PC Pitstop Research analyzed 50,258 computers and found the following:
- 23% of computers have no active security protection.
- 14% of the computers had some sort of high level threat.
- Spyware is the most common malware threat followed by Rogue Security Software.
- Kaspersky protects the best against Rogue Security Software and Trend Micro is the worst.
- Symantec protects against spyware the best, and Kaspersky the worst.
- Trend protects the best against keyloggers and Avast fares the worst.
- Kaspersky protects against viruses the best, and Symantec tails the pack.
Security Providers
This analysis looks at the security software actively running on the computer. A separate analysis, not part of this report, would analyze security software that has been installed but not active. The findings are that 23%, close to 1/4th of the computers, had no security software active. The analysis found a total of 40 different security products running on the target computers. For the purposes of brevity, this analysis focuses on the top 8 providers. Of those, Symantec/Norton is the king of the hill with 15.9% market share.
Malware Analysis
This study focuses on high level threats such as Rogue Security Software, Spyware, Viruses and Keyloggers. The study excludes lower levels threats such as malicious Browser Helper Objects, home page hijackers and tracking cookies. The good news is that 86.1% of the computers had no high level threats at all. Of the remaining 14%, the most prevalent form of malware is spyware. 10.5% of the computers studies had some form of spyware.
A new growing segment of malware is rogue or phony security software. This software becomes installed by popping up phony malware warnings. At the time of this analysis, 8.4% of the computers had an infection from this category.
Viruses were found on 1.8% of the computers. Last but certainly not least, key loggers and other surveilance software were found on 1.5% of the computers. This is a rather dangerous category since this form of malware can be used for identity theft, stalking, and other ugly and criminal activity.
This chart can be used to estimate the effectiveness of various security vendors across the malware categories. In the case of Rogue Security Software, Kasperspy was the winner. Of the computers that had Kaspersky protection enabled, only 6.7% of those systems had rogue security software installed. Contrast that to Trend Micro protection. Computers that had Trend Micro protection activated had rogue security software 14.5% of the time.
We define spyware as the software that is unintentionally installed on the target computer. Once installed, the software tracks user activity with the purpose of displaying advertising. Although perhaps the least malicious of the malware categories, it is also the most annoying. The king of the hill in spyware protection is Symantec/Norton antivirus. Only 9% of Symantec systems had some sort of spyware, as compared to Kaspersky which had 18% of their systems infected with spyware.
The reason why the entire security industry exists is because of viruses. Viruses are software written specifically to be mischevious or worse malicious. The king of virus protection is Kasperspy, and amazingly enough, the worst guardian against viruses is the market leader, Symantec.
Keyloggers are a category of software that is intended to monitor the activity of a target computer. Keyloggers can also be used for legitimate uses if the owner is aware that the software has been activated. However, once the user is unaware, they are suceptible to having their privacy invaded in a very major way. Trend Micro leads the pack and only .9% of their PC’s have a keylogger. The worst is avast! with 2.3% of their protected computers with known keyloggers.
Conclusion
The key conclusion is that no matter which software is running, users are still running a substantial risk of becoming infected. As we have done, one can analyze the strengths and weaknesses of all the competitors, but no matter which one chooses, there are still real and tangible risks. We believe that the customer expectation is markedly different than the reality. Customers believe that once they download or purchase a security software, they are invincible. Security software reduces the risk of infection, but it does not in any way eliminate that risk.
No one security provider is good at protecting against all aspects of security. As the analysis suggests, each vendor has some strengths and some weaknesses.
About The Study
This study analyzed 50,258 computers in April 2010. The data set was compiled by test records of PC Pitstop’s PC Matic or CA’s PC Tune Up. PC Pitstop developed PC Tune Up for CA. Both PC Tune Up and PC Matic are built on the principles of cloud computing. One of the major benefits is that all the malware scan information is stored on our servers. This enables us to quickly analyze, compile and share this report.
Both PC Matic and PC Tune Up use CA’s anti virus engine and signature file. Therefore this study analyzes strictly how well we as an industry detect the malware in CA’s signature file. CA has been omitted from the analysis, since CA does a great job of cleaning malware from its own signature.
Although this is a large study by most standards, we omitted many of the smaller security vendors for the purposes of accuracy and brevity. Speaking of brevity, this report was intended to be a summary. The scan records of 50,258 computers is enormous, and one can imagine all the other data that can be mined. Based on interest, we will continue to share more information about the state of the security industry.
We are very excited about the potential of this new data set and the potential of our cloud approach to security. We hope that by sharing this information that we all can build better products in the battle against malware.
More to Come
We are very excited about this report, but we feel that we are just scratching the surface. All of the information has already been collected, and based on public response, we are hoping to investigate the following areas in more detail.
Free vs pay software – Four of the eight security vendors distribute their software for free; Microsoft, AVG, Avira and avast!. Do the free vendors protect better or worse then their pay brethren?
Virus demographics – In many cases, we have cross tabs available for the data set for gender, age, and PC location. We can do an analysis whether our senior citizens are more likely than our youngsters to be infected. Or perpaps, whether women are more careful than men. Or on a serious note, whether infections happen more frequently in the home or business.
Malware prevalence – We are able to track real time which specific pieces of software are on the rise.
None – As noted, close to 1/4th of the computers had no security software. How well do they fare versus their protected friends?
Do you like this report? Do you want to see more? Leave us a comment below.
