back to article No defence for outdated defenders as consumer AV nears RIP

Game knows game. Thus it came as little surprise that Norton's consumer security software not only sprouted a cryptominer that slurps your computer's life essence and skims a cut, but that it's hard to turn it off. A marriage not made in heaven but the other place: consumer-grade antivirus software has always had an uneven …

  1. Primus Secundus Tertius

    Failure of capitalism

    Microsoft had virus protection in Windows v3, but in Windows95 they left it to the free market. Ten years later they had to accept that the free market had failed, and they reintroduced Windows Defender into XP.

    1. Stumpy

      Re: Failure of capitalism

      Did it? I certainly don't remember it ever shipping with any antivirus/malware tools. Can't find any info from a search of the interwebs either.

      I'm curious now, as to what it actually was.

      1. Anonymous Coward
        Anonymous Coward

        Re: Failure of capitalism

        Microsoft Anti-Virus (MSAV) - created by Central Point Software, which was later subsumed into Symantic - was introduced in DOS 6.

        There was a Windows 3 front end to it (Microsoft Anti-Virus for Windows (MWAV)). I don't think it was standalone, though - you still needed the MSDOS bit.

        1. stewwy

          Re: Failure of capitalism

          Windows 3 was still a bit of a bolt on to MSDOS if I remember correctly.

          1. 43300 Silver badge

            Re: Failure of capitalism

            Indeed - Windows was separate and ran on top of DOS up to and including Windows 3.11.

            Windows 95 was the first DOS-derived version where the two came as one package (although it was possible to run Windows 95 DOS on its own on a machine not capable of W95 - the things we tried when we were teenagers...)

            The NT product line was always integrated as one package - and the consumer, DOS-derived versions were effectively abandoned after the fairly dire Windows ME: the NT architecture was used for business and consumer versions from XP onwards.

            1. A.P. Veening Silver badge

              Re: Failure of capitalism

              The NT product line was always integrated as one package - and the consumer, DOS-derived versions were effectively abandoned after the fairly dire Windows ME: the NT architecture was used for business and consumer versions from XP onwards.

              I was about to correct you with 2K, but that officially and unfortunately wasn't a consumer version. I only switched to XP with SP2

      2. Pirate Dave Silver badge

        Re: Failure of capitalism

        I didn't remember it either, until AC posted that it was MSAV. Then I remembered. Easy to forget about it, though. Back then, most all you had to worry about was "where has this floppy been" and ejecting the floppy before you reboot the computer. Oh, and make sure your shareware came from a reputable source. So for the most part, there wasn't much need for AV software unless you thought you had an infected floppy or file, and certainly no need for always-running AV that chews-up 1 GB+ of RAM.

        Much simpler times back then.

    2. Chloe Cresswell Silver badge

      Re: Failure of capitalism

      "Microsoft Security Essentials", it wouldn't become Windows Defender till Windows 8.

      1. andy gibson

        Re: Failure of capitalism

        I remember "Windows Live OneCare"

        1. zuckzuckgo

          Re: Failure of capitalism

          I though it was "Windows Live noOneCares"

      2. MiguelC Silver badge

        Re: only for Windows 8?

        Hmm, no, it was released in 2006, Windows XP era (as per the release notes linked)

    3. davidp231

      Re: Failure of capitalism

      There was also a brief sub to McAffee in the Windows 98 Plus! pack.

    4. WeeJockPooPongMcDude

      Re: Failure of capitalism

      XP SP2 reintroduced \ rebranded as Security Center detailing Firewall, Automatic Updates and Virus Protection status.

      1. Liam Proven Silver badge

        Re: Failure of capitalism

        XP SP2 monitored your virus protection & showed it, but it didn't provide any itself. You needed to supply your own, even if it was the free Security Essentials.

    5. Blackjack Silver badge

      Re: Failure of capitalism

      Until Windows 98/SE died F-PROT for DOS worked perfectly well and was free.

      Unfortunately even if you want to obtain the Windows version, F-Prot Antivirus reached end-of-life on July 31st 2021 and is no longer maintained.

      Thanks to Cyren killing it - -

    6. TheMeerkat

      Re: Failure of capitalism

      Anyone talking of “failure of capitalism” needs their brains checked.

      What is the alternative? North Korea?

      The USSR?

      1. zuckzuckgo

        Re: Failure of capitalism

        >What is the alternative?

        Fix capitalism. There are lots of different flavours available.

      2. JulieM Silver badge

        Re: Failure of capitalism

        Know the size of the population and the resources required to satisfy their needs.

        Automate every job it is possible to automate.

        Give everyone food and shelter in return for their share of the residual labour.

        Everyone ends up working a 16-hour week and retiring in their thirties.

      3. Jon 37

        Re: Failure of capitalism

        Unregulated pure capitalism does not work. People will act in their own interests, which will be to pollute the environment, make their workers work in horrible conditions with no regards for safety, sell defective products if they can get away with it, etc. This is all well known.

        Regarding the antivirus market, the incentive is to scare consumers into spending lots of money, to have lots of tickbox features so you can "win" product comparisons, and to provide software that defends against most viruses. Making that software fast and compatible is not so important. Making that software unobtrusive so it "just works" actually works against the goals.

        There is weak regulation and no way for a consumer to sensibly compare products, so that is what you get.

        Now, Microsoft has different incentives. They want Windows to be fast and safe and easy to use, so they can sell Windows and Office and all their other software. Hence they give away a free, fast, relatively unobtrusive antivirus, to everyone who has bought Windows.

        So while capitalism caused a mess in the "separate antivirus" market, in the overall "Windows antivirus" market it has worked. We ended up with a single free solution being the clear winner, which is good for consumers.

  2. ecofeco Silver badge

    Both utter garbage

    Norton and Symantec should have been banned years ago.

    1. Anonymous Coward
      Anonymous Coward

      Re: Both utter garbage

      Norton and Symantec should have been banned decades ago.


  3. Anonymous Coward
    Anonymous Coward

    The rogues' gallery

    Add Avast to this.

    Some years ago the sold the browsing history of user they collected to protect the user from bad sites.

    They have tidied the act up on that but they still hit you over the head with their announcements/ads for upgrading hence my move to McAcfee these days, much better.

    1. Anonymous Coward
      Anonymous Coward

      Re: The rogues' gallery

      And then they bought AVG Free and turned it into a scare advert for the full Avast product...

    2. fidodogbreath

      Re: The rogues' gallery

      They have tidied the act up on that

      NB: The people who now claim to have stopped selling user browsing data are the same people who did it in the first place -- data which went well beyond URL lists, including "an 'all clicks feed' that was apparently able to track user behavior such as clicks and movements between websites" (source).

      But sure, let's take them at their word when they claim that their proprietary closed-source code doesn't do that any more. It's all clearly explained in their 30,500-word* Privacy section.

      * Includes General Privacy Policy, Application Policy, VPN Policy, and Cookie Policy.

    3. AndrueC Silver badge

      Re: The rogues' gallery

      I remember many years ago trying to find out how Avast had leaked the email address I'd used to register. I use a DEA based system so I knew that only they ought to know that address yet I was getting spam sent to it. They refused to acknowledge that there was a problem (they claimed the address had been farmed from my address book) then the forum community joined in and I gave up.

      I doubt any of them will remember that little spat but part of me has long thought 'I told you..'.

  4. Anonymous Coward

    "thrived in enterprise"

    Only thanks to sysadmins and their managers who don't care if your computer can't be used to work - they only care they have their butts covered if something happens.

    1. Anonymous Coward
      Anonymous Coward

      Re: "thrived in enterprise"

      You can put that squarely on the shoulders of the business insurance industry who insists on having it installed...

      1. mistersaxon

        Re: "thrived in enterprise"

        ...and on the users who think their business computer is a home computer that don't have to pay for: shopping online, bringing in docs and even photos to print on USB sticks (or email), posting to SocMed and so on. And don't forget the torrenters who like(d) to use corporate bandwidth.

        Now most, if not all, of that is typically utterly banned on modern business machines but the "need for A/V" remains. And VPN profiling that insists any non-company PC connecting to a corporate network with a VPN has a certain level of a/v protection pretty much guarantees that this requirement for home A/V will persist - even on Mac and Linux, neither of which arguably really need it either.

        The way I see it, it's the "Stupid Tax" we all have to pay.

  5. Ben Tasker

    > Endpoint protection managed in the cloud, whether explicit anti-malware services or OS-led protection as seamless as Chrome OS or through aggressive online patching, is as good as it's going to get. Keep up to date, and third-party security software you have to manage has no right to your system at all.

    Without wanting to defend desktop AV, I don't entirely agree with this, especially when suggested as a solution for consumers.

    It's true that AV can do very little against novel attacks, but in the consumer space I'm not sure that's actually it's real function (even if sold as such). What desktop AV exists to prevent, in the consumer space is Auntie Mavis downloading AwesomePictures.exe and running it. Known signatures are still reasonably useful for the lower sophistication trojans.

    Cloud based endpoint protection still isn't really an accessible solution for the average consumer - it's overkill and overpriced (compared to what consumers want to spend). Depending on the mode used (cloud managed, or a cloud based gateway) you're either sticking a 3rd party MITM in your traffic flow, or enabling remote management of your system.

    The concerns about the level of system access an AV needs applies doubly to the agents used in many cloud-based endpoint management solutions (I can't be the only one to have found certain suppliers to be hideously lacking in security...)

    I agree with the general thrust of the article, but the beginning of this para just doesn't sit right.

    1. Anonymous Coward
      Anonymous Coward

      "prevent, in the consumer space is Auntie Mavis downloading AwesomePictures.exe"

      Probably the built-in Windows AV is enough in such case without the need to install a third party solution.

      The issue with AV today is really that writing software able to install it at the kernel level and work well and fast without causing noticeable slow downs or worse, would require highly skilled developers and related costs. Developers who today can probably earn much more working in some cyber-something sector.

      1. Ben Tasker

        Re: "prevent, in the consumer space is Auntie Mavis downloading AwesomePictures.exe"

        > Probably the built-in Windows AV is enough in such case without the need to install a third party solution.

        Yep, in my mind that was being castigated too as AV, but on reflection I guess it also fits into the "os-led protection" category.

      2. Jim Whitaker

        Re: "prevent, in the consumer space is Auntie Mavis downloading AwesomePictures.exe"

        "Probably" is what worries me here.

        1. richardcox13

          Re: "prevent, in the consumer space is Auntie Mavis downloading AwesomePictures.exe"

          There are no absolutes in security.

          Whatever things you put in place, there is always the possibility you will be subject to a novel attack.

      3. richardcox13

        Re: "prevent, in the consumer space is Auntie Mavis downloading AwesomePictures.exe"


        Probably the built-in Windows AV is enough in such case without the need to install a third party solution.


        Even more if said aunt is a normal user, not an admin.

    2. Roland6 Silver badge

      >> Endpoint protection managed in the cloud...

      Which basically says that consumer AV won't RIP it will simply evolve.

      The only question is whether the free embedded versions will be sufficient or whether third-party productions will still be required.

  6. xyz123 Silver badge

    MCafee and Norton as companies paid for and created some of the worst viruses over the past few decades.

    The aim was to say "only OUR product handles XYZ", but thats because they created it so knew exactly what signatures to add.

    There have been cases where BOTH of them "somehow" had anti-virus signatures added before particular viruses/malware was even released onto the public.

    A bit like answering the door to the police and saying "I haven't hacked my wife up and fed her to the pigs officer. " <pause> "what do you mean my wifes missing?" <shocked look>

    1. Plest Silver badge

      Been stocking up on the old kitchen foil have we?

      1. Anonymous Coward
        Anonymous Coward

        (foil) hats off to you sir!

    2. Boothy

      Sounds more likely to be heuristic or behavioural monitoring. Both have been around in AV for many years now.

      Most AV matches I've seen in recent years have been against GENERIC signatures, rather than a specific match. i.e. "This file looks a bit like this other virus I know about". or with behavioural, "This application is doing things that look suspiciously like a virus".

      Quite a few PC games, especially when they have DRM built in, get hit by this quite often. The Steam forums are full of "My somegame.exe file disappeared! Please help", and you find their AV archived it due to a false positive.

      1. A.P. Veening Silver badge

        Some mbox parsing programs I wrote were identified as a virus. Another program I wrote to edit a text constant in an executable was never flagged.

    3. Anonymous Coward
      Anonymous Coward

      It may come as a bit of a surprise to some but they do share threat information between themselves,

  7. Version 1.0 Silver badge

    consumer-grade virus software has always had an uneven reputation

    A lot of the comments here suggest the some of reasons why so many users end up getting infected. Let's face it, the malware programmers are working much harder at infecting systems than the AV programmers are able to work to defend the environment from the attacks. We can talk about this all we like but while we're chatting about AV issues, there are a whole bunch of very highly talented people working at infecting us, not just talking about it. The issue is that the entire computing environment is vulnerable, mostly at a result of companies working to improve performance and sell user data, not safety.

    "The true mystery of the world is the visible, not the invisible." - Oscar Wilde

  8. Anonymous Coward
    Anonymous Coward

    AV "protection"

    When I look through AV logs of my clients I find they are still being hit by junk websites. It is too easy for a 1D-10T user to walk down a back alley of the Internet and get jumped. Too many trust that Google search result. A decent AV at least stands in the way of that.

    And that is not McAfee\Norton\Avast. The mess they make of a PC is so bad you might as well let the virus take over as it would keep the PC in a healthier state.

    1. H in The Hague

      Re: AV "protection"

      "The mess they make of a PC is so bad you might as well let the virus take over ..."

      So, what protection would you recommend for the average home user or small business?

      1. Filippo Silver badge

        Re: AV "protection"

        Honestly, when someone asks, I recommend to just use the Windows built-in AV. In my anecdotal experience, it's usually good enough to save you if you double-click somewhere you shouldn't, and it's considerably less prone to breaking your system when compared to the rest of the crowd.

        Usually, however, people don't trust my recommendation, probably reasoning that if it's free then it can't be any good. Oh well.

      2. Roland6 Silver badge

        Re: AV "protection"


        Yandex did buy Agnitum so that they could embed an 'AV' in the browser (Yandex security system),

        I however, recommend Kaspersky security suite (*), but some might take exception to having software from Russia installed on their PC...

        (*) However, even this benefits from various ad and script blocking browser add=ins...

      3. Anonymous Coward
        Anonymous Coward

        Re: AV "protection"

        > So, what protection would you recommend for the average home user or small business?

        I didn't want to sound like a salesman. I use ESET AV, also with my small business clients. It is still relatively low resource, but there is something weird going on with them and Salesforce lately that makes me worry a bit about the future.

        Kaspersky would also be one I look towards. A good rule of thumb I have had over the years is the further East the owners, the better the quality seems to be.

        1. Anonymous Coward
          Anonymous Coward

          Re: AV "protection"

          Upvoted your reference to Eset.

          I've been using it for A VERY LONG TIME.

          There is definitely something weird going on with them though.

          A year or more ago I was sure they were trying to move to direct selling and cut out their long established reseller network.

          There is definitely more targetted hard sell coming from them now.

          I wonder if they've been taken over by venture capital types.

        2. BOFH in Training

          Re: AV "protection"

          Yeah am in favour of Kaspersky as well.

          Russia government does not seem to be too happy with them, which I consider as a positive as well.

          Anyway they moving out some datacenters to switzerland I think.

      4. bombastic bob Silver badge

        Re: AV "protection"

        what protection would you recommend for the average home user or small business?

        Practice 'safe surfing', under Linux or BSD. And use 'NoScript' (or similar) whenever possible.

        Amazingly effective.

        1. captain veg Silver badge

          Re: AV "protection"

          During all the years that I have chosen, and then been obliged ,to use DOS and Windows (which is about 35 now), I have only once been infected with a virus. A boot sector nasty which was infiltrated (I don't know how) on to disk 5 of 7 of the copy of PC Tools that I bought from (pre-Dixons) PC World. Well, "nasty" is an overstatement. It bounced a diamond shape around the screen. And propagated. And that's it. (I know because I disassembled it.)

          There is only one sure protection against malware, which I call "not being a muppet". I am often a muppet, but never, since that PC Tools lesson, in circumstances which could result in infecting a Microsoft operating system.

          Don't run executables off the internet unless you are absolutely certain of their provenance. Even then be cautious. How hard is that? (OK, it's much easier since the demise of Internet Exploiter.)


      5. Al fazed

        Re: AV "protection"

        I have been using Sophos products since before I graduate at Oxford Brookes in 2006. Sophos has always produced a Home User product which is free and has over the years stopped pleanty of unwanted applications from ruining my computing experience.

        Today I shell out a paltry sum to the same company as their Home User product now provides protection for up 10 different computing devices owned by my family menbers. It also provides end point security for all of our mobile phones. It works on all major OSes. They also produce a stand alone Firewall.

        I am very grateful for the level of protection that I believe that I and my family are getting via Sophos products. I recommend the company's products to my clients and friends.

        I know that this isn't the Final Solution but please don't burst my bubble...........


        1. clyde666

          Re: AV "protection"

          I went looking for the free Sophos.

          All I could find is a "free download" and a free trial. But the product costs £37.46.

          Where should I look for the free version?

          1. Rob Daglish

            Re: AV "protection"

   and click on the "Free Download" button - it will download the Home Standard version - the buy option is for home premium for 10 devices.

      6. davidp231

        Re: AV "protection"

        "So, what protection would you recommend for the average home user or small business?"

        Keeping the PC in the box it came in.

        Variation of an old fortune cookie: "How do you secure Windows NT? Keep it in the shrinkwrap".

  9. Anonymous Coward
    Anonymous Coward

    Bit dubious about this arguement.

    The argument appears to be of the form "brand X locks are crap, and in any case, a talented thief can pick the lock anyway".

    That's a good argument for not relying solely on locking your door. It's a terrible argument for not having a lock in the first place.

    1. stiine Silver badge

      Re: Bit dubious about this arguement.

      search youtube for 'the lockpicking lawyer', then watch one or two of his videos to see about how much time he spending just talking, compared to the time he spends picking locks, and the look at the length of ALL of his videos. He could probably walk up to the door of any vehicle or building on the planet and be inside (or at least have tripped the alarm system) in 3 minutes. Think about this: does your neighbor's house have vinyl siding? If so, you can cut your way in to their house with a boxcutter in under two minutes by going straight through the wall...

      1. Charles 9

        Re: Bit dubious about this arguement.

        That depends on what's under the siding. If there's nothing underneath, then yes. But many houses I've seen use viny to cover an existing wood or brick exterior.

      2. Anonymous Coward
        Anonymous Coward

        Re: Bit dubious about this arguement.

        Dunno where you live, but over here, with temps around -25 degrees Celsius, I am glad there is something more underneath my vinyl siding. Good luck using your box cutter to get through there in under two minutes.

      3. captain veg Silver badge

        Re: Bit dubious about this arguement.

        What the F is a "vinyl siding"?

        Why, if it means what it seems to, would you want your home to have one?


        1. Gritzwally Philbin

          Re: Bit dubious about this arguement.

          Vinyl siding is cladding that looks like either grooved asbestos shingles, or clapboards that snaps over the wood.

          The benefits are, it can come pre-colored so no more painting and of course doesn't get eaten by termites or rot (older brands do get the UV breakdown, but the newer stuff is pretty good resisting that now..)

          Really cheap housing tracts built by fly-by-night builders often go with vinyl right over the strandboard siding and of course that shit is utter crap.

          Anecdotally, my sister is an architect and was on a renovation project in a neighborhood outside of Washington DC a few decades ago, the ENTIRE neighborhood was built with strandboard exterior walls with spray-on vinyl 'brickface' that was scored and tinted to look like the real thing.. only the vinyl was applied directly to the strandboard w/o it being properly primed/treated (fly-by-nighters, man, get you EVERY time..) and the vinyl delaminated and let water in. Lo and behold the cement used to bind the strandboard (basically it's pressed wood chips) was corn-based and became mold bombs as the wood rotted under the vinyl brickface. THOSE houses you literally could cut through the vinyl with a box cutter and into them between the wall studs. HUGE lawsuits against the builder IIRC.

          You'll see lots of vinyl cladding in the Northeast US on older homes because it does a bang up job protecting the clapboards already on..

        2. clyde666

          Re: Bit dubious about this arguement.

          Very shocked, I immediately thought about Grenfell Towers.

      4. MJI Silver badge

        Re: Bit dubious about this arguement.

        What is?

        Vinyl siding? I know about railway sidings, but not vinyl.

        Box cutter - whats that?

        1. sad_loser

          Re: Bit dubious about this arguement.

          vinyl siding = plastic fake wood the septics like to nail to their houses in the same way the did to their cars last century.

          box cutter = Stanley knife

          1. MJI Silver badge

            Re: Bit dubious about this arguement.

            The plastic fake wood sounds terrible, I suppose it is a fire hazard as well

            Stanley knife hmm, I was imagining some kind of hedge trimmer or ornamental hedges (of box).

      5. Cliffwilliams44 Silver badge

        Re: Bit dubious about this arguement.

        What is behind my vinyl siding?

        3/4" Strand board mounted to

        2 x 6 studs 16" on center

        6" of insulation

        Between each stud are 2 1/2" steel cables mounted to the wall cap and the concrete slab pulled tight! (Hurricane protection)

        Try getting through that with a box cutter!

        1. Rob Daglish

          Re: Bit dubious about this arguement.

          OK, OK, so I need a fresh blade on my Stanley knife...

      6. JulieM Silver badge

        Re: Bit dubious about this arguement.

        The problem with that is, surely you still have to get through a layer of brick (cutting which is very noisy) followed by a layer of insulation (which may be loose-filled, and won't do your brick-cutting tool any favours) and then another layer of brick or breeze block?

    2. vtcodger Silver badge

      Re: Bit dubious about this arguement.

      More the Jamie Zawinski argument I think. "I have a problem. My system is vulnerable to malware. I know, I'll install AntiVirus software. Now I have two problems." see

  10. JDPower666

    I haven't seen a virus in probably 10+ years. Probably for as long as I've used an adblocker. That is not a coincidence.

  11. Boo Radley

    Going Bareback

    I long ago got disgusted by AV software, and started going entirely without. I download the occasional file or two from Pirate Bay, and do a reasonable amount of web surfing, but the last time my computer got infected was years ago. A quick reformat and reinstall of Windows, and I was back in business in almost no time. I also keep all data on separate drives, as well as backups. I feel I'm far more likely to lose data through a hardware failure, like a disk crash, than from a virus.

    1. veti Silver badge

      Re: Going Bareback

      I agree, this is the strategy. Fixing a computer is just a matter of time, it's the personal data on it that's precious and vulnerable. For that, a decent backup strategy is by far the best defence.

  12. andrewmm

    Protection from "bad" web sites

    One thing AV on the PC does seem to do

    is detect / protect to some degree from the kids going to "bad" web sites,

  13. Boris the Cockroach Silver badge

    My own

    Experience with virus are limited to 2

    1 was contained in an email from a trusted friend..... sadly outlook excess used internet exploiter to render the preview pane..... and thats my system pwned (format c: cured it)

    the second was picked up from some random website and was rather clever

    The actual virus payload was a string of data, each byte rotated right 1 bit, and some javascript.

    First thing the script did was reserve memory, then rotated left 1 bit each byte of the payload.

    Then linked to syshost to deploy said payload

    I cant see any anti virus program stopping the first part, but the thing that gets me is that a user level application can run random scripts that can make changes to the system. this is down to m$'s bad design of the OS nothing else.

    It is that that makes such a good market for all these 'anti-virus' programs even though they can only alert you to the fact your computer has justed been pwned

    And its no good saying 'linux is better' because if Linux (or OS/2 or Amiga OS or whatever) achieved the market share that windows has, then they'd be under attack by the malware boys

    Perhaps a simpler solution would be to give computers to the people that actually need them, and typewriters with a document scanner/displayer to the other 95% of staff.

    1. Anonymous Coward
      Anonymous Coward

      Re: My own

      >I cant see any anti virus program stopping the first part,


      >even though they can only alert you to the fact your computer has justed been pwned

      I think your experience of "AV" programmes is probably limited and pre-2000.

    2. Pascal Monett Silver badge

      Re: My own

      And the solution is simple :

      1) don't use Outlook. Every malware writer is on the lookout for that.

      2) Use NoScript. 99.9% of all malware on the web needs JavaScript to install. Stop that and the virus is killed dead in its tracks.

      Of course, point 2 requires you to not be a noob of the web, but hey, this is El Reg forums. You should know how to handle yourself in a browser.

      1. W.S.Gosset Silver badge

        Re: My own

        > You should know how to handle yourself in a browser.

        One of the politer euphemisms for surfing porn.

    3. Peter Gathercole Silver badge

      Re: My own @Boris the Cockroach

      But with Linux, you have to jump through several hoops to have your *system* owned by malware downloaded from the Internet.

      I'm not saying Linux is invulnerable, but just think. It's quite unusual for any out-of-the-box Linux system to have their primary user running as an admin (root) account. You can do it, but it's a decision you have to make. And without root access, your files may be at risk, but the system files are not.

      There have been ways of jumping the privilege barrier, but that requires code downloaded that can then try to take advantage of other issues on the system, so it has to be a multi-stage attack.

      Historical versions of Windows (MS-DOS based ones) did not have that level of protection. WinNT versions did have the protection, but it was quite normal for the main user to use an admin account which side-stepped this protection, at least until Windows 7. Modern Windows does a much better job, but there still seem to be many vulnerabilities known.

  14. captain veg Silver badge

    > ts no good saying 'linux is better' because if Linux (or OS/2 or Amiga OS or whatever) achieved the market share that windows has, then they'd be under attack by the malware boys

    Possibly. But they wouldn't just roll over and wave their legs in the air in the same way. For years Microsoft software was insecure by design. I see little evidence that it isn't now.


  15. a_yank_lurker

    uneven reputation?

    That's an improvement over the (real) dismal reputation of AV vendors.

  16. steviebuk Silver badge

    I remember

    In the early or mid 90s reading a copy of the 2600 magazine about AV software. The thought was back then, as mentioned in the article, that either they were releasing viruses themselves or the amount of signatures they claimed to detect they didn't actually get close to what they claimed they had.

    I also remember messing around with a virus creation toolkit (as I was crap at assembly). At college we got hit with the Form virus, so I took it open to play with and accidentally infected my HDD bootsector. But ended up just booting from floppy instead.

  17. stualoo

    Windows AV for me

    I gave up on most AV programs after the AVG days, when it became bloated and unusable and after going through many up to that point.

    When people ask me (which isn't as often as it used to be, thanks to tablets etc), I now just say to use the built in Windows AV. Then every so often, run a scan using the Free version of Malwarebytes. This for me is enough but I rarely go off the beaten track!

    I used to run an adblocker on Firefox, but now just use Brave (script and ad-blocking seems good). I also run a Pi-hole as my DHCP/DNS, loaded with several block lists, which is helpful for home. My daughters tablet has some 'extra' blocklists assigned to keep her a bit safer. I can't actually remember the last time I had a virus... maybe 15 years ago!

  18. Gazman

    Get a Mac.

  19. Robert 22

    We have met the enemy and he is us.

  20. goretsky


    Mr. McAfee certainly did not write any computer viruses or other malware. He had not programmed a computer for years before starting McAfee Associates, and those were minicomputers, not personal computers. He certainly understood programming and programming concepts, but the most complex thing he wrote were WordPerfect macros.

    The idea that, some three decades later, he at some point infected a bunch of netbooks with malware is farcical. At the time he made this statement, he was dealing with the Belizean authorities and simply wanted to scare them by making them think he had something on them. Mr. McAfee regularly made many statements to the media during his ordeal because he felt it helped keep pressure on Belize to leave him alone. The fact that The Register still brings it up today shows that Mr. McAfee's strategy for using the media worked rather well, it would seem.


    Aryeh Goretsky

  21. EricB123 Bronze badge

    Norton's PR is Stupid

    "We’re so confident in our antivirus and malware protection that if you’re a current Norton service subscriber and you get an infection on your device that our experts can’t remove, you get a full refund. That’s assurance you can’t get from free software."


    1. Blank Reg

      Re: Norton's PR is Stupid

      So is there free AV software that will have a real person try to remove your virus? If so do you trust giving them access to your computer?

    2. W.S.Gosset Silver badge

      Re: Norton's PR is Stupid

      > you get a full refund

      To be fair, that's an offer any free software can make, too.

  22. Byron "Jito463"

    Smart people

    Smart people stayed away from Norton or McAfee. McAfee has been garbage for at least 2 decades, and Norton has been hit and miss for as long as I can remember. Personally, I've used NOD32 by Eset for around 17 years, and I stand by it. I don't rely on it as my primary protection (that's my job), but rather as a backup in case something slips past me.

  23. ChrisBedford

    What's changed?

    "It became commonplace to ship PCs with "try before you buy" AV packages that encouraged the new user to activate the software for free, only to receive truly terrifying warnings a month or so later about shelling out for continued protection"

    A practice that continues, expanded, to this day. If you remove the McAfee that ships with your PC, instead opting for the "free" adware from say AVG/Avast, you get daily scareware advisories that are in fact total BS.

  24. Big_Boomer Silver badge

    Medical Images

    I work with DICOM Medical Images and most AV systems don't know how to handle them. Most AV systems detect a suspect string in the file (DICOM files are Images with embedded metadata, so structured data mixed with pseudo-random characters) and mark the file for a deep scan. Unfortunately the deep scan takes a few seconds and by then the app that was trying to open the file has errored or timed-out. After speaking to several of the AV companies, there is no will there to resolve the problem. This wouldn't be a problem except for the blanket approach used by most incompetent IT departments who push their crappy AV system to every single PC without any consideration of the effect it may have on the end user systems. Most high-end medical imaging systems are firewalled up the wazoo and have other protection, but the IT dept. insists it MUST have AV installed.

  25. BPontius

    Old news

    The death of antivirus has been predicted for 25 plus years now. The bigger problem is the continued lack of patching/updates for vulnerabilities/bugs that allows viruses and ransomware to persist. Nearly 5 years (May 2017) after the Wannacry outbreak it still infects because systems remain unpatched, old O/S versions and SMBv1 lingers on. Most infections are because of lax security practices (incl. weak passwords) and lack of regular patching for vulnerabilities.

    1. Paul Crawford Silver badge

      Re: Old news

      You seem to forget that many systems have legacy software and/or hardware that makes some things, like SMBv1 a sad necessity if you don't have $$$$ budgets for major system overhauls.

      Having said that, a sensible system design would segregate systems so email/web is not on the same network as $OddSMVv1System, etc.

  26. VulcanV5

    The gfift that keeps on giving

    Must be seven or eight years ago that my wife browsed Amazon UK and purchased Mawarebytes Pro or Premium (can't rmemeber the exact date or the exact name), She purchased it as a gifyt for me because she didn't think there was any such thing as a free lunch, that is, she had no faith in ANY "free"AV being up to stuff.

    Not long after that discounted Amazon purchase, M\alwarebytes changed to the Adobe model of a recurring monthly subscription. However, it emailed me (as a registered user) to say that it would never bill me for any update or version change in future, seeing as how I had already purchased its product.

    Malwarebytes has stuck to its promise. And I've never had any kind of infection on any Windows PC of mine over the years.Sheesh, I'm still on Windows 7.

    * Just thought I'd provide an honourable mention for at least one anti malware specialist amidst the welter of justifiable criticism El Reg has levelled at scumbag outfits like Norton and McAfee.

  27. Lorribot

    Beware any bundled AV products

    BT offer subscriber free AV software, Amusingly the recent changed from teh much maligned McAffe to the even more maligned Norton.

    You do wonder if the people that make these decission get some kind of benefit ofor annoying your customers. I assume Norton supply for free as long as the Cryptominer is turned on....

  28. JulieM Silver badge

    The Real Problem

    The real problem is, Windows relied for too long on locks that were screwed on from the outside and gave away keys that opened far too many of them compared to what was needed. A lot of "legitimate" software, written by self-taught coders with pirate copies of programming languages and incomplete documentation, relied for its operation on techniques also used by malware -- and also became indispensable. Making the underlying OS more robust against malware would have had the side-effect of killing off a lot of business-critical software.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like