while VirusBulletin shows a very good record for eTrust (both Vet an InoculateIT engines), other av tests (for example: http://www.virus.gr/english/fullxml/default.asp?id=67&mnu=67) show bad performance for it ::)
what do I believe? ::)

Hi,

Personally, I hardly believe that when CA focuses mainly on business/corporate world (when employee to be forced by policy enforcement) so detecting the real-world threats such as ItW viruses/worms and trojans/spyware that are circulating in the wild are so important more than detecting Zoo malware.

May be the words " less is more " are very appropriate in anti-virus world somewhere. You can see my post here.

http://www.wilderssecurity.com/showthread.php?p=278016#post278016

I don't know what you aim to throw at it, but so far etrust has been pretty reliable at out company. When our signatures are out of date, it's our own mistake (out operators insist on checking the validity of the sigfiles before distributing them ::))

Hi,

Maybe a little off-topic. I am currently using eTrust AV. I have set InoculateIt set as my realtime scanner and VET as my local scanner. Is this the correct setting or should I change this. And for both options: why should I set it like that?
cheers,

Gerard

-{ Quote: "while VirusBulletin shows a very good record for eTrust (both Vet an InoculateIT engines), other av tests (for example: http://www.virus.gr/english/fullxml/default.asp?id=67&mnu=67) show bad performance for it ::)
what do I believe? ::)" }-

Has it served you well minacross over the last few years ? Have you been well protected with your use of e trust promo etc? I know that I never had any infections using e trust promo . And its also one of the lightest / fastest AV Iv ever used . Its daily updates are way faster than any other AV that iv tried

-{ Quote: "Has it served you well minacross over the last few years ? Have you been well protected with your use of e trust promo etc? I know that I never had any infections using e trust promo . And its also one of the lightest / fastest AV Iv ever used . Its daily updates are way faster than any other AV that iv tried" }-
sure, but I am a little bit confused ::)

-{ Quote: "sure, but I am a little bit confused ::)" }-
minacross

Most antivirus companies use Virus Bulletin, West Coast Labs, and ICSA as their official testers.
This is the logo you will see when you go to their site.
I would stick to the professional organizations for virus program opinions on performance.
If an antivirus meets those three organizations standards, it then becomes a matter of which program you like the best and runs well on your machine.
You can get thousands of opinions on Wilders, magazines, etc, on which antivirus is the best.
Find one YOU like, practice safe computing, and have fun.

Virus Bulletin’s February 2004 comparative review of 25 antivirus solutions for Windows NT has earned CA’s market-leading eTrust Antivirus and Vet Anti-Virus solutions its 36th VB100 award. The VB100 logo is awarded to antivirus solutions that have successfully detected 100% of “in-the-wild” viruses and is regarded as an industry mark of excellence. The two recent VB100 awards continues CA’s record of earning more VB100 awards than any other of the other 27 vendors that have participated in this respected and independent review of the capabilities of antivirus products.

View the complete results of the review at Virus Bulletin’s VB100 award website.
http://www.virusbtn.com/vb100/about/index.xml

I used eTrust AV for years. It was reliable and had a very light footprint, but sadly a poor database. I was infected with trojans and didn't even know it. It wasn't until I tried Kaspersky on their 30-day trial that I realized I was infected with malware. I looked up all the trojans, found that they were legit and not false positives, let KAV delete them, and now I got my missing 3.5 Floppy drive icon back and also the PC ran faster.

I like eTrust, but it's just not as good as the competition.

-{ Quote: "I used eTrust AV for years. It was reliable and had a very light footprint, but sadly a poor database. I was infected with trojans and didn't even know it. It wasn't until I tried Kaspersky on their 30-day trial that I realized I was infected with malware. I looked up all the trojans, found that they were legit and not false positives, let KAV delete them, and now I got my missing 3.5 Floppy drive icon back and also the PC ran faster.

I like eTrust, but it's just not as good as the competition." }-

Same story here, I thought I was covered well by ETrust til I got nailed by a few trojans and had to do a reformat of windows. Then I searched and found the good doctor...DrWEB. He's professional but gentle with his patients.
;)

well it is an anti virus . Like most anti virus you maybe should run anti trojan and anti spyware ... an exception here might be for Kav. ( some detections seem to call spyware as trojans also ) . It really depends on your surfing habits mostly , if you are tidy with your mail and sites you frequent . If not then you may need to load up .

Hi Fellow Creatures,
I have been using ETrust on one of my two machines. It replaced NAV 2004. I like it. I understand the Vet Engine is good. I run BoClean to watch for trojans. If AV gets trojans thats great, but I do not want to depend on AVs to get trojans unless they are a top AV in this area. That is what would make NOD a good choice for me too (since I use BoClean). But I understand that KAV is one of the best AV trojan hunters. At least that is what I have learned from my friends here at the Wilders Forest. It is all very early for me yet on this but so far I like ETrust. My 2 cents worth got to fly. ;)

To Ronjor from Firefighter!

> If an antivirus meets those three organizations standards, it then becomes a matter of which program you like the best and runs well on your machine.

Unfortunately these organisations doesn't test the most common nasties, trojan like malware (Backdoor & Trojan, Exploit, TrojanDropper, TrojanDownloader, TrojanSpy etc.), maybe because most companies have hardware firewalls and these tests are mainly targetted to business world. When you choose your av according to these tests mentioned above, you actually miss very important issue as how good protection your av has in real life.

In my experience lately with "TrojanDownloader.JS.IstBar.a", which I picked to my collection two weeks ago, justifies how REAL ITW infections are mainly detected. Actually this nasty was got to my Opera 75 cache from 4 - 8 different sites very popular to teenagers. Last time when I tried to visit these sites, my av was blinking like a christmas tree.

Here are the VirusTotal scanlog made today.

Best regards,
Firefighter!

To Ronjor from Firefighter!

Here is an other log by Jotti's online scan.

Best regards,
Firefighter!

Hi Firefighter,

Please send it to the various companies.
Well, I'm sure you know ;)

Thanks !!!
Best regards, Jan.

Firefighter

Can you point me to link that gives a description of that virus? Thanks.

Edit: It appears NOD added a definition for that file today. 10/27/04

JS/TrojanDownloader.IstBar.A

To FanJ from Firefighter!

Don't spoil my playground. If I'll send all my 3019 infected samples to every av vendor, my tests are going to be like they are in VirusBulletin, everyone knows my samples before the test!!! ;D

Best regards,
Firefighter!

To Ronjor from Firefighter!

All I remember about the site just now is that it was among those numerous crack sites, where I also used to visit to collect new trojan samples.

PS. My TrojanDownloader example was not meant against NOD, actually I have showed the new NOD very good agains't common trojans. See my post 13. in here.

http://www.wilderssecurity.com/showthread.php?t=52016

If I have to mention some products, let's take VET scanner or VirusBuster for instance, both of these have excellent VB 100% record in a row. About VET (eTrust EZ v.7.0), the results you will find from here in post 69.

http://www.wilderssecurity.com/showthread.php?t=51546&page=3&pp=25

About VirusBuster, I finished my scan yesterday. Unfortunately I was not able to get a proper scanlog, so I scanned the main categories separately.

74/185 - Riskware

500/526 - Script like malware

468/1243 - Trojan like malware

924/1060 - Virii as a whole

1966/3014 - Total, where 80 was found by heuristics.

The real number of detectings must be a lot worse than this 1966, because VirusBuster reported that it has scanned 8372 files when there was only 3014 infected archives. From these 8372 files VB reported only 1966 as infected.

Best regards,
Firefighter!

To solarpowered candle from Firefighter!

In these days, when clearly over 90 % of PC users have only Anti-Viruses installed in their PC:s (or nothing!), it is at least expectable that they can cover some 80-85 % of trojan like programs too.

By the way, only some 47.5 % of my samples are trojan like malware or riskware, the rest are classified as viruses. Over 80 % of DrWeb's new signatures are among trojans, so, where the main target even with Anti-Viruses is?

PS. How often people really have got infected with a VIRUS if they were using an updated AV?

Best regards,
Firefighter!

-{ Quote: "To solarpowered candle from Firefighter!



PS. How often people really have got infected with a VIRUS if they were using an updated AV?

Best regards,
Firefighter!" }-

Yea that would be interesting to know .
What I would be interested in, is, how does the kav extendia ( single engine ) compare to the Kav 4.5 or 5 in detection over all ?

To solarpowered candle from Firefighter!

I have tested them all occasionally and it seems that those two or three engined av:s (eXtendia AVK Pro, F-Secure) can beat only a bit (less than 0.5 % overall) the original Kaspersky 4.5 or 5.0 when we are testing not so new nasties without riskware.

When we are testing against all possible nasties including the new one and riskware, I'll bet that KAV 4.5 with _x in the end of update URL:s beats them all over KAV 5.0, because only 4.5 version is able to use the paranoid update settings. Remember that too, the original KAV updates hourly.

Best regards,
Firefighter!

so the conclusion is that EZ is not reliable.......?

To iwod from Firefighter!

It depends the environment where you use eTrust EZ (VET scanner). In corporate use it has pretty good macro detecting rates, 225/236 = 95.3 %. Also Win32 detecting rate was not so bad, 276/316 = 87.3 %.

Best regards,
Firefighter!

-{ Quote: "so the conclusion is that EZ is not reliable.......?" }-
Probably needs some layered help ( an AntiTrojan ) if high risk surfing and it could score better in zoo virus testing.

However, if you are a low risk Home surfer, need protection against ITW malware or require an AV for mainly Corporate use, it is probably a good choice.

-{ Quote: "The real number of detectings must be a lot worse than this 1966, because VirusBuster reported that it has scanned 8372 files when there was only 3014 infected archives. From these 8372 files VB reported only 1966 as infected." }-
Sad to say, I actually bought a license to VBuster, based largely upon its excellent record at Virus Bulletin. I have since learned that high rankings by Virus Bulletin are not nearly so significant as some folks would have us believe.:-\