back to article 1 in 6 Windows PCs naked as a jaybird online

One in six Windows PCs worldwide are hooked up to the internet with no basic security software, according to a study by McAfee. The computer security firm's study, conducted across 24 countries using data from an average of 27 to 28 million personal computers each month, found 17 per cent of machines were running with either …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    Can this be made into an imprison able offence?

    1. Lee Dowling Silver badge

      In terms of firewall, I would agree with you. But to be honest, the amount of machines that expose port 139 or anything remotely dangerous to an external interface is probably quite minimal, whether by virtue of Windows Firewall, basic network settings, router NAT, or ISP controls (PlusNet used to monitor port 139 / 445 and block you if they saw traffic, when I was with them).

      If you honestly think that antivirus works in any other capacity than a "miner's canary" (i.e. when that AV stops reporting back to the network, you go wipe that machine out), you're sadly mistaken. I've cleaned far too many machines that supposedly had full, paid-for, up-to-date antivirus on and the viruses just walked past it and then (ironically) shut it down in a way that the user wouldn't notice.

      Basic security precautions vastly outweigh any bit of automated blacklisting and heuristics, I'm afraid. In over 15 years, I haven't had a virus and I don't run antivirus. Sure, I have it. And I submit things to TotalVirus all the time to check them for other people. And I clean machines (provably successfully) that are riddled with them at least two-three times a month (nothing from MY networks, but people's personal machines, etc). But on my personal machine antivirus doesn't scan my disks and doesn't run all the time just to save against me downloading and running executable files (which, 99.9% of the time, is how viruses get into home machines). On a properly managed machine / network, there is no NEED for antivirus, whereas a firewall is pretty invaluable. It's good to have around and a good "canary" on a network if you have a central console it talks back to, but that's about it. I've yet to see an antivirus package of ANY name manage to intercept, quarantine and totally clean a virus infection that wasn't written by a 5-year-old.

      And the free ones are just as good as any other. Putting a user on a decent browser and breaking their hands if they run anything without checking will make infinitely more difference to their productivity and safety concerning viruses than any antivirus package you put on there.

      1. Gerry Doyle 1

        "In over 15 years, I haven't had a virus and I don't run antivirus"

        Me too, me neither, and it's now over 19 years, and for the same reasons.

      2. adnim

        You talk sense

        But most computer users are just consumers with little to no sense when it comes to computer/Internet technology. The last virus to infect any of my systems was the Saddam virus on my Amiga. I do have AV installed but it sits idle most of the time. It is like most AV solutions, next to useless at discovering new viruses. Still, not all viruses are new and it has proved useful in some instances when scanning downloaded exe's. If I do not trust the source of an exe and my AV states that it is clean, I will run the exe in a VM first and monitor it's behaviour before using proper. For most computer users/consumers this kind of practice doesn't even cross their mind. They have a... Computer doesn't say no, it must be OK then kind of attitude.

        1. jason 7
          Meh

          Re: You talk sense

          I always tell my customers getting a virus is like having a broken windscreen. You can go years without one and then have two in as many weeks.

          If you are going to get hit you'll get hit. The only things I see from my customers are the daily written card detail seeking drive-bys. The old classic virus has long gone.

          All of them have AV installed some paid some free but they all get by-passed (I would say McAfee more than most in my experience).

          I agree that if you are a vaguely experienced user then running AV in order to prevent all types of infection is largely a waste of time. You may as well not bother as it's often quicker to format and rebuild your PC (or re-image it) than sit and scan the HDD in another PC and run it through three different scanners to clean up the worst of it.

          I do however, rarely see a PC with no AV on it. I'd put it more at 1 in 20 say.

          1. eulampios

            @jason 7

            >>getting a virus is like having a broken windscreen.

            It is good that you don't use the "getting killed by the lightning" analogy. This would be equally inadequate though. The probabilities might be several magnitudes apart.

            Pretty much every Windows user I personally know had a virus, while very few of those that drive have cracked windshields.

        2. Alan W. Rateliff, II
          Paris Hilton

          Takes me back...

          I remember getting some Digital Corruption crap on my Amiga which stole my Miami* and several other purchased program keys. IIRC, it was a fake AmIRC update or something along that line. That was one of only two viruses I've ever had over the course of almost 30 years (dear God, has it been so long?) of computing. The second of which came along when I was a freshly-minted administrator and thought I knew everything already: I was requested to test out a program and the neither a trial nor free version were available... but a crack for the full version was. It happens, and the threat-scape has changed immensely since those days.

          In deference to my earlier post, my active and running anti-virus software caught that crack nuisance, and has protected me from a little over a handful of web-borne threats. Including one almost 10 years ago in our very own El Reg!

          Paris, there's a crack available...

          * I contacted Holger Kruse of Miami fame about my situation at the time. He berated me for installing pirated software (of which I had none) and refused to assist in reissuing my Miami keys. Then a number of years later he fell off the face of the planet, going to Rebol I believe.

        3. Anonymous Coward
          Flame

          @adnim Re: You talk sense

          Oh for god sake listen to yourself!

          I run the exe in a VM first and then if it's ok, run it live.

          For gods sake, get a grip on reality. Most and by most, I mean 99.99999999% of the world neither have the time, the skills nor the inclination to even do this, for them life kind of gets in the way of uber geekness

          When you go to a resturaunt, do you order a tiny sample of the food. Wait a few hours to check it doesn't make you ill then buy the whole meal? When you put petrol in the car, do you add 1 litre, drive few miles then go back to carry on filling up?

          No? Why? Surely that's the most sensible thing to do.

          It's a simply case of risk vs achievement. We do it hundreds of time without knowing, it's what makes us human and have the ability to develop.

          And we wonder why IT has such a f'ing bad rep of being full of nerds.

          1. adnim

            Re: @adnim You talk sense

            "Most and by most, I mean 99.99999999% of the world neither have the time, the skills nor the inclination to even do this, for them life kind of gets in the way of uber geekness"

            Read my post again. I think you will find this is paraphrasing what I actually said.... Most users are consumers and unless something on their system tells them they are about to install malware they will blindly trust whatever they download.

            For god sake please read and understand what people actually write before jumping in feet first.

            1. mark 63 Silver badge
              Trollface

              Re: @adnim You talk sense

              no adnim, I think "lost all faith" was pretty spot on.

              you made sense until when you mentioned the VM you see.

              I quote: "......and my AV states that it is clean, I will run the exe in a VM first ......"

              You run it in a VM even if its reported CLEAN???

              How many people even knmopw what a VM is for christs sake?

              never mind where to get one , how to set it up , how to set up the actual virtual machine ....

              AND THEN to tell if said exe has done any damage on the virtual machine???

              The example with the petrol station - I wouldnt have said "do you drive a few miles to make sure its ok?" a better analogy for nerdyness on that scale would be "Do you take a gallon home, and subject it to a range of experiments in you purpose build laboratory?"

          2. Pascal Monett Silver badge
            FAIL

            Re: "When you go to a resturaunt"

            No I don't because if I eat the food and get sick from it, then there will be a tidal wave of sanitary officials picking the place apart and maybe even shutting it down.

            Same for gas - I don't need to worry about the quality of the gas because if my engine dies within a mile from a station, there will be inspections and reports (after I file a complaint, of course) and the place will probably be shut down for the time it takes federal officials to discover what went wrong, how it happened and how to prevent it from happening again.

            You see, the very basic mistake you made in your comparisons is that you forget that the things you compare with getting a virus are things that have already been extensively examined and legislated, and the long arm of the law is on your side, with the means to back it up. It has nothing to do with "risk vs achievement" because other people have risked it before you came into this world and the society you live in has decided that such risks were not tolerable, period. Yes, I know that that means you have to realize that the world has had an existence before yours. Check out the History aisle, you'll find that it's not just cardboard boxes with words on it.

            Getting a virus, on the other hand, has no legal repercussions and there is absolutely no Bureau of Illegal Penetrations Office to file a complaint with - not that they'd have the police power to do anything about it either.

            So please, the next time you decide to go all high and mighty spluttering out scathing comparisons, please take a moment to examine whether or not they are applicable to the subject matter and not just something tailor-made for you to feel smug about.

      3. Zombie Womble

        In my early naive days I had the mother of all infections, I trusted a disk from a colleague at work, it re-wrote my bios. locking me out of my OS. Fortunately I was diligent enough to find how to flash it back.

        This taught me all I could ever need, I haven't been infected since.

      4. Alan W. Rateliff, II
        Paris Hilton

        Your metrics

        I'm interested in your claim that downloading and running executable file is how viruses get into home machines 99.9% of the time. I can counter that with 99.9% of the time the machines I clean are infected by browse-by installs, on both home and business machines and even in the hands of more seasoned individuals.

        I'm not talking about browsing those naughty websites, either -- those days are long past. I'm talking about simply going to a hobby website, pulling up an industry website, reading a recent report on some chemical topic, or even going to a news site. All of these scenarios have happened, and I have successfully cleaned all of them save one. Without having kept exact records of infections and vectors, I would say that of the viruses I have cleaned within the past twelve months not a single one was due to a customer-executed program but rather a Java, Flash, or Acrobat exploit executed in the context of the browser. Even, yes, within the confines of the almighty Chrome.

        NoScript, I hear some saying. Such blockers are not always feasible in a business environment for which numerous websites of affiliate government or government funded agencies have employed the latest whiz-bang developer who infuses the entire site with Java, JavaScript, or Flash. (In one case Silverlight, UGH!) Of course as developers and their contracts are often transient, these sites will languish with multitudes of vulnerabilities just waiting to be exploited to infect the unsuspecting user. Then there's the reliance upon certain web-mail sites, and so on.

        As for home users, in my own test bed I found that users eventually just disabled the blocking add-on, be it NoScript, Flashblock, or any of their brethren, because it made browsing annoying, difficult, or time consuming.

        While it might be absolutely possible to live a virus-free life without anti-virus on a personal machine, your claim that a properly managed network has no need for antivirus has two faults: first it denigrates the hard work and efforts of skilled network admins who administer unreliable or less knowledgeable users, users who vary in browsing needs and requirements including those forced upon them who are otherwise reliable and knowledgeable, or in multiple varied environments with some combination thereof; secondly it provides a false level of security faith and encourages bad behavior in freshly-minted administrators who think they know everything already, thereby putting an entire organization at risk, home users who aren't willing to admit there's something he or she doesn't know, and PHBs and CFOs who already don't like spending money and prefer to put out fires rather than prevent them. Having the canary in the coal mine doesn't obviate the need for protection apparatus; once the canary has squawked its last with its dying breath it is possibly far too late to be reactive, and pro-activeness and readiness is the order of the day. In no way does any of this invalidate anti-virus software which can be taken out by advanced attacks against the underlying operating system

        Free anti-virus products are indeed adequate for many users, but IMNSHO certainly not the majority. I have confidently put free anti-virus on some home customers (as most free products are not licensed for anything but non-commercial usage, save Security Essentials for up to 10 machines) computers with no bad results. Then there are others who absolutely need the paid versions for the extra protections and capabilities offered, either by way of their own habits or needs or those of the youngsters which have access. No, no one package is practically perfect in every way nor infallible, but then neither are condoms, "the pill," or the rhythm method as contraceptives. None the less, some protection is far better than no protection.

        Common sense (or any sense at all) in users also goes a long way. Almost all of my customers ring me if something just doesn't seem right, and that alone has saved several butts in the course of the past decade. A strange email, website not functioning the way it normally does, or other odd computer behavior all make for good flags which my users detect themselves. But the combination of sense and anti-virus has saved more as the software component works to prevent what the wetware can't, and the two work in tandem

        Now I have to call rubbish on this tidbit: "Web surfers who install Scan Plus are likely to have a problem with their computers that prompted them to use the technology in the first place - so they might be less well protected than the general population."

        I have to remove this from customer machines with fair frequency as it gets installed as click-through crapware with various software updates (in particular I'm looking at you, Oracle, though there are others.) If McAfee wants to perform mass-target surveying it should do so without installing some kind of click-through crapware and encouraging vendors to include such. For this I would agree with Lee on the user-executed installation vector.

        Paris, installation without protection may bring unwanted add-ons.

      5. Displacement Activity

        99.9%

        I've had one, in about 25 years. My ISDN was down, and I had to get some email from the ISP. I got out my laptop (Win2K, possibly), and connected it directly to a phone socket. Within literally 2 or 3 minutes I got an IM popup and the laptop was trashed.

        1. SYNTAX__ERROR
          Go

          Re: NoScript in corporate environments

          Once you set up the exceptions on your test machine, there are a number of options to easily roll this out to your estate as the settings are simply stored in a bookmark. No need to worry about users getting confused.

  2. Anonymous Coward
    WTF?

    Dear McAffee

    If it weren't for your (IMO lousy) pre-installed "Virus protection" which of course will only run for 3 months then many computer illiterates wouldn't start off with a feeling of security and then ignoring the possible warnings because: "Nah, my friend told me virus protection is free. I don't have to worry.".

    Because THAT is what happens in many of occasions. If virus companies /really/ - cared - for security they wouldn't be pushing free trial-licensed products which expire in a few months but they'd put free versions onto those new PC's and try to convince the new buyer why it would be a better idea to upgrade to a paid version (which, in all honesty, can sometimes provided advantages for the specific user IMO).

    Quite frankly; studies like these annoy me. Because the company which performed the study is IMO also largely responsible for the end result.

    1. Anonymous Coward
      Anonymous Coward

      Re: Dear McAffee

      Isn't that what Avira do, provide free anitvirus protection but with occasional nags.

      1. Anonymous Coward
        Anonymous Coward

        Re: Dear McAffee

        Daily nags, but yes.

      2. Anonymous Coward
        Anonymous Coward

        Re: Dear McAffee

        Just as good to use a continuously free AV with zero nags, such as MSE. Avira's nags are really tiresome. Avast gets the right balance, and superb all round protection for freee.

  3. Figgus
    Facepalm

    One in six Windows PCs worldwide are hooked up to the internet with no basic security software, according to a study by McAfee.

    An additional 1 in 6 is even worse off, relying on a McAfee product for protection.

    1. Rab Sssss
      Thumb Up

      beat me to it ;-)

    2. Paul Crawford Silver badge

      True words in jest...

      In a lot of cases you have a choice between a well-sucky machine running AV all of the time that gets hosed occasionally, or a responsive one without McAfee/Norton (or other better AV) that gets hosed a little more often but is cheaper.

      Which is better?

      Personally the bigger worry for me is the lack of back-ups, as its not just viruses (mostly for Windows) to corrupt things, but hardware failures and "user's gross administrative error" to be recovered from.

  4. Azzy

    Why does security software get turned off?

    Because it gets in the way!

    Firewalls block programs that people want to let through - and it's much easier to turn it off entirely than figure out how to selectively let things through.

    Antivirus programs occasionally periodically send out bogus updates that flag legit programs as viruses. When the bad definition is fixed, the anti-virus program does not undo the damage it did wrongfully quarantining a file, leaving the user to reinstall their software.

    The "background" system scans bog down the system such that the user can't get anything done while it's running.

    The free versions of commercial anti-malware software bug the user to upgrade (or stop working, demanding the user upgrade - what do you think the user is going to do? buy the paid version, or uninstall the annoying piece of software that keeps asking them to buy something?)

    When firewall and antivirus software get in the way of the use of the computer, people will disable them. It's not really reasonable to place all the blame with the user, when they have a task to accomplish using the computer, and security software interferes with it...

    On a somewhat different topic, it's also worth noting that not running a firewall on most home machines isn't as terrible a sin as one might think - because almost everyone nowadays has a router between their computer and the rest of the internet that refuses all incoming connections unless told otherwise....

    1. jason 7
      FAIL

      The ones to avoid are the full 'Security Suites'

      I've seen Norton totally lock down a whole network after it had a brain fart and 'untrusted' all the PCs with it installed on the network.

      A couple of other such Network apps have done that.

      Kaspersky just shouts at you all the time. "Explorer.exe. wants to run! Which arbitrary and totally made up security group do you want to run this in, you mere mortal untechnical user!"

      McAfee just bends over and pulls its cheeks apart at the slightest hint.

      I remember getting sales calls from a Bulldog rep. He kept sending me free versions of the suites to try on customers PCs and I'd get a cut of the renewal each year.

      I didn't use them. In the end I told him in all honesty that I actually made a living uninstalling AV/Security suites like his and installing the simpler free versions such as MSE. I must point out I don't charge for MSE just the cleaning off of the virus/trojans and failed paid for AV.

      1. Paul Crawford Silver badge

        Re: The ones to avoid are the full 'Security Suites'

        Good point jason 7 there, if you have to ask the user you have failed already, as most users know nothing, after all, they are not pro system administrators.

        As for firewalls, in the modern "IPv4 + NAT router in the home" world they count for little (but it is nice to know when something is calling home if you tend to tin-foil headgear as I do), and MS has been good at turning off some infrequently needed stuff in recent years.

        In the NAT-free would of IPv6 that may change...

  5. Adrian Midgley 1
    Thumb Down

    Given they are running WIndows, why

    would anyone be surprised by their next mistake?

    1. Captain Scarlet Silver badge
      Paris Hilton

      Re: Given they are running WIndows, why

      Because people make mistakes, like me having to work on MACOS9 machine at work and buying a PC with Windows ME (Yuk I need a shower).

      1. Anonymous Coward
        Anonymous Coward

        Re: Given they are running WIndows, why

        "why would anyone be surprised by their next mistake?"

        "Because people make mistakes"

        That's a reason why anyone would not be surprised.

  6. Anonymous Coward
    Anonymous Coward

    Dumbos

    From another (non-computer but technical) forum

    "I received my Pi last week (on my 60th birthday as it happens) but so far I am

    more than a little unimpressed considering the " it will make all Britain's kids whirlwind programmers" hype.

    There is no supplied documentation and the on-line stuff is very minimal for people like myself who are beginning to use Linux.

    Getting any of the Linux OS onto the thing is a convoluted process (I've opted for the Debian SQUEEZE OS) and it took me a couple of days before I found, after much online browsing that by typing "startx" after boot and two different lots of logins (why do that?) the Pi sprang into something like a normal desktop environment."

    So why aren't i surprised about the Windows survey?

    1. Anonymous C0ward
      Facepalm

      You get an upvote from me

      It's an uncased development board! Issues are being discovered even at this stage! It's meant to be hacked!

      I'm not a builder, but instead of waiting for "House Kit 1.0" to be released, I just went and got some bricks and some wood. How do I put them together?

      (For the record, my Pi arrived on Friday and it is tasty.)

  7. stucs201

    In part I blame the AV companies

    Microsoft have a reasonable free security package. It really should be installed as a default, then every system would have some protection unless it was explicitly uninstalled. Except then McAfeee and the rest would cry foul and complain about anticompetitive practices like the browser makers did.

    1. Andy Fletcher

      Re: In part I blame the AV companies

      Agreed, ironic that while it would be in the best interests of users, and by extension the internet at large to do it, corporations' interests would take priority. Most of the domestic machines I look at are full of the bad stuff because the user's 30 day McAfee trial has expired and they didn't want to pay, and didn't know they could get free tools.

    2. Boris the Cockroach Silver badge
      Flame

      Re: In part I blame the AV companies

      I dont.

      They are just exploiting the situation to earn themselves some cash

      (in a paranoid tinfoil hat mode, I'd quite easily believe most viruses come from the AV labs...)

      I blame microsoft and their 'lets tie the browser so deeply into the OS that any flaw in the browser f**ks your system over" idea, coupled with the lack of root and user permissions in files "Hey luser... no writing to /Sys " for example.

      And then dragging out and shooting any programmer who sticks 'must run as root' on their software installers so much so that regular users go "f**k it" I'll log in as root and leave it there.

      Perhaps a letter like this would work

      Dear m$, if your browser lets a rogue script link to a key system file then run an attatched data file, it means your software is shit and we dont want to use it.

      Yours typing Format C: -y AGAIN!

      1. Alan W. Rateliff, II
        Paris Hilton

        Re: In part I blame the AV companies

        The truth in this is shitty software vendors. Around 10 years ago Microsoft pushed out the requirements that software packages not be written in a way which require elevated privileges, then broke its own missive with Office 2003. Ever try to run Outlook 2003 for the first time as a non-admin user? But products like QuickBooks are just as bad, amongst others with which I've had to tangle over the years. It's virtually impossible to enforce a least-privileged-user scenario when the software requires local administrator access. FFS, I support a vet practice management software which does this, so users have to be local administrators on a terminal server just to run the program. Truly, truly aggravating.

        Paris, least privileged user.

    3. Arctic fox

      RE "Microsoft have a reasonable free security package."

      I agree, Defender/Essentials has a very low resource footprint in comparison to the shite that McAfee and the rest of the AV scareware industry punt out and it appears to be at least as effective as most of the paid for packages. I have to admit though that if it really is the case that one in six effectively take no interest in the security of their pc (how that security should be organised and whether an AV package contributes much is of course the subject of some debate) I am almost inclined to feel some sympathy for Microsoft on the issue. They at least appear to have learnt something since Gate's memo on the subject of computer security whereas something like 17% of customers (apparently) continue to rejoice in their own ignorance.

  8. Darryl

    McAfee Security Scan Plus

    Is that the 'free McAfee security scan' that is the latest crapware to get bundled with everything that you download and install?

    1. jason 7

      Re: McAfee Security Scan Plus

      Most machines I get in for cleaning have this 'useful' app installed.

      Probably just phones home user data all day.

    2. richard 7
      FAIL

      Re: McAfee Security Scan Plus

      McAfeee Security Scam Plus as installed by Adobe products

      Yes the same one

      The same one that Spots AVG/Avast/Bullguard/Esset and goes int o meltdown telling you the world is about to end and you MUST install a McAffee product to prevent global let down.

      The same one that acasionally installs their bastard toolbar/scanner app

      So what we have here is in fact....

      We think one in 6 PCs isnt running our software so you should install it (so we can then delete system files whenever we feel like it and brick your PC/ Disable GINA)

      No News here:

      A) This info was gathered by nefarious means without most users permission

      B) The software in question picks and chooses what it accepts as valid AV eg <>McAfee means no AV

      C) In the real world out of just under 1000 machines through our door I've seen maybe ten with no AV

  9. pcsupport

    Quote: "The Windows-only software checks the user's computer for threats, antivirus software and firewall protection"

    Should the continuation of the sentence be "and then offers to install antivirus software which you will then end up having to pay for"?

    The perfect definition of scareware if ever I've seen one :)

  10. Tom 35
    Holmes

    study by McAfee

    Finds more people should buy their stuff.

    1. Anonymous Coward
      Anonymous Coward

      Re: study by McAfee

      And everyone points that out. Again. And again. And every time it happens. Bit sad watching a bunch of standups parroting the warmup ...

  11. eJ2095

    2 be fair

    Not run antivirus properley over 20 years of computing,

    Most of it is common sense to be fair when it comes to dodgy excutables etc.

    Buy all too many times i clean a machine that had has the annoying bug ridden norton or Mcaffe on there

    1. Anonymous Coward
      Anonymous Coward

      Re: 2 be fair

      Spelling not important for you is it?

      1. Pascal Monett Silver badge

        or punctuation marks

  12. Wile E. Veteran
    Trollface

    Better questions:

    * Why isn't every network modem (cable, DSL or whatever) equipped with a built-in firewall with reasonable defaults for the technically clueless (might be a genius in some other area) but changeable for the techie expert?

    * Why doesn't every PC come with an SoC firewall/filter between the network connector and the main system?

    * Why don't ISPs include filtering in their own routers between "the internet" and the local addresses?

    * Why isn't the OS on the PC more immune against malware?

    Oh, wait. We're talking about steps that might add a few dollars to the price of a PC or network service, prevent the "sponsor's" spyware from feeding back behavioral-tracking information and might require the dominant software supplier to put security high in the requirements list as they develop the "next" OS version.

  13. Sixth
    FAIL

    What a Crappy Article

    Typical NOISE from MCAFEE IDIOTS. So let me get this straight, your product prevented the spread of malware like FLAME?! I dont think so!! But yet you say every Windows user needs AV? Your crappy spying Antivirus software using 120MB (! or more!) of ram just to actively scan every single file I open and report back on a daily basis new type of heuristics that are supposed to be ANONYMOUS!? Get the F$%$ out of here. Stupid AV companies.....CONTINUING to due what they do BEST. Make money off media attention (i hope you hear me Symantec! You rich dirtbags!!)

    Rant over. I never had AV installed, only way I got infected is my own fault.

    1. Anonymous Coward
      Anonymous Coward

      Re: What a Crappy Article

      Yeah, YOU fools. Your PRODUCT didn't prevent one particular AND highly sophisticated example OF malware, therefore AV IS (! clearly!) useless IN all cases?!!

      Just like crash helmets are pointless for motorcyclists because some motorcyclists wearing helmets are still injured or killed in horrific crashes, and locks are pointless for doors because... blah... etc... etc...

      PS Just because The Register has decided to capitalise some words at random doesn't mean you need to follow suit.

      1. Lee Dowling Silver badge

        Re: What a Crappy Article

        Actually, whenever I do come across a virus infection on someone else's PC, the first thing I do is upload it to VirusTotal. It's quite hilarious how many big-name AV scanners totally fail to detect things you can upload from your granny's PC, and even fewer can actually do anything to FIX them without the user having to do it themselves.

        AV is, basically, a waste of time when it comes to preventing or cleaning viral infections. Simple as that. Your one might work against the thing you caught this time but I guarantee you that it missed other things just as prevalent and well-known. Do it as an experiment next time you get something in your email that wants you to open it or whatever. Download the file (in a fecking mail client that doesn't execute by default!), upload it to VirusTotal, see what sees it and what doesn't. Be amazed that almost anything (even if it's from your mail archives from years ago) will be missed by at least one and probably several scanners even today, and that "new" things may not flag on ANY scanner whatsoever.

        A random one I just tried that arrived in my email claiming to be from DHL with a zip attachment that contained a single exe file was only spotted by 75% of scanners they run. Strangely, an identical email with a slightly different attachment (but even the same zip and executable name) that arrived seconds after scored differently!

  14. Kinjuru

    Anti-Virus/Malware, there's a difference?

    If the actions of the Security software, adware and malware are virtually indistinguishable to the point of view of the casual user i.e; pop-ups nag screens, system hangs and unresponsive programs. What precisely is the point?

  15. Cpt Blue Bear

    Slow news day?

    Once more El Reg presents a press release as news. Yes, I know this is SOP for journalists these days, but if El Reg report it., I expect them to ridicule it for what it is.

  16. This post has been deleted by its author

  17. Anonymous Coward
    Anonymous Coward

    Antiviruses are for dumb users and clueless corporate IT droids

  18. This post has been deleted by its author

    1. Crazy Operations Guy
      Go

      Re: Microsoft give it away

      They do, if you don't have AV on your system for a certain number of days Windows Update will offer it up. Unfortunately expired copies of commercial antivirus count as AV (if they did install on such systems it'd be considered anticompetitive)

      If they did it by default, then they'd get in trouble with the EC again for 'Bundling' the antivirus.

  19. Jared Vanderbilt

    98% of users are "dumb" and 99.95% of corporate clones are "clueless", therefore ....

    antivirus is a necessary evil.

    Me - when I visit the dark side I pop my SATA cables and swing from a non-persistent Ubuntu live key with a second key for storage.

  20. Crazy Operations Guy
    FAIL

    I don't give a shit about *their* data

    What concerns me is all the zombie machines out there pounding away at my public facing servers. I've talked to so many people that were always telling me "I don't have any information on my computer a hacker would want, so why shoul I protect/clean up my computer?".

    Sometimes I think I should just set their machine up as an open proxy and let nature take its course (by mature I mean the Feds)

  21. Arnie

    Adobe mcaffee

    what I don't expect is adobe to have an opt out only option to install some cut down macafee on their reader download page. I've lost count of the number of times I've removed this pos

    1. Anonymous Coward
      Anonymous Coward

      Re: Adobe mcaffee

      If you read more carefully and OPT OUT you won't need to uninstall the garbage because it won't be installed.

      R E A D

  22. Neal 5

    and it ain't gonna get any better

    yep 1 in 6, I'd say this is pretty good considering the number of children using comps at home who don't have the first clue about security.

    When I was 12 I didn't have the first idea about a condom, I blame my parents for this. I guess the blind leading the blind.

    Ain't no way some redneck fascict inbred is gonna have any clue about conp security, I guess that's why they all work for (insert company here).

  23. Anonymous Coward
    Anonymous Coward

    Ah, but..

    "Web surfers who install Scan Plus are likely to have a problem with their computers that prompted them to use the technology in the first place - so they might be less well protected than the general population"

    Also, if they're already infected then there's a high chance that the infection itself has turned off the firewall and anti-virus.

  24. redniels
    Mushroom

    "if security software is important, why isn't everyone running it?"

    I'll tell you why:

    because the so called cure is far worse than the disease, that's why!

    I've seen hunderds maybe thousands of pc's (and worse: servers) dead in the water because of buggy AV software. I've seen tens of PC's dead in the water because of Virusses/etc. which one is worse? do the math..

    every GD AV suite gets its dirty pawns at places where they shouldn't be: in my tcp/ip stack, in my kernel, etc. PC's slow down to a crawl, Disk IO goes through the roof.. It's just a f-ing nightmare these days with AV software. and best of all: most AV processes are hidden so your pc is slow as hell but no way to find out why...

    (excluding rootkit revealers but try to explain that over the phone to your mum of 68)

    buggy soddy AV software is the main reason people are so fed up with windoze. (my new mac is so much faster.. yeah right, up to the point that the norton Anti vir toolkit is installed)

    No. never again. I've a server which scans everything 2 times a day, and everything which comes in, my mail is routed through 3 different providers with 3 different av solutions, (provider forwards to hotmail forwards to gmail which i read.) I've a real dedicated firewall with real logging (no software shit on my pc's ) on top of that: not logging in with root/admin rights and enabling (not disabling) UAC goes a very long way... the best AV solution? RUN ONLY LEGAL SOFTWARE. and be very skeptical about "free" software. nothing is free in life.. wel ok , the air you breath but these days even that is most likely taxed one way or another.

    AV firms? nuke them all from orbit, they are killing the PC, and now Android and Mac as well.

    in case you didn't got it: This (AV software) is my biggest irritation in IT. they. all. stink.

  25. Barry Tabrah

    No AV but...

    I bet every one of them has at least one, possibly four, registry boosters installed. And Google toolbar. And Google Chrome, even though they don't use it.

    Actually they probably still have McAfee 30 day trial installed from when they bought the computer.

  26. Anonymous Coward
    Anonymous Coward

    I've taken McAfee off all my boxes.

    Replaced them all with Microsoft security essentials.

    The speed increase is ridiculous. What is McAfee actually doing?

    1. Pascal Monett Silver badge
      Trollface

      Re: "What is McAfee actually doing"

      Well McAfee might actually have been doing something.

      Wrongly, with great prejudice and impact on performance, but something.

  27. chris lively
    FAIL

    Wrong emphasis in the story

    The emphasis in the story is wrong.

    The story should be: 83% of people with an antivirus tool felt the need to use mcafees online virus scanner.

    Notice the difference there? When looked at this way it implies locally installed virus scanners are crap: which most of us here know.

  28. Dan Paul
    Pirate

    Worst viruses are the AV Suites, Norton/Symantec, McAfee, Etc.

    I have used a Windows PC since DOS was introduced and the worst computer problems I have ever experienced have come from the updates of Anti-Virus programs.

    Norton (specifically Live Update) completely screwed up my PC several times, tried McAfee which was worse, went to AVG Free which was good for several years until it became a bloated clone of Norton Security Suite and a borked update screwed up windows system files.

    Now I run Avast Free and ZoneAlarm Free at home (Also running MSE) and I cannot be happier even though Avast and ZA have occasionally caused glitches (nothing serious). Add MalwareBytes and Spybot S&D and I have no issues with viruses, only the occasional attempted malware driveby but usually caught and always able to be fixed. You would be surprised what using CCleaner after every lengthy browsing session, does to prevent auto installs that ocurr when you start your machine.

    At work, I have to suffer with Trend Micro Security Agent which like any so called "Security Suite" is a complete resource hog that should not be allowed anywhere. Invasive, pig of a program!

  29. Framitz
    FAIL

    Of course it is bogus

    I installed McAfee Security Scan Plus on a known clean and protected system.

    It is obviously designed to sucker people into purchasing if they need it or not.

    It showed a completely clean system and STILL tried to sell their product.

    As almost always, this survey is utter bullshiat. (just as most of us already knew, but I like to prove assumptions).

  30. cortland
    Paris Hilton

    Where's the naked jaybirds?

    I've never SEEN naked jaybirds... they wear blue feather suits. Sort of like lawyers, but not as menacing. Or politicians, anyway; they make as much sense.

    Paris, because it's about naked birds.

This topic is closed for new posts.

Other stories you might like