I'd like to take this opportunity and comment little bit more about the test and the results.
First, let me say that the recent results (especially the Oct 2011 results) don't make me too happy. You're right that avast did quite poorly, and this needs to be fixed.
However, I have to object the accuracy of the name of this test (or other "Real-World" tests I have seen recently, for that matter). For starters, the test is done as follows: every day (or every few days), the tester pastes a few links to the browser's address bar. The links point to executable files that are downloaded from the Internet and then executed on the computer (unless the tested AV stops them). Thus, all modules, includes the Network and Web Shields are exercised, which makes the test much more "real-world" than the traditional on-demand tests. So far so good. That said, there's one principal problem here, which is - in the real-world scenario, how does the user (and/or the browser itself) get to these URLs? That is, why would the user (in a real-world scenario) paste such a link to the browser? What happens in the real-world is that the browser is typically redirected to such a URL through an exploit - most likely a Javascript exploit pack or something similar. And that's the part of the equation that the test completely ignores. It has been shown many times that one of Avast's main strengths is in its detection capabilities of such malicious scripts/redirectors which are generally working as the entry points for the actual malware (the payload). Our primary emphasis lately has been blocking of those entry points instead of focusing so much on the actual binaries which would then be downloaded to the computer if the exploit got executed.
Another thing that is worth discussing is the size of the test set. If you look at the chart, it may look terrible, but what it means in absolutely numbers is that avast missed 18 samples. Eset missed 11. AVG missed 10. Avira missed 8. Are the differences statistically significant? They probably are, but it certainly doesn't look like such a disaster when you look at the numbers like this.
In any case, we do understand the importance of doing well in these tests (and we do even have a limited understanding of the necessity of protecting our users better against those manually downloaded malware binaries) and that's why we're making some important changes in our upcoming avast version 7, due in Q1 next year. It will be very interesting to see whether the new version will live up to its expectations. Fingers crossed.
Thanks
Vlk
The importance of doing well in these tests is to help in marketing the program to those who don't how to surf the internet.
Who downloads files that they don't want? Only those who use a lousy Browser or don't have it set up correctly.
I understand the need to try and protect the uninformed but the reality is, is that is a losing battle as long as they remain uniformed about good security procedures. The bad guys get their stuff on peoples computers because of stupidity by the users, plain and simple. No AV program will ever overcome that.
What avast should do is put more effort into educating users about safe surfing.
1. Use a current OS and keep in updated. I recently read where one person was able to get a rootkit onto Windows 8 DP. Of course this was on a computer using a BIOS and not UEFI. You can bet your last dollar that when I upgrade to Windows 8 it will be on a new computer with UEFI and not my current ones with a BIOS.
2. Update the software on a your computer at least once a week. Even better only use software that has auto-updates and make sure that they are set to run whenever you load the software.
3. Don't open any email unless it is from someone you not only know but are expecting email from. Never open email attachments unless they are scanned first.
4. Have your Browser set to "ask" first on all software downloads and make sure that it downloads to a safe location. Scan it before opening it. Never open and run a downloaded file before saving it and scanning it. Make sure you initiated the download.
5. Avoid websites that are high risk like Facebook or be willing to pay the price.
6. Avoid using programs like MSFT IM or Skype which are subject to all kinds of attacks
People are just dumb when it comes to computer security. They need to educated first and foremost. avast! can build the greatest AV or IS programs in the world but if the users do stupid things they will still get infected.
Bottom line is that is that it is not the AV program that is usually the problem, though some are definitely better than others. It is all the other stuff that users don't do or do wrong that allows for their computers to become victims to Malware.
IMO avast! needs to concentrate more on educating their users through the use of emails and good overall security tips rather than worrying about getting their test scores up.
avast! works great for me.