Microsoft Security Essentials Loses AV-Test Certificate 185
helix2301 writes "Every two months, AV-Test takes a look at popular antivirus software and security suites and tests them in several ways. In their latest test which was performed on Windows 7 during September and October, Microsoft Security Essentials didn't pass the test to achieve certification. Although that may not sound that impressive, Microsoft's program was the only one which didn't receive AV-Test's certificate. For comparison, the other free antivirus software, including Avast, AVG and Panda Cloud did."
No wonder it's so fast! (Score:3, Funny)
NOP
Comment removed (Score:5, Informative)
Re:Defective product. (Score:4, Informative)
Re: (Score:3, Interesting)
There was a scandal last year when OBL was killed and hackers found a way to infect your system just by doing a search OBL dead pics. You did not even have to click on anything. THe code ran through Google redirected through clever javascript hacks. So if your daughter does a search for puppy pictures she is instantly infected!
I am surprised it was mentioned only midly on slashdot as it took a few weeks to fix this and infected tens to hundreds of millions of pcs.
Re:Defective product. (Score:4, Insightful)
I hadn't heard of that, and when I looked into it, the truth appeared to be different from what you claimed. It looks like you had to click on the picture, and then click to download and then install the malware. One of the sites had malware pretending to be a VLC update, the others were peddling fake anti-virus software.
Then again considering the source... Bill Gates lying about Google? Why am I not surprised?
Re:Defective product. (Score:4, Informative)
Then again considering the source... Bill Gates lying about Google? Why am I not surprised?
There is just an outside chance that the slashdot user "Billly Gates" isn't, in fact, the multi-billionaire former CEO of Microsoft.
Re: (Score:3, Insightful)
It is refreshing to have a mature comment/conversation about surfing internet porn. Shame I have no mod points right now ;).
P2P torrent/ed2k porn is pretty safe to if you stick to avis/mpegs or other non-code-executable video files.
I used AVG2012 as well until the license died, then switched to Avast on my XP box, but left the Win7 box & laptops on MSE/Win7 F/W *shudder*.
Ok, it's not that bad, but I would really like a decent FREE AV/FW product that doesn't require a whole lotta attention, IYKWIM. AVG w
Re: (Score:3)
Re: (Score:2)
I read an older post of yours last year and switched to AVAST as a result of frustrations with MSE. I never went back. I never tried Comodo though as I am more familiar with AVAST at this point and I love the gaming mode. I highly recommend AVAST.
Also did you know Comodo secure DNS service is free and you can google it to get the DNS IP addresses? That blocks malware right there even if you use another AV product. I still use www.livejournal.com which is owned by a shadowy marketing company that occasionall
Re: (Score:2)
FYI be careful with Avast free as an update blue-screened a Win8 laptop I was working on a while ago. It is a known problem now, but I would assume that MSE would be a bit more stable, if only because they *should* know the OS better.
However, if an AV can bring the OS to its knees something is wrong.
Re:Defective product. (Score:4, Funny)
However, if an AV can bring the OS to its knees something is wrong.
You have obviously never installed mcaffee before
Re: (Score:3)
Re: (Score:2)
Sounds like you should be looking for a better browser rather than a virus scanner. How exactly are these sites infecting you?
Re: (Score:3)
Re: (Score:2)
It regularly detects my mouse driver as malware and disables it. I have to unplug the mouse and move USB ports before I can use the mouse again.
Which part of "Microsoft Product" did I not understand?
Sigh...
Regularly? Definition of a slow learner.
Now for the rest of them... (Score:5, Interesting)
Re:Now for the rest of them... (Score:5, Informative)
What is strange is MSE is the only one of those products listed I have ever seen effectively block any malware.
Re:Now for the rest of them... (Score:5, Insightful)
Last time I saw a test like this it was from a Symantec paid shill. Don't expect this to be any different.
Probably Microsoft doesn't pay AV-Test
Re:Now for the rest of them... (Score:4, Informative)
The fact that they rated Sophos so highly, when it opens up a huge exciting new attack surface for you [slashdot.org] sort of suggests this "certification" is fairly pointless.
Re:Now for the rest of them... (Score:5, Interesting)
I know, it's anonymous coward and all...but I had an interesting issue along this vein...
Two weeks ago, a client called us saying she got some FBI scareware that also tapped into her webcam. I went to investigate. No FBI scareware when I tried it, but I did see security essentials find stuff, and take some time to remove each item...during which it invariably found more.
So, I tried the usual tools - Fixboot/Fixmbr, Combofix, TDSSKiller, ADWMBR, Malwarebytes, and my trusty ESET NOD32 recovery disc. None of that seemed to stop it. So I tried a repair XP install. I learned that the 'repair' install doesn't do nearly as much as I'd like it to, but whatevs, it was gone. ESET said it was clean, TDSSKiller said it was clean, Combofix said it was clean, and MBAM said it was clean. Security Essentials wouldn't shut up.
I googled a bit and found out that this client had caught one of the strains from the xpaj family. It does EVERYTHING - MBR rewrite, device driver, etc. Seriously among the nastiest virus infections I've ever come across. Further googling revealed that Kaspersky had an explicitly dedicated removal tool just for xpaj. it took about half an hour to run, and found literally thousands of files infected with it. It must have been file headers or something because they were all ultimately cleaned...but this thing fooled EVERYONE but Security Essentials.
Now granted MSE didn't completely take care of the issue, and clearly it also didn't stop it from running amuck...but it did find something nothing else I tried did...so I'm not thoroughly convinced that writing it off wholesale isn't entirely warranted either.
Re:Now for the rest of them... (Score:4, Informative)
If it's a bad trojan/virus, MSE works quite well in getting rid of it. Keep in mind that MSE is basically Windows Defender on Steroids so it works quite well for some things.
I've been using it on a Win7-64 install for the last 2 years and it's been pretty damn decent as it simply stays out of the way. If I'm going to visit an dogdy place online, I'll use Palemoon (based on firefox) with noscript. Pretty effective in blocking crap I don't want while allowing me to at least get an idea if I want to finish loading a site.
Re: (Score:2)
How do you know beforehand that you're visiting a dodgy site? Keeping in mind that it is frequently the ads that serve the malware, and you never know where the ads are going to come from (this assuming you don't have ABP).
And if you know beforehand a site is dodgy, why would you want to visit it to begin with?
Re: (Score:2)
Key of your story: use as many AV tools as you can find, the more you use the more chance at least one of them will find out something is wrong with your system.
Just curious: you said you found a removal tool from Kaspersky. Didn't their scanner find the specific malware?
Re: (Score:3)
Key of your story: use as many AV tools as you can find
Do NOT install more than one at a time. If you have two AV programs running at the same time, they'll fight, each thinking the other is a virus. One guy I know thought putting both McAfee and Norton on his computer would keep him safe, he came to me thinking he had a virus because it was so slow. All I had to do to fix it was uninstall both AVs and install FreeAVG and it was good as new. He was especially happy that he no longer had to pay for virus def
Re: (Score:2)
And MSE doesnt bog down your system. MSE is a fine program.
Re: (Score:2)
What is strange is MSE is the only one of those products listed I have ever seen effectively block any malware.
and for me, also not be worse installing it than actually getting a virus.
Re: (Score:2)
Re: (Score:2)
I've not been infected in years, with no realtime anti-virus, and that's by following a few simple ground rules.
1. Do not run junk software from unknown sources. If you must, then run an AV scan manually to
Wow (Score:2, Informative)
People rely on AVs against 0-day threats?
Not really (Score:4, Insightful)
This isn't a very worthwhile mass market test. 0-day detection is an interesting stat, and not worthless, as is proactive testing (AV Comparitives does that, takes a 6 month old AV scanner and sees how it does against current threats) but it isn't really a concern for most people. Computer viruses spread, well, like viruses. Not a lot of people get exposed on day 0. So as long as your virus scanner is updated reasonably frequently, it does a reasonably good job with threats you are actually likely to face.
Zero Day Whoop de Do (Score:4, Insightful)
Re: (Score:2)
I'll be keeping MSE installed. I've found many of the free AV programs to be cumbersome and slow, and quite frankly annoying about 'protecting my system' and 'staying updated'. Stay out of shady places and avoid file sharing except when necessary and it won't be a problem. Kind of like not raw dogging dirty hookers freely, common sense behavior if you don't want to catch the Cannasyphiliaids virus.
Kaspersky has saved me from three drive-by downloads, and two of them were from legitimate charity sites which didn't have decent security in place. So much for file sharing, dodgy places and dirty hookers.
Nowhere on the web can be considered completely safe
Re: (Score:3)
I credit my firewall, noscript, flashblock, MSE, SpyBot S&D, the HOSTS file from mvps.org, and my own common sense to keep my system protected from virii, trojans, and drive-by downloads. The worst I've ever had to clean up on my own system were a couple tracking cookies.
I believe I have far greater odds of having a tire blow-out on the highway than a virus on my computer, yet I don't spend 30 minutes every morning inspecting my tires.
Missing Piece from Test (Score:5, Insightful)
The main reason I use MSE is that it does an adequate job and unlike every one of the competitors free or otherwise, installing it isn't worse than getting infected with Malware. Last time I used either AVG or Avast it was like infecting my PC on purpose. I'll pass up some protection against zero days(which is spotty at best anyway) in exchange for not installing crap.
Re: (Score:2)
The main reason I use MSE is that it does an adequate job and unlike every one of the competitors free or otherwise, installing it isn't worse than getting infected with Malware. Last time I used either AVG or Avast it was like infecting my PC on purpose. I'll pass up some protection against zero days(which is spotty at best anyway) in exchange for not installing crap.
agreed, although my reason for using MSE is that it never finds anything and never bugs me with stupid popups telling me how it found a super deadly trojan , about once every few days, reminding me of its absolute importance.
Re: (Score:2)
it never finds anything
Hmm...
Re: (Score:2)
Indeed. Most systems that come in here with N360, McAfee, even AVG now (try removing that sucker, it's really persistent unless everything is perfect!) are a mess in terms of performance and hijacking the browser search fields and forcibly reinstating excessive services and apps in the startup.
Clear it all away and install MSE, sure the client possibly will get infected in the future but I've found regardless of what they have had installed they invariably get infected, may as well go with the AV system th
Quite true (Score:2)
MSE is really and truly free. Or, perhaps more accurately the cost of it is included with a license of Windows. They don't want any more money for it, they don't try to upsell you, it does its job and that's that.
The others? They want you to buy the full version, so they have various ways of pestering you, some quite annoying. Heck AVG got to the point where even the paid version was highly annoying (I used to buy AVG, I buy ESET Smart Security now).
As such MSE is really the only free AV I recommend because
Usability: Vipre? (Score:4, Insightful)
We have a number of PCs from a one manufacturer on which Vipre cannot update itself. This has happened with more than one release. It is necessary to not only uninstall, but do a clean-up after uninstalling and then re-install the new version. After doing this on one machine, and then having a later release also fail to install, I won't bother with Vipre again.
On that basis, Vipre should lose points for usability.
Oh, and it also asks unprivileged (non-administrator) users to run the update. What's the point in that?
Re: (Score:2)
That would be because GFI bought them out, added useless code ("it's been GFIed") and got all metro-sexual with the interface.
I'll be looking for a different AV vendor come renewal time...
Re: (Score:2)
My company uses Vipre. But it regularly (every day or two) locked up my computer so tightly that I had to do a hard power-off to regain use of my computer. The same behavior was experienced by several other developers. Vipre support didn't have a clue what was going on. Finally, the company relented and let us (just our department) switch to MSIE. There is no way, in my book, that Vipre gets a higher score than MSIE!
Re: (Score:2)
Adblockers are more effective. (Score:3, Informative)
Adblock/Noscript+Common Sense (Score:2)
Re: (Score:3)
I found common sense isn't very common.
Re: (Score:2)
According to the same site, MSE also misses lots of samples, which I've experienced myself as well: http://www.av-comparatives.org/images/docs/avc_fdt_201209_en.pdf [av-comparatives.org]
Re: (Score:2)
Replying to myself, that's actually even the exact same PDF, and only now I notice that OP has a high UID and only one comment.
Also note that the AV comparatives uses the following scoring system:
They rate Security Essentials with Standard (together with AVG and PC Tools), whereas
ALL score Advanced +, 3 stars.
AV-Test is a Joke. (Score:2, Insightful)
Anyone who knows anything about the internals of an antivirus research team know what a Joke AV-Test is.
the tests for years have been based on static collections of huge buckets of gathered samples.
The guys running the test have no actual malware analysis experience themselves .. its just a game all the big vendors are playing .. and really some of the the ones that seem to squeeze into top spot among the bigger players are small / tiny products that have no where near the same capabilities as the more matu
Re: (Score:2)
Grading curve? (Score:2)
I dunno (Score:3)
I dunno about this article. I've used just about everything out there... I used Kaspersky for a very long time, and in my opinion was the best for a long while. I very rarely got an infection. But when I switched to MS Security Essentials I was DONE with virus. I haven't had a single computer in my house (and I have 5) get infected since I started using it. And just so you know I'm not a Microsoft shill, fuck Microsoft, they suck, I pirate their god damned OS... fuck em. Anyways, Security essentials works great. I rutinely still scan with other AV if I'm having any sort of issue just to be sure, but nothing. I really think it comes down to useability. It just works well and integrates with windows well.
The article talks alot about 0-day exploits and such... but really, how many of us are going to get hit with one of those? I mean yes, I'd rather be protected, but at the expense of some of the draconian tactics some other packages lock your computer up in? Install Bit Deffender and then try installing some open source, macroing utility or something and the damned thing goes nuts.
Re: (Score:2)
Your anecdotal experience isn't helpful at all.
A company I recently worked for has hundreds of Windows PCs, and happened to use Microsoft's protection exclusively... the verdict of those there longer than me, was that it does well on extremely esoteric exploits, but completely misses swathes of common viruses. In my opinion, it's a steaming pile of worthless.
It was an interesting experience though, because I happened to be there when an obvious bit of malware was spreading unchecked through the network.
Re: (Score:2)
you're right - and the best bit is you don't need to even like MS to like this product as it was purchased by MS (who could choose the best). It used to be Forefront (by Sybari) and it was "teh win" of AV products, and had a pricetag to match.
so, yes, I run it and I'm happy to do so - it ain't no shitty crap a Microsoft development team put together, it was developed by professionals :)
NoScript (Score:2)
Lemme Guess, Only Win8 will be certified. (Score:2)
Oh no that could never be, could it?
Idiotically ineffective rating system (Score:5, Informative)
Re: (Score:2)
I just uninstalled Symantec Endpoint Protection from my work laptop because it was so slow I was hardly able to get things done. Soluto informed me that the Symantec software was the likely culprit. I uninstalled it and things have sped up considerably. I know I won't get in trouble because our company's not that serious about security. I was going to reinstall MSE again, but now I'm reconsidering...
Its Free, And it has no spyware or paid upgrades (Score:3)
MS Sec. Ess. fails to detect 2009 era trojans... (Score:2)
I've had a few customers with trojans, from like 2009 and MS Sec. Essentials doesn't detect them with a quick scan. Only after a full scan did it see them.
These machines always had MSE running and up to date.
It's unfortunate that so many software companies write software such that it requires admin access or we could avoid so much of these infections.
Re: (Score:2)
I've had a few customers with trojans, from like 2009 and MS Sec. Essentials doesn't detect them with a quick scan. Only after a full scan did it see them.
These machines always had MSE running and up to date.
It's unfortunate that so many software companies write software such that it requires admin access or we could avoid so much of these infections.
Sounds like you need better software. I can't remember the last time I ran anything that needed admin rights, with the single exception of Visual Studio when I was doing something that required escalated privileges (loading drivers, etc).
Re:This is a surprise? (Score:4, Interesting)
"Trust"? I don't know about that. But I at least thought it would satisfy the minimal needs I have for such a product. I'd been using AVG for years under XP - maybe I'll install that again.
Re: (Score:3, Interesting)
Try Avast? It is much lighter and is free with registration. I like the gaming mode where it shuts up and doesn't bug and that is a plus. I quit using MSe over a year ago after it showed dissapointing results.
Re: (Score:2)
The only problem with Avast is that you have to re-register every year. Minor, I know, but a pain nonetheless.
Re: (Score:2)
The only problem with Avast is that you have to re-register every year. Minor, I know, but a pain nonetheless.
the bonus with avast's system is that it doesn't actually make you PROVE that the email address is YOURS (code/link sent via email), it only asks for an email address and that's where it stops, so i've taken the habit of using @avast.com email addresses.
The first thing i used was postmaster@avast ( :D ) but when it started to complain that it's already used i switched to _current timestamp-YYYYMMDDHHMM_@avast, works like a charm
Re: (Score:2)
Re:This is a surprise? (Score:5, Interesting)
Re:This is a surprise? (Score:4, Insightful)
Re: (Score:2)
AVAST has blocked 2 pieces of malware for me over the years. It stopped it cold before it could be installed or ran. Good ones that are modern do a great job with high success rates.
Re: (Score:2)
Yup, I installed Avast when it was able to remove some malware that Norton did not even detect even after being updated.
Re: (Score:3)
how certain are you that it wasn't a false positive?
Re: (Score:2)
This is an idiotic statement. The primary purpose of running AV software in a business setting is to make sure that your users can't fuck your network with zero effort. AV makes them put a bit of effort in before it will fuck your network.
Re: (Score:2)
This part at least is true. I think many of us who have dealt with virus cleanup have seen cases where the installed AV simply didn't catch something.
We stopped setting up firewalls that only block known attacks years ago; today we configure them to block everything and only allow known good traffic. Yet we're effectively doing just that with antivirus - blocking known attacks. It's an absurd idea - there's maybe a dozen pieces of software we know we do want; that list expands slowly, we know when it will e
Re:This is a surprise? (Score:5, Insightful)
AV software is developed by humans trying to stop other humans, a much much more intractable problem, especially when the Virus developers always have the first move. The Virus developers can trivially test their software against the AV, with almost no effort. The AV developers have to expend tremendous effort to even try to catalog the threats, let alone combat them.
Most likely the very fact that Security Essentials is faring so badly, is due to the fact that the Virus writers are being especially sure to find ways around it before launching new malware.
Re: (Score:2, Interesting)
Seriously, does anyone actually trust Security Essentials? I'd rather have any of those other free AV products mentioned.
(shades of MSAV here)
Haven't you seen the comments here on slashdot? MSE IS THE BEST?! Only MSE works ... I have been using Windows for 5 years and with MSE I am AV free etc.
I have never seen it promoted as much all over the web as the best more secure AV product. Clearly it is not. It is one one of the lighter ones though compared to older versions of Norton and McCrappy.
Re: (Score:2)
> It is one one of the lighter ones though compared to older versions of Norton and McCrappy.
Exactly. For gamers it is "good enough" -- meaning it does the basics without doesn't grind your system to a halt like that crap Norton and McAfee used to do.
Re: (Score:2)
Re:This is a surprise? (Score:5, Insightful)
By running Windows, you are already placing trust in Microsoft. Using MSE seems like a entirely logical extension of that.
That is to say, why bother yourself about one program from MS when you are using an entire OS made by them?
Re: (Score:2)
By running Windows, you are already placing trust in Microsoft. Using MSE seems like a entirely logical extension of that.
That is to say, why bother yourself about one program from MS when you are using an entire OS made by them?
So you are saying since the OS is crappy, it's no surprise that their other programs are crappy?
Re: (Score:2)
In case of anti-virus it's even worse so.
They provide the boat with leaky hull, and then they provide tools to help you plug the holes. Instead they should focus on not having holes in the hull to begin with.
Re: (Score:2)
No, he's saying that there's not point in sticking a condom on your cock while MS is giving it to you up the arse from behind!
Perhaps not, but the condom may still protect you when they go for the reach-around.
Re: (Score:2)
Re:Sadly AVG is shit (Score:4, Interesting)
Re: (Score:2)
We bought the full corprate version of AVG with all the wells and bristles. It decided unilaterally to push this to every PC company wide. It ground my computer to a stuttering grinding halt several times. It shut off the serial ports until they were called "Oh sorry we close those by default." Then those would break again and we'd have to call again. Then it started interfering with some kinds of IP traffic, "Oh we started closing those by default." with the same crap. Then it did something to the printer
Re: (Score:2)
Why, in 2012, are you afraid of attachments?
Re: (Score:2)
They're sent by ignorant people, they like to send large ones, they like to send highly offensive crap that isn't related to work. I got better things to do like take a nap.
Only the technically literate can operate the software needed to access the FTP site. We only give that client software to people who do not drool and pay us in cold hard cash (no really I got a $5 in a block of dry ice).
It gives me a chance to offend the stupid without having to actually do anything. My boss thinks I'm a technogod so I'
Re: (Score:2)
Re: (Score:2)
Fuck man, you should see what it does to his sandwiches. I heard it out his wife into early menopause... and he doesn't even have a wife!
Re: (Score:2)
i had a portable avast install on a usb drive that worked great back b4 i switched over to ubuntu several years ago
Re:Shocking (Score:4, Insightful)
I have Avast, which scored way better and guess what... It's free as well. Go figure...
Oh and to your analogy, it's like comparing Paint with Gimp.
Re: (Score:2)
It has a commercial version as well. The reason they state for having a free version, paraphrasing is that because more people running antivirus means fewer people overall getting viruses (especially paying customers). Same principle as vaccination.
Re: (Score:2)
Re:Shocking (Score:4, Insightful)
Re:Shocking (Score:5, Insightful)
Free AV software included with operating system scores significantly lower than competitor products that cost money. Shocking!
I remember back in the day, Netscape ruled the web, and internet explorer was a piece of crap that, while bundled with the operating system, nobody ever used. I remember when Microsoft first released mplayer, its first video player; Which looked sad and pathetic next to QuickTime. I remember how under Windows NT, the only method of defragmenting the filesystem was to reformat and start over, unless you bought Norton. I remember when Word Perfect was the only word processor anyone in the industry would recommend for professionals, and Microsoft Office was little more than notepad with a bag on the side. And I remember the first software firewalls by ZoneAlarm and others, compared to the pathetic XP firewall.
Yes, I'm probably older than you. Yes, you can laugh: But I have a lot of memory to draw on, and all you have is sarcasm. In every case, Microsoft steadily improved their own offerings, and the market for those products imploded. Today, anti-virus built-in to windows sucks but if history is anything to judge by, it won't stay that way for long. Now get the f*ck off my lawn, and take your iPhones with you. Some of us work for a living.
Re: (Score:2)
> I remember how under Windows NT, the only method of defragmenting the filesystem was to reformat and start over, unless you bought Norton.
Did you miss Diskeeper? :-) (Because Windows NT 3.51 did't even have an API for moving data clusters.)
http://en.wikipedia.org/wiki/Disk_Defragmenter_(Windows) [wikipedia.org]
Thankfully, there is the open source jkdefrag now ... .. of course with SSDs defragging is slowlying becoming a moot point. ;-)
http://www.kessels.com/jkdefrag/ [kessels.com]
It also depends on how you want to do things (Score:5, Interesting)
One problem with AV is that as detection rate rises, so does false positive rate. So far, nobody has found a way around this. So some products go for heavy detection, Bitdefender being a good example. Fair enough, but it comes at the cost of more false positives (and it still isn't a 100% detection rate).
MS goes the other way. They go for low false positives, and in the last AV Comapritives test they had 0, but at a lower detection rate.
Why? Well because they are going for the mass market, the people who didn't want virus scanners. If the thing bothers them all the time with false positives, they'll turn it off, and then they have 0% detection. So instead they go for a lower detection rate, but with low false positives so people get some protection.
I'm not calling it the right answer, but you can see the logic.
And for that matter, I've found that in the real world, MSE seems to do better than Sophos, which is decidedly not free and very popular in enterprise.
Re: (Score:3)
> What's next, Ms paint found to be inferior to Photoshop in comprehensive image-editing software test?
You may jest but at least this guy would disagree ;-)
How to paint the MONA LISA with MS PAINT
http://www.youtube.com/watch?v=uk2sPl_Z7ZU [youtube.com]
Re: (Score:2)
Re: (Score:2)
Re: (Score:3)
What kind of internal access to "Windows (binaries) internals" does MS have & McAfee not have which would be useful for virus detection?
Re: (Score:3)
Remember Melisa? I've had both Norton & Mcaffee miss it in an email. The only reason I even caught the damn thing was the attachment and the fact that I disabled the Hide Known Extensions default. No AV is perfect. I run MSE because it stays out of my way and provides enough protection that I'm satisified with it. If I'm infected badly, I'll wipe and do a clean install as it's faster. It's also why I keep good backups.