free AV

Discussion in 'other anti-virus software' started by Mina Guindy, Jul 20, 2002.

Thread Status:
Not open for further replies.
  1. Mina Guindy

    Mina Guindy Guest

    based of AV scanners tests, which is better
    Avast32 or Antivir PE?
    also why Antivir Pe does not like script sentryo_O!!
    when i start a manual scan (while doind the pre-scan tests) it tells me that a registry key was found (Script sentry reg. key) and if it caused problems i have to send the program log file to ur company !!!!
     
  2. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    Mina - Sorry, don't have any actual experience with either, but based on what I've heard in different places, I'd give Avast a try, especially given Antivir's proclivity to choke on SS's registry key on your machine (can't you get it to ignore that particular hit? You know, 'exclude' it? ). Pete
     
  3. mozar

    mozar Guest

    Try AVG, also free WWW.GRISOFT.COM
     
  4. wizard

    wizard Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    818
    Location:
    Europe - Germany - Duesseldorf
    Both are not good. F-Prot for DOS might be a good choice but is less comfortable to use.

    wizard
     
  5. Mina Guindy

    Mina Guindy Guest

    kindly check: http://www.virusbtn.com/vb100/archives/tests.xml?200206)

    avg is not that good at tests, i need a good free AV the has some kind of a background protection (like NAV's autoprotect)

    thanx
     
  6. crockett

    crockett Registered Member

    Joined:
    Jul 15, 2002
    Posts:
    333
    Hello; I just checked the virusbtn site. Seems very good, despite the fact that the only tests regarding free-av I managed to find are dating way back in the past ! Those 1998 tests were failed, and no other new tetsing was ever done on free-av. That seems a little odd to me, because I think any opinion that has to be drawn today should be drawn following presently valid testing.

    I 've recently been using free-av a while in an attempt to draw some personal opinion by myself. It did a very fine job, and intercepted some viruses I had rather not have on my machine. Furthermora, the guys at free-av are updating their product (not only signatures, but also engine) on a very regular basis and rapid clip.

    Couldn't find any information on f-prot for dos on virusbtn either...

    Rgds, Crockett
     
  7. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    crockett - Welcome to the forum.

    I'm a little confused here (my normal state of affairs :D ).

    Is there a program named "FreeAV"?

    How about a link to whatever program you're actually talking about? Pete
     
  8. crockett

    crockett Registered Member

    Joined:
    Jul 15, 2002
    Posts:
    333
    Hi Pete, thanks for the welcome.

    You're right, I should be a little more clearer. The program I'm referring to is actually AntiVir Personal Edition, which can be downloaded free from www.free-av.com.

    I guess this anti-virus stuff is gonna last forever, each of us preferring one over the other... Unless some developer comes along with a new 'ultimate' software which would be as efficient as well tolerated by computers...

    Can't wait to see that...
     
  9. YODA

    YODA Registered Member

    Joined:
    Jul 15, 2002
    Posts:
    100
  10. wizard

    wizard Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    818
    Location:
    Europe - Germany - Duesseldorf
    AntiVirPE is known for false positives. Also when I look through the list of detected viruses I found out that AntiVirPE is detecting viruses that do not exists. It is more or less good in detecting simple malware. But with complex polymorphic or even metamorphic malware AntiVirPE is very weak.

    wizard
     
  11. crockett

    crockett Registered Member

    Joined:
    Jul 15, 2002
    Posts:
    333
    Hi;
    Correcting sthg I wrote earlier, i.e. that f-prot was not to be found on www.virusbtn.com. It is to be looked after under Frisk, the company now owning the product, I guess. BUT, nothing seems to be mentioning that the products f-prot and f-prot for DOS are to be regarded similar in kind or performance...!?

    So I'm not sure the conclusions drawn as regards f-prot are the same to be drawn for f-prot for DOS.

    The f-prot recent results reported by virusbtn don't seem very impressive indeed. So I'm not sure what to think about all this.

    Think I'll sleep on it . :)
     
  12. DrSeltsam

    DrSeltsam Guest

    >AntiVirPE is known for false positives.

    In the last 2 month i didn't see a false positive anywhere.

    >Also when I look through the list of detected viruses I found out that AntiVirPE is detecting viruses that do
    >not exists.

    How did you verified this statement?

    >It is more or less good in detecting simple malware.
    >But with complex polymorphic

    They had some problems with magistr but they changed there emulation. Its much better now and some complex polymorphic worms aren't an issue now.

    >even metamorphic malware AntiVirPE is very weak.

    Metamorphic viruses are a problem for all anti virus scanners for kaspersky and nod32, too.
     
  13. wizard

    wizard Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    818
    Location:
    Europe - Germany - Duesseldorf
    I have look in their list of detected malware. There are some viruses where only one variant is existing and AntiVirPE claims to detect two or more variants.

    And for Magistr.b it took them more than 14 days to deliver an update that was detecting the worm correct. Do you really think AntiVirPE uses emulation techniques? I do not think so but this is my personal experience. BTW I think your new company has a realationship with theses AntiVirPE guys. So no wonder that you are not talking anything bad about the software. ;)

    wizard
     
  14. DrSeltsam

    DrSeltsam Guest

    >I have look in their list of detected malware. There are some viruses where only one variant is existing and
    >AntiVirPE claims to detect two or more variants.

    *lol* ... . H+BEDV is specialised in removing malware. Therefore its neccessary to detect every variant to clean in 100% correctly. If there is a worm and there are 2 versions which differ in only one byte bigger av companies will only add 1 signature for both. But cause AntiVir needs this variant detection they will add 2 signatures to clean them correctly. Its neccessary for them :eek:).

    >And for Magistr.b it took them more than 14 days to deliver an update that was detecting the worm
    >correct.

    Yes, they had to improver their emulation.

    >Do you really think AntiVirPE uses emulation techniques? I do not think so but this is my personal
    >experience.

    EVERY av programm HAS to use emulation if they want to find polymorphic viruses.

    >BTW I think your new company has a realationship with theses AntiVirPE guys. So no wonder that you are
    >not talking anything bad about the software. ;)

    No we don't. Its the same realationship like to eset, kaspersky, norton, mcafee and co :eek:). And by the way:

    Tjark Auerbach (owner of H+BEDV) adviced my boss to fire me cause i said something against AntiVir in the AntiVir forum *g*.
     
  15. wizard

    wizard Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    818
    Location:
    Europe - Germany - Duesseldorf
    That is the way it should work but as I know at least one program (it is a trojan scanner) which works differently in this case and I highly suspect AntiVirPE to do the same. But if you say AntiVirPE is using emulation techniques that might be right.

    I still have my problem with AntiVirPE. From all programs I have tested over the last years AntiVirPE left the badest impression.

    wizard
     
  16. DrSeltsam

    DrSeltsam Guest

    >That is the way it should work but as I know at least one program (it is a trojan scanner) which works

    Which trojan scanner? :eek:)

    >differently in this case and I highly suspect AntiVirPE to do the same. But if you say AntiVirPE is using
    >emulation techniques that might be right.

    No - its impossible to find polymorphic viruses at level 5 or 6 without emulation. And AntiVir catches that viruses defnitly.

    >I still have my problem with AntiVirPE. From all programs I have tested over the last years AntiVirPE left the
    >badest impression.

    Did you ever try IKARUS? *g* If you want i will send you a registered version for free.
     
  17. controler

    controler Guest

    "Did you ever try IKARUS? *g* If you want i will send you a registered version for free."

    Yes I will take a registered version for free....

    Thank You very much :D
     
  18. DrSeltsam

    DrSeltsam Guest

    this was an offer for wizard only ;o).
     
  19. wizard

    wizard Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    818
    Location:
    Europe - Germany - Duesseldorf
    You really do not want to now that. :) But I tell you the method. Simply create a lot of variants and than add them as signature. You won't get 100% detection but at least you can claim to detect the polymorphic worm. ;)

    We will see. I planed a test with polymorphic and metamorphic viruses for a long time but it will come and it would be fun. I expect many programs to fail (not even AntiVirPE). ;)

    Ikarus I never tested. Never found the program worth to take a closer look at it. But maybe I should do now - just to see if you are doing your job right. :D

    wizard
     
  20. DrSeltsam

    DrSeltsam Guest

    Hehe :eek:). I can't influence the T2 Engine. I only did GUI programming and analysis ;o).
     
  21. wizard

    wizard Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    818
    Location:
    Europe - Germany - Duesseldorf
    But Ikarus is also selling AntiVir or am I wrong? ;)

    wizard
     
  22. DrSeltsam

    DrSeltsam Guest

    nope - only antivir for novell server and nvc for os/2 and exchange server, cause we didn't have own products in this areas.
     
  23. wizard

    wizard Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    818
    Location:
    Europe - Germany - Duesseldorf
    Couldn't you sell something better? ;)

    wizard
     
  24. controler

    controler Guest

    No problem, I can take a hint... :p
     
  25. DrSeltsam

    DrSeltsam Guest

    >Couldn't you sell something better? ;)

    Support ist much more important for firms. So we sell products from LOCAL producers or from producers that have LOCAL settlements.
     
Loading...
Thread Status:
Not open for further replies.