I was alerted to this the other day and thought it would benefit some discussion.A reader was defending an antivirus which i won't mention{ i've learned that lesson} that had let by trojans which were causing major difficulties for this user.This reader said that antiviruses should not be held accountable for anything but viruses.Now this wasn't my impression of what a good AV was supposed to do.I always thought AV's dealt with everything but spyware which is left up to those scanners.Was he right?.Do we also need a full time running trojan scanner also?.If he is, then i've obviously been too harsh on my critisim of some AV's including Zonealarm's which is doing good against viruses but not trojans.Let me know your thoughts on this and if i have to rethink my security setup of a good AV and a few spyware scanners.I do have a trojan scanner but only run once a month to validate my AV's protection.

you might want to add ewido and a2 as your at's

Some AV's do pretty well at detecting trojans and worms but usually don't handle them as well as a dedicated AT or AW. An av's primary job is in it's name "Antivirus"

Thats bs to be honest. Have you seen any viruses lately (with virus i mean parasitic file infector)? Just few? Just look at signatures and you'll see that large majority of all signatures added are worms, trojans and spyware/adware. So no, "antivirus" doesn't mean antivirus.::)

{QUOTE-> I was alerted to this the other day and thought it would benefit some discussion.A reader was defending an antivirus which i won't mention{ i've learned that lesson} that had let by trojans which were causing major difficulties for this user.This reader said that antiviruses should not be held accountable for anything but viruses.Now this wasn't my impression of what a good AV was supposed to do.I always thought AV's dealt with everything but spyware which is left up to those scanners.Was he right?.Do we also need a full time running trojan scanner also?.If he is, then i've obviously been too harsh on my critisim of some AV's including Zonealarm's which is doing good against viruses but not trojans.Let me know your thoughts on this and if i have to rethink my security setup of a good AV and a few spyware scanners.I do have a trojan scanner but only run once a month to validate my AV's protection. <-QUOTE}tobacco,

A good AV should be able to handle all forms of malware to a decently high degree (leaving decently high a little undefined for the moment). That means trojans, and it also means spyware although they really only handle spyware well by nipping it at the downloader stage. So yes, they should be accountable for all types of malware since, basically, this is what the mass market buys these products for - protection in a generic sense. In the past, AV's behaved as the reader you mention notes, but that's simply not commercially viable these days in the mass market.

Now, for me decently high means an Advanced+ rating on either or both of the demand or retrospective tests performed by www.av-comparatives.org (http://www.av-comparatives.org/). That makes the pool of my current candidates BitDefender/Kaspersky AV/McAfee/NOD32/Symantec-Norton and products that use one or more of their engines. All of these products handle trojans quite well.

From your previous posts, you use F-Secure, which would fall under the Advanced+ rating via association. Do you need a dedicated AT? Probably not, nor do I need one, although I happen to use one (BOClean) running as a process memory scanning backup to my AV (NOD32 or KAV depending on PC) and it has on a couple of occasions nailed something that inched by.

Very decent coverage is afforded by using a NAT router (or software firewall) and a good general antimalware package like F-Secure. One can always augment this type of setup, but the point of diminishing returns is quickly reached even if the products are quite deliberately selected on the basis of clear non-overlapping functional grounds.

Blue

RejZoR-Baby is right ;)

This is what an antivirus is supposed to do. my favorite antivirus is edward av. Great detection!!! :P

http://www.homestarrunner.com/sbemail118.html

Alphalutra1

{QUOTE-> This is what an antivirus is supposed to do. my favorite antivirus is edward av. Great detection!!! :P

http://www.homestarrunner.com/sbemail118.html

Alphalutra1 <-QUOTE}


Thanks, I needed a laugh.

No problem, I just remembered it from a post at the Cnet forums from a guy who was sick of the "what's the best av" posts. I especially liked the rip on linux at the beginning :D Humor always helps in these usually serious forums

Alphalutra1

:isay: While athletic individuals may be able to play all sorts of sports, it is usually just one in which they excel. I sort of think of these security protection programs in that vain. They may be able to detect all the various types, but are best in their individual specialty. Currently using seven (7) security related programs, I know for a fact there are other individuals who use many more than that number.

Thanks
Wildman

IMHO. I do not care what AV you use. I believe you should always, if you can afford to, have a dedicted AT. ;) (So I guess that puts me in BigC's camp).

As is usually the case the most educational and complete advice is given by Blue. :)

I use BoClean too. But do not consider it to be the only good one in the universe.....;D just maybe on earth....;D

It's a matter of literal definition ! AV = antivirus, it's that simple. AT/AS/AW/ARK all instantly conjure up their own specific definitions too.

If a product does more than one initial intended dedicated function, then great who would complain. And if it's all thrown in for the same price, even better.

A lot of people out there who don't visit forums such as this will be confused though i think. So do we now need to re think the terminology, and come up with more inclusive titles for products.

But personally i still feel that dedicated Apps are a much better idea all round, rather than suites and the like.


StevieO

I should not be surprised but , I am . What a question . Better yet , where is Happy coming from ? OMG . Guess I need to switch . StevieO got it right ! Antivirus is just that . Some detect trojans better than others BUT , they are AntiVIRUS programs ! And Happy believes it is not ? Ok . No problem . With this new info , I will switch . And when Eset decides that Happy is correct and renames their AV to an AntiMalware program , I will look into again . I used to respect some of the people here but , sheesh ! Save your money and buy a dictionary !

Yeh, but even the free AV's do well against viruses.It's catching the worms, trojans, on top of that which seperates the good ones from the others.If we used that thinking, then we could all use AVG for viruses, then a seperate trojan scanner, worm scanner, where do you stop.Do you think it's asking too much from one product to do these well?.I don't and there are products that do it well.

Viruses have evolved over the years to become more complex, and now are classified under different categories including trojans and spyware. Some even cross the line with infection routines that utilise mixtures of more than one type. AVs need to keep pace as they can no longer be just targeting "viruses".

{QUOTE-> I should not be surprised but , I am . What a question . Better yet , where is Happy coming from ? OMG . Guess I need to switch . StevieO got it right ! Antivirus is just that . Some detect trojans better than others BUT , they are AntiVIRUS programs ! And Happy believes it is not ? Ok . No problem . With this new info , I will switch . And when Eset decides that Happy is correct and renames their AV to an AntiMalware program , I will look into again . I used to respect some of the people here but , sheesh ! Save your money and buy a dictionary ! <-QUOTE}

It's all about well known naming scheme. AVs got it's name in the virus era (the parasitic ones), but environment changed but name persisted.
Would you rename your "Ferrari 360 Spider" brand to "Ugibuggybrumbrum" ? I guess not.
Same is with AVs. Everyone know that if you want to protect PC you need antivirus. It's a common term.

Ok, lets turn the thing around. Anti-TROJANs also detect spyware, worms and viruses. Wait, you said they are ment just for trojans? Eeeeee wrong.
They should also be called Anti-Malware, but they're not. So who's wrong now? And we again return to well known regular Joe terminology which includes word "antivirus"...

{QUOTE-> I should not be surprised but , I am . What a question . Better yet , where is Happy coming from ? OMG . <-QUOTE}

I didn't expect such an unqualified behavior, especally from you.
You should have noticed that spyware and "border crossing applications" between lets call them good programs and programs which claim to be good but aren't are incrased dramatically in the lets say past 2 years.

There's a huge market open with spyware, adware and lets call it scumware detections. Do you really think that the AV industry would just let it go down the drain and give such parts to much smaller, often with only 3 or 4 persons running companies?

... and for example, the ESET already call its AV as Anti-Threat because it already covers almost all malware...

??? Would any of you agree with my post #10, or am I out to lunch on this thinking?

Thanks
Wildman

I think the responses in this post generally reflect whatever product your using and the ones agreeing with my opinion of what an AV has to do in todays enviroment, appear to have a program that has adapted well to various forms of malware, not just " viruses".It is these defensive responses however that i truly don't understand.I guess if you have some sort of fianancial ties to a product, that would explain it as we all know "Money talks", but i can't comprehend any other reason but your pride being hurt that your using something that's performing not as well as others right now.And continuing to defend and support these AV's in IMHO, won't help them get any better.There is no incentive to adapt until sales take a hit.If they can't adapt like some of the others, then do all computer users a favor and get out of the market.

{QUOTE-> ??? Would any of you agree with my post #10, or am I out to lunch on this thinking? <-QUOTE}
In this area, if a company only try to be good in one type of malware, it will not have any future, because if we already have a very good solutions for the main malware, why buy a program that only protect us agains't one type of threat, and why have a computer with a lot of programs that will only slow down our systems?

The danger of entrusting one App to protect your PC, is that should for any reason it goes down, then you could be in deep poo !

So once again the layered approach is wiser i feel. These days with GHz procs and Gb Ram etc, overhead is just fine. I don't run the fastest etc PC and suffer no ill effects from this approach. In fact i feel safer all round.


StevieO

I also don't like to use an overall program protection, but we could use "some" programs that can protect us for our needs...

I like to have a balance between speed and security, and now I really have it... :D

I don't think anyone is saying to use one program for everything and one program only.I feel that you have to have a strong first line of defense and by strong i mean, very good at different types of malware not just viruses.Then you can add and build around it to help support it.But you have to count on your first line of defense to give you the best protection.If its only good with viruses, then what your actually doing is counting on your 2nd or 3rd level of protection and that is when users find themselves in alot of trouble.

Well now . Since AV programs detect everything nowadays , I think we need to choose the one that detects the most crap . Guess NOD needs to be dumped in favor of KAV . Never thought I would say that but , this is a circus . I choose AV programs based on virus detection and use other programs that SPECIALIZE in other crapware . But , now that you all agree that an AV is not a specialized program , I guess a firewall with KAV and Ewido for backup for crapware and I am set . I never knew I could get rid of all of these programs I use . Wow ! Thanks for the help guys
By the way , maybe you guys need to get all these AV companies to change their genre' . Oh yea . AV is not a genre' . Oops . Sorry

Hollywoodpc

Use whatever setup you want.We don't really care what your using.Just stating that things change and the antivirus landscape has.It was pointed out that viruses aren't the dominant malware right now anyways so your AV's got to be flexible.The setup you listed looks awesome but isn't NOD32 also really good with trojans?.Remember years ago when the weather turned cold, out came the bulky snow tires.Thank god the tire landscape changed too!.

All,
I am all for the AV companies expanding their abilities to cover all the threats, spyware, Trojans, worms, viruses and anything else out there that ruins machines. Then go ahead and change name to Anti-Malware or Anti-Threat.

Just be fast with updates, good at catching and cleaning. An all around Malware destroy app. would suite most just fine the only down side is getting a program that good. They are getting better but still not there.

Also reliance on one secuirty app. to cover all bases....hmm what happens if it fails in some fashion. You have nothing to back it up. No I still believe in the multilayer approach in hopes that there is plenty of overlap, plenty of each security app. venturing into others territory. Sounds like a winner to me.

;D As long as they do not misspell it like I just almost did and call it anti-male-ware :ouch: :D

{QUOTE-> In this area, if a company only try to be good in one type of malware, it will not have any future, because if we already have a very good solutions for the main malware, why buy a program that only protect us agains't one type of threat, and why have a computer with a lot of programs that will only slow down our systems? <-QUOTE}Excellent point. I totally agree. I just do not know when in the future this will be the case. Wildman said seven right. To many IMHO. 1 AV, 1 AT and finally 1 for spyware realtime is best. Some nonrealtime redundance is o. k. too. Not including router and software firewall. This should be plenty for average everyday user. ;)

Hi Mercurie my friend .
@ tobacco : The point is that this has been taken wayyy too far . Every idiot knows that AVs need to detect more than just virii to stay in the game . Problem is , none can do it . i do not care who they are . Since tghat IS a fact , the best thing to do is get an app that specializes . Bottom line is simple . It is exactly what Mercurie said . So why all this about AVs are not just for virii ? Hmmm . NOD is as good at detecting spyware and trojans as they are at detecting virii ? Lol . I do not think so . So , no kiddin . AVs need to detect more than virii . But , they do not do it as well as other apps specializing in a certain field !!! Sheesh

Hollywoodpc

No one here is disputing what you are saying so i don't understand your lastest rant.So i will summarize this thread for you in case you somehow missed the point.Is the layered approach using programs specializing in a certain type of malware the best way to go?.Yes.Are most AV's very good on viruses?.Yes.Are most AV's very good other forms of malware?.No.Are there AV'S that are very good on other forms of malware?.Yes.Does it make more sense to use an AV that is very good on different forms of malware than an AV that is only very good on viruses.Yes.Is there an AV that is better on every form of malware than a stand alone program is with a certain type of malware.No.Are there people who still say an AV can't be held accountable for missing anything but viruses.Yes.In todays market, should an AV be expected to be excellent on viruses and very good with other forms.Yes.Are there AV's that fit this criteria.Yes.Are there AV's that don't fit this criteria.Yes.
So any further responses from you in this thread would make you, hollywoodpc, the only one taking this way too far!.