This part of the report is interesting, but it doesn’t tell anything about what direction to take in order to optimize protection against the threats that we all face online. I knew that I didn’t want to use McAfee any more after having bad experiences with it several times, and the free programs promise a lot, but apparently do not deliver according to your analysis. What is there that will provide adequate protection that will work for most all of normal users, (not those that go to risky sites).

  56. It would be a different report, but I wonder what the effect on the PC is of running different combinations of package, ie,
    – works?
    – effectiveness rate
    – slowdown rate


  57. Thank you VERY MUCH for this report. IT is just exactly what the ‘computing public’ needs: solid information, to make valid decisions.

    Just this summary alone could possibly change the security landscape—its that huge!

    Wow! you guys deserve a medal!
    Thanks again!

  58. I’m rather surprised that one of the oldest and best security software suites ZoneAlarm isn’t mentioned. Been using it for over a decade and not one bit of malware – not one.

  59. Great,made me reathink my pc securty.I have been with mcafee for 6/six years.Over that time my pc has been hack 2 x time.And have gotten three bad update that wipe every XP pc we had.Nuthing is 100%.We have six childen and pay for thire securty also, and all had gotten something.We have switch to Viper with firewall.Keep up the good work that you guy do.

  60. I am shopping for new security protection software and found this information, and the comparison results, really valuable. Thanks for publishing this and I look forward to future articles.

Leave a Comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.