Top vendors flunk Vista anti-virus tests

Norton

"in many cases seeing the whole machine shutting down"

That'll be Norton then.

VB100 standard?

I always thought the VB100 standard was a program longer than 100 lines written in VB that would compile.

Can't read the full article

Even if you register, they want 175 Quid to be able to read the full report.

Sad...

...to see ESET slipping down the rankings. At one time I wouldn't have hesitated to recommend their products. Now it's in the same class as One Care (that *has* to be pronounced in a French accent for best effect).

On a brighter note, Avira's detection engine just gets better and better. Now we just need them to bring out a product which doesn't expire and I may just start recommending their paid-for versions to people. This restricted subscription business model really needs to stop, especially for home users who are usually totally ignorant as to the status of any security software on their systems.

Come on, guys, realise that it's this subscription model that almost forces home users to use free versions that loses you sales. Sure, subscription-based licensing for business class AV, but let's stop leaving the n00bs, granny and the kids' machine under the stairs, connected directly to the Internet via a Voyager 105 and no firewall high and dry every year, since these are what end up being the spam-spewing zombies.

<rant>

Yeah, yeah, Loonix doesn't need anti-virus (got a mail server or Samba and Windows clients? Trust me, it does, otherwise you're a part of the problem), anti-virus is an unnecessary resource hog (so is reinstalling, even from an image or RIS and $DEITY help you if the malware exploits a CIFS - or anything else - hole on your local network), you're smarter than the n00bs and don't need AV (of course you don't until you realise that the software package you rolled out to 200+ machines is full of worms). Heard it all before and seen the results of this type of asshattery.

</rant>

Definition based detection

So it's long been known that definition based detection is no longer a viable security tool.

With several thousand viruses released every day, how could you possibly hope to pool a reliable sample?

The main AV companies need to move over to behaviour monitoring as a main with definition detection only as a fall back.

Symantec bought out PC Tools if memory serves, so maybe we will see the power of ThreatFire in later releases?

Paris, because you'd never get an infection with her...

Where's the leader?

I'm shocked Antivirus 2009 isn't listed. Must be sitting it out like Trend Micro.

Lurvely

"in many cases seeing the whole machine shutting down"

That would be McAfee VirusScan running on a 64-bit Vista box then. I made the fatal mistake of installing it (it was free from the bank, I was weak!) and it immediately caused issues and then a blue screen on every start-up. Found out it was some patching service over the network driver. Disabled it. After, still get a BSOD on the first startup. 3 hard resets later and Vista would boot-up. Completely removed McAfee AND used their removal tool - still getting BSODs. Finally MS's SP2 actually fixed the BSOD issue just as I was about to re-install the machine.

Back to AVG free now, lesson learned. Still think I should re-install Vista though.

Most of this stuff is pure scareware.

I get a lot of customers asking me to remove these full internet AV suites from Norton and Kaspersky. They just scare the bejeezus out of joe average user and tie their PCs down to nothing more than warning popup machines. Get rid of them and the machine feels like you've doubled the CPU and ram.

I love the ones too that wont actually allow you to uninstall it unless you download another tool from their website (Norton).

Unless folks are looking for porn they only need a basic AV program that sits quietly in the background.

Still they keep me in jobs...

@Dave 129 and EJ

I would if I were you :) Been happily running Vista 64 for 2.5 years now without AV and loving it....and no I havent gotten a virus.

EJ:

That because its too busy finding infected files on your system and telling you that you need to pay for it :)

What?

Someone failed to secure Fista? But the told me it *was* secure!

Avast!

I'm somewhat disappointed that Avast didn't opt to be in the trials.

Not really new news...

We all know that Windows boxes get more malware/virus attacks/variants, we also all know the reasons why.

But Linux users shouldn't sit too comfy, as their market slowly grows so will the attacks -- just look at Apple of late. A large percentage of the holes are in third-party code/apps, and no OS is 100% safe from this.

MS just needs to educate their end-users into not using an administrator level account for everyday and interweb surfing use.

Personally I don't run AV/AS on most of my systems, Linux or Windows, simply because I don't allow surfing the net or email retrieval on them, and I've never had a problem in decades with my so-called unprotected computers. Most AV is too expensive and their [false sense of] "security" is always "too late" since their def updates are always way behind the threat releases.

I've met a few folks that dont run AV...

....because they state they dont need to due to their expert IT experience and their machines are squeaky clean blah blah.

I've then challenged a few to run their HDDs through a AV scan.

Oh look...34 trojans.......etc.etc.

@jason 7 -- FAIL

If a PC is configured and then closed to any additional software installs, and is never used for Internet access, then how is it going to get trojans? They magically get passed through the air like the flu?

You don't know what you are talking about.

For one example I have an HTPC sitting in my living room that does nothing but play TV and movies, and a closed development computer that only has three high-end applications installed and is never used for anything else.

Tell me how those will get viruses?

I'm confident enough to wager you a $million bucks on your challenge.

If you want to put your money where your mouth is, I'll send you my address so you know where to send the cheque...

@deegee

You know and I know that just being near an internet means that hackers can WirelessFi into your computer's hard drive and risk smashing its windows.

It's absolutely nothing to do with the user going to disreputable sites and being curious about these emails he keeps receiving about breast augmentation. It's all about the hackers implanting trojan virusses and flash Javas on your system.

@James O'Brien -logic?

"James O'Brien Posted Thursday 6th August 2009 21:40 GMT

I would if I were you :) Been happily running Vista 64 for 2.5 years now without AV and loving it....and no I havent gotten a virus."

Errm, if you haven't used any form of AV how do you know you've never gotten a virus? to the best of my knowledge they don't pop up and tell you they have arrived.

I do appreciate where you're comming from in that I dont doubt many of the bloody things trigger false postives etc but unless you've never connected it to any form of network and never inserted any usb/cd into it i'd probably want to do a scan once in a while, probably with that free version of avira that appears to have kicked the big boys to the curb. I never heard of them before, might check 'em out.

Just to check, Virus Bulletin isn't linked in any shape or form to any AV vendor right? totally independent and verified so?