Symantec Antivirus Gets A Fail, in Latest Virus Bulletin Tests

It makes me wonder just how many years the company can put out shoddy software, and trade on the name of fine software that used to be put out by the Peter Norton Company.

Despite the fact that we seem to get at least one story per year, retelling the story of how the Symantec offering has gotten better, lowered resource usage, and somehow become relevant, I have found nothing since 2003 to recommend anything from Symantec. (even then, it was on thin ice)

from Tech Spot

Virus Bulletin has released its August 2009 test results for Windows Vista SP2 Business. The company examined 35 anti-malware products and put them through their paces. In order to pass the basic requirements of the test, applications must detect all malware known to be “In the Wild” while not presenting any false positives. The products are tested in their default settings and must succeed in both on-demand and on-access detections.

Virus Bulletin threw the programs in a ring with around 3,000 unique samples of malware spread across four categories: Polymorphic viruses, Trojans, WildList viruses and Worms/bots. Of the 35 tested, only 23 passed, meaning about a third of the products fell to the tests. Among the more known solutions is Symantec’s Endpoint Protection, which missed two infections on the Wildlist.

Symantec was quick to defend itself in response to Ars Technicia’s original coverage of the Virus Bulletin tests. A company spokesperson said that “In the past ten years, Symantec has earned 44 consecutive VB100 awards, something no other vendor has come close to matching.” They went on to add that the missed malware is an “extremely rare replicant of a highly polymorphic file infecting virus” and that they have since fixed the issue in their signatures.

Though you can read the full article, cited above, I’m sure many are like me, wanting just the ‘last page’ and want the lean, mean details. Here they are…

Pass: AhnLab V3 Internet Security, Alwil avast! Professional, AVG Internet Security, Avira AntiVir Professional, CA eTrust ITM, eEye Blink Professional, ESET NOD32 Antivirus, Fortinet FortiClient, Frisk F-PROT antivirus, F-Secure Client Security, F-Secure PSB Workstation Security, G DATA AntiVirus 2010, Kaspersky Anti-Virus 2009, Kingsoft Internet Security 2009 Advanced, McAfee Total Security, McAfee VirusScan Enterprise, Microsoft Forefront Client Security, MWTI eScan Internet Security Suite, Nifty Corp. Security24, Norman Security Suite, Quick Heal AntiVirus Lite 2009, Sophos Anti-Virus, and Trustport Antivirus 2009.

Fail: Agnitum Outpost Security Suite Pro (one false positive), CA Internet Security Suite (960 polymorphic viruses misses), Filseclab Twister AntiTrojanVirus (2612 wildlist misses, 38 false positives), Finport Simple Anti-Virus (2897 wildlist misses, two false positives), K7 Total Security Desktop (one false positive), Kingsoft Internet Security 2009 Standard (228 wildlist misses), PC Tools AntiVirus 2009 (1188 wildlist misses, one false positive), PC Tools Internet Security 2009 (1355 wildlist misses, one false positive), PC Tools Spyware Doctor (1355 wildlist misses, one false positive), Rising Internet Security 2009 (43 wildlist misses, one false positive), Symantec Endpoint Protection (two wildlist misses), and VirusBuster Professional (one false positive).

Strangely, Avira is not listed. As an aside, I am trying the 30-day version of Avira, and, though it is probably very, very good, I find that its web protection is very annoying, shielding me from much of what I want to read, simply because there is something suspicious in an ad right next to it on the page. (I’m talking about seriously visited pages, too, like those of ZDNet)  There appears to be no way to disable this permanently, though it can be disabled after each start-up. This will probably be a deal-breaker for me, and I’ll return to the free version, which works fine, as I don’t have mail problems.

Lots of people tell me that Avast is great, but I simply can’t get by the interface. I am steadfast in thinking that only a media player should look like a media player interface.

AVG remains on the good list, but as I said a couple of months ago, AVG is a bit heavy these days – still, its e-mail checker is good, so if you feel you need e-mail protection, it’s a winner.

I still have not tried NOD32 yet – I’ll probably be checking this out next. Right after my free trial of Avira ends, and I can fully remove the remains of it – I’ll report on that also. (I happen to think that having to make a separate cleaner to remove all traces of your crappy program is ridiculous, Symantec & others. Get the idiots who code this stuff to do it right, rather than taking the position of complete hubris, thinking that no one will ever want to remove your products.)

I just might go back to F-Prot, as it worked well for me through the days of Windows 98, and the first couple of years of Windows XP – it has fallen from the list of media darlings, but gets consistently good reviews.

§

•