Avast versus AVG: which is better?

Do you read software reviews? Chances are that you do, and that you take a view based not on one but on several reviews. I mention this only because CNET recently published a ‘back to school’ feature suggesting a list of software to load on your kiddies’ laptops. It made a number of suggestions using mostly free and/or open source software, including Firefox. For protection against viruses, it suggested you load Avast’s biggest competitor, AVG.

Naturally, the Avast developers weren’t too happy about this and brought it to my attention. You need to know this because I intend, as I promised right at the start of this blog, to be transparent both about the fact that Avast is paying me to write a blog about PC security, and that Avast has no control over what I write.

The reason why this is important is because I think CNET is wrong, although you need to bear in mind that this article was one person’s opinion, to which of course he’s entitled.

Where he recommended AVG, I would have said Avast, for the same reasons I switched to Avast. These all centred around the fact that, as far as I could tell in my experience as an intensive PC user for the last 25 years, it offered at least as good if not better security — the key criterion of course — and because it had much less impact on my computing experience. This is, I would argue, especially important if you’re sending kids to school with this stuff, as the last thing you want is for them to start fiddling with their anti-virus settings — perhaps even turning it off because it becomes bothersome. It should sit there, working silently and unobtrusively in the background.

AVG drove me away because it didn’t do this: it popped up messages that I couldn’t disable and frequently prevented machines from going to sleep to save energy because of its dialog boxes that grabbed focus and demanded attention from an absent user.

I installed AVG just now in a virtual machine to check out whether it still does this, and I find that the company has now introduced a silent mode, although it only works when full-screen applications are active, while Avast’s simply works when you turn it on.

And a bunch of readers of the article agree too, because the author added a post-publication rider at the end saying that readers had contacted CNET saying that Avast offers more features, a better interface, and better protection.

So there you have a distillation of the experience of thousands: Avast is better.

Why free AV can be better than paid-for

One of the big news stories this week is Intel’s purchase of McAfee, one of the two biggest security software companies — and there’s a reason why you should care.

But before we get to that, there’s been a number of reactions to the news from industry observers. Among the most prevalent has been surprise followed by mild bewilderment: why would Intel buy McAfee which, as The Register pointed out, is a big company but doesn’t develop exceptional technology? “There’s nowhere from anti-virus to IPS to mobile security where its products particularly stand out,” said the story.

So why would Intel want to buy it, especially for $7.76 billion — 62 percent over the McAfee’s stock market valuation?

Intel sees the future as mobile: people are switching to smaller devices as chips become more capable. And where the market goes, surely malware will follow. And this is why you care. You might be using a desktop today — you might even be using a desktop in 20 years time — but the people who don’t own a desktop — or even a desk — won’t be, and they outnumber you hugely.

Those people will need protection against malware and they’ll need it built into the hardware, preferably the CPU, and that’s why, I suspect, Intel wanted McAfee — although there must have been some other technology under development that we don’t yet know about, as McAfee’s publicly visible technology on its own seems unlikely to command such a huge price.

Despite Intel’s investment, it seems unlikely that McAfee’s anti-virus technology will change much — and there are much better offerings out there from smaller, more agile companies, even those such as Avast who develop technology you don’t have to pay for.

If you doubt it, check out the specialist anti-virus site Virus Bulletin. It recently tested a range of AV packages, and avast’s free Antivirus was a top performer in VB’s battery of malware detection tests. It detected all in-the-wild viruses and scored better than some of the best-known paid products, including those from both McAfee and Symantec. This shows that cost isn’t the sole measure of quality of an AV package.

Avast makes a splash
Some Avast news now — and it should mean that Avast’s technology will continue to improve. Avast has landed an investment of $100 million from growth equity investor Summit Partners in return for a stake in the company. This is, said Avast CEO Vince Steckler, “a vote of confidence in our disruptive ‘freemium’ business model, which combines a full-fledged free product with a premium one.”

Although the company hasn’t said what it’ll do with the money, the investment suggests that Avast now has greater financial stability and can spend on developing its technology further, as well as reaching out to the 80 percent of desktops and laptops that don’t yet run Avast.

I’ll bring you more news of this as I get it.

Is your AV software doing what it should?

The great thing about anti-virus software is that it runs in the background and with minimal impact on your day-to-day activities or your PC’s performance.

And, in some ways, that could be a bit of a drawback. It’s not a problem 99 percent of the time but occasionally, you need to keep an eye on what your AV software is doing — especially so if you don’t know what where the software came from.

Search for anti-virus using a famous web search engine, and you’ll get thousands of hits. Among the top hits is, of course, Avast but, as you trawl down the list, you’ll start finding lots of names you don’t recognise.

Some of them will promise all sorts of benefits — and the more extravagant the claims, the more it can pay to look carefully before installing. Just as you wouldn’t (I hope) just give your money without extensive research to the first person who asks you to invest with them, so it is with AV software.

How to choose then? You could check whether the software has been reviewed recently, for example. In a recent PC Magazine review, Avast got a good write-up, the author — who’s an experienced technology journalist — finding that Avast does as well as the better-known paid-for products and that “Avast! in particular tested well for malware removal”.

But some so-called AV software is, in fact, a front for malware. Once installed, it can then perform all sorts of nasty tricks, for example, trawling though your address book, mining it for contacts and sending out spam with poisoned links, or logging your keystrokes for anything that looks like a credit card number and sending the information on to identity thieves.

The standard rules for being safe on the Internet apply when choosing an AV package: check the vendor is an established player in the AV market, and look for reviews and for the experiences of other users.

Is it time to upgrade to Windows 7?
You may feel that Windows XP is good enough for what you need to do. You may feel that you don’t want to pay Microsoft any more money. You may even feel that Windows 7 is a downgrade compared to XP. But there’s more to it than that.

Windows XP is Microsoft’s most successful operating system having lasted from its launch in 2001 to 2010. Nine years is a lifetime and a half time in PC years but XP is now starting to look long in the tooth. Not only does it not support many of the newer types of hardware being released, more importantly, it’s not as secure as Windows 7.

From a security perspective, there’s a lot more in 7 than meets the eye, including the ability to take advantage of Intel’s latest on-chip security features under its trusted execution technology branding. And if you’re on XP service pack 2, you need to be aware that Microsoft ended support for it very recently, so you won’t be getting any more updates or patches, leaving you vulnerable to the latest generation of malware.

This process will continue, and eventually, no version of XP will receive updates. That day has yet to arrive but arrive it will, so it’s worth starting to think about what to do when it does.

Who do you think you are?

Who you are matters. Thing is, you know who you are but, to the Internet, you’re a collection of data. This includes your name, date of birth, address, mother’s maiden name, names of your pet, siblings and so on.

If someone wants to steal or imitate your identity, all they have to do is collect enough of those pieces of information to fool a computer system into thinking that they are you. You’re not significant enough? It doesn’t matter: crooks will be happy to get small amounts of money every month from your credit card — yours and those of hundreds of thousands of other people — amounts small enough for you not to notice or want to go to the trouble of reporting.

You’ll probably have seen some of the warnings from your bank telling you to look out for bogus emails asking for your password and so on. That’s one way for crooks to steal pieces of your identity. That way, and by installing Trojans via infected websites that log your keystrokes and beam them home.

Of course, you should never pass details such as that over the Internet unless at the very least you are certain you trust the source of the request, and the link is encrypted. (You do encrypt your outgoing emails, don’t you? If not, go to your email program now and change the SMTP settings that to prevent anyone else reading the emails you send.)

And we’re now hearing of bogus phone calls to individuals warning that their PC is infected, and suggesting how to put it right. It’s in our nature as human beings to trust others but you have to assume that, unless you know the individual calling you, calls such as this are designed to extract personal information from you that can at some point be used to your disadvantage. Moral of the story: never give your passwords to anyone.

If it so happens that your PC does become infected, don’t panic — find a reputable anti-virus application and use it according to the instructions. And don’t assume that free means worse: in the world of software, it’s not better just because it carries a price tag.

Are you a nerd?
Don’t go to nerdtests.com. Avast’s user community has discovered malware (a hijacked google analytics script)on that site — and from the screenshot of the page on Avast’s blog, it looks like Avast was the only AV package to pick it up.

If you’re an Avast user, be pleased with yourself — and keep your eyes open and your software up to date.

About

This blog aims to bring you the latest updates on security threats that could affect your PC. Although it’s sponsored by Avast, the company has no veto over what I write. It’s designed to be practically useful, and provide helpful advice – comments more than welcome.

I’m Manek Dubash, a journalist specialising in technology over the last 25 years. I’ve edited PC Magazine UK, been deputy editor at Personal Computer World, and am now freelancing for sites including ZDNet UK.

I also work in video and audio, including direction and production for NetEvents TV, and work as an events photographer. There’s more about me here.