puzzled over all the AV's

So just install it without iStreams, it as simple as unchecking one box during the install.

 

Hi Don,

I believe you are referring to 5.0 Personal, because unless KAV Pro has changed in the last few weeks, there is still no option during the install procedure to suppress iStreams (ADS). Because of this, ADS are immediately added to all system files (and other files) when KAV is first executed, and I found it impossible to completely remove them. (I eventually did an image restore).

If Pro has changed over the last few weeks, and now has this option, I stand corrected. But users should not begin the installation of 5.0 Pro thinking that they will have this option and then be caught flat-footed.

If I am incorrect, I will delete this message, since I do not want to leave wrong information on this forum.

Rich

 

For those interested. Keith2468, did a very good (balanced, IMO) post at the Kaspersky forum: http://forum.kaspersky.com/index.php?showtopic=60&hl= (post #5).

I have copied/pasted the post for those who do not wish to go through the entire thread.

 

You are absolutely correct, Rich. I thought we were talking about Personal, i'm missed the Pro part. In pro they can be disabled in the options after installation.

 

Hi Don,

Thanks for the confirmation.

I agree that Keith gives an overall good description of the issues. However, my own conclusion is this:

I do not see any security benefit to ADS, yet I do see it introduce many security problems. It is true, that Kaspersky developers could not forsee all of these problems (and probably more to come), which is precisely why, from an engineering point of view, they should not have been ever introduced. (The "law of unintended consequences).

For example, Prevx is designed to monitor changes to the system files. This facility is rendered useless since KAV is constantly changing these files. In the same way that AV/AT/AS products, that try to monitor ADS files are tasked with the new problem of monitoring 10s of thousands new such files by KAV. Does it, in anyway, increase the security of a system, by stressing the abilities of other anti-malware programs?

I believe that Kaspersky was very short-sighted with its 5.0 release. The use of ADS was presumptious on their part. Their inability to come up with a cohesive design that makes sense and is consistent between different versions (e.g. Personal and Pro) makes 5.0 even more problematic. Possibly the latest MP3 release of Personal addresses many of the issues, but I personally do not see enough advantages (or any for that matter) of 5.0 over 4.5 to encourage users to choose this version. (I would like to see Kaspersky create such a list of advantages).

In the meantime, the fact remains, that whenever I have to help a friend clean a system, I always go right to KAV 4.5 as the software of choice. It will inevitably find malicious malware that the primary AV on the system missed. I have found its anti-virus, anti-trojan, anti-spyware capabilities to be the best of any products that I have tried. So despite, my misgivings with 5.0, I am really happy with KAV and most highly recommend it to all of my friends who are seeking better protection and I am personally looking forward to KAV 6.0 which seems to be loaded with enhancements that will greatly benefit users such as myself.

Rich

 

lifelongvagabond ,
give NOD a chance. Smt tells me that already u use it

 

Try AntiVir if you don't mind long update files (about 2,5 MB).It's the lightest in resources and best in detection among the free avs.Avast comes close second.Personally i use AVG (3rd),but i have other security layers and many on demand scanners

 

Hi Rich, I know that we have discussed this before, but one point that is not clear in my mind. Are you saying that any ADS is dangerous or only ADS used by KAV. It is not uncommon for .jpg and .pdf files to have ADS attached to them which are not created by KAV. I have 100's on them on my HD.

If any ADS is dangerous then surely this is more of a MS problem. If one is to tell a user to use an ADS remover other than Kaspersky's, it will strip out every ADS on the drive (provided the file is not locked). What happens to the data stored in the ADS by other files.

I am not trying to be difficult, I am just trying to clarify the difference in my own mind.

Also, if one has FAT32 rather than NTFS, then there are no ADS to worry about.

Dick

 

Hi Dick,

What I am basically saying is this:

ADS is another place for malware to hide. This is why anti-malware programs scan them. By unnecessarily creating 10s of thousands of ADS on an NTFS file system, KAV exassperates this problem and makes the whole problem of "monitoring ADS" more difficult - with, as far as I can tell, no security advantages.

I know that Thunderbird uses ADS. Since I rarely use Thunderbird, this is not an issue for me, but even if I did use Thunderbird, the amount of ADS that was created would be small enough to be manageable. Ditto for thumbnail files. It is one thing to be confronted with 6 ADS when I do a TDS-3 scan. It is an entirely different problem when I am confronted with 10s of thousands of varying sizes. What do I do? Ignore them? If I do, then I leave "unscanned holes" in my security scan - which to my mind is a big problem. It is not what I feel a "complete system scan" is all about.

So given that I have the choice of using KAV ADS on my system, and not using them, I have chosen to not use them. It makes it easier on my other security programs and it makes it easier on myself. Why make my life more difficult if I do not have to?

I hope this explains my own attitude towards ADS.

Rich

 

Thanks Rich, that clarifies it nicely.

Dick

 

KAV is nice, and if it's running fine on your computer be happy You might take a look at BitDefender as well, their detection is greatly improved and their unpacker is great too... The price is better then Kaspersky imho

 

I don't count trojans and cookies as something to compare AV programs with. For one thing..just because "Brand A" antivirus finds a couple of cookies and decides to call them trojans whereas 25 other antivirus programs don't even care about them...the misinformantion that many people tend to follow is "Oh, brand A must be better because it found 2 things it labeled as trojans, and the others didn't." The guys who do definitions at one antivirus company decide to call this file a trojan, where all other antivirus definition guys don't even give a rats butt about it because it's just a garbage file. That's the kind of thing that virus.gr did in his comparison. A lot of useless "who the heck cares" files.

Same thing with some malware removal programs..people will run a scan, 53 files found, where malware program B didn't find as many. Well...sometimes you have to step back to 10,000 feet and look at what you have. You'll see such useless things as "A log file containing the history of the past 23 adobe acrobat PDF files" labeled as a potentially bad file! OMG...I'd better format C and change all my passwords now!

IMO, programs have been getting too overzealous in labeling some completely "who the heck cares" files as being bad. People tend to focus too much on the "How many files are in the results of a scan" instead of "OK, what files did it actually find, and what are they exactly". 53 tracking cookies! Oh nozers! What do I do now? Has the term "cookies" gotten so blown and overhyped out of proportion that people A) Forgot what they actually are, and B) [here's the important part] forgotten that since before Internet Explorer 4 they could easily..EASILY..empty cookies all on their own (yes..built into Windows), without any 3rd party AV or malware removal program to scare and alarm the pants off of them?

Now I'm not knocking KAV, because it's a great AV program, has been for a long time. But I think things have been getting too overhyped lately, people are forgetting to step back and analyze the picture, peeps are getting too focused on the rat race of "Which products produces the highest numbers in its scan".

To answer the original posters question, I'd go with AVG free...if you insist on a free program. I'm a bit more fond of it than Avast.

If you wouldn't mind spending a little bit...NOD32 is my fave. Only 39 bucks/year. IMO as effective as KAV in detection (KAV detects more stuff, as noted above, but IMO the "stuff that counts"..NOD is neck and neck with it...flawless). And NOD is very lightweight and fast.

 

@YeOldeStonecat, I agree 110%

 

If I have to recommend a "who the heck cares" product to my friend vs. one that "cares the heck", I'll recommend the "cares the heck" product, for two reasons:

1) It will save me lots of time (less of my time cleaning up)
2) It will make his/her financial and personal information more secure

My friends are more than willing to spend $35 to keep their computer clean. Others, as always, may have a different point of view.

Rich

 

After the first six lines, you kind of knew this would end with a Nod-advert

 

I though even Quickheal would apply - they do push the fact that they are not anti-trojan.

They advertise as Anti-Adware, Anti-Spyware, Anti-Riskware, Anti-Virus, but NOT Anti-Trojan.

But thats one good guess you made, especially after reading the first few lines. I didn't bother reading it, cause reading the first line itself, I kinda knew what was trying to be said. No offense meant to anyone. Peace

 

Every Once in a while things change.

I used to have Mcafee for free (corporate liscence), on Win98 64 megs forget it, I turned it off and scanned for viruses once a month. On XP it was a pig. I lost my job. When it came time for me to pay for a renewal, the stupid thing became like spyware. It would popup a message 8 times a day, to update. The uninstall was terrible, it kept running spyware style ads. I had to search the registry and hard drive for reminents. Philosophically it was repugnant, but I didn't care, it ran like a pig so I wanted something new. So I went researching.

I start using Avast and AVG.

AVG one out because Avast was slowing my machine down. I had the old AVG 6 for over a year. Recently AVG free, changed to provide higher protection including scanning email. AVG 7's speed and demands on Memory increased, and made it a little less desireable. However on 3 out of 3 machines where I installed it, it got way out of date, there were problems with the updates. Because of AVG's problems with updates I have uninstalled it. Win98 64 meg forget it, I had to shut off parts of the program.

Recently AVAST changed as well, increasing the number of ways that it scans and protects you. Both the old version and the new version picked up email viruses that the new AVG scanner could not pick up. Avasts update in the latest version was very slick. Avast is even harder on resources/performance than the new Version of AVG. My fast machine was incredibly slow to start up. Much like what Mcafee did to my system. After a run of about 6 weeks on my faster machine. I have moved on to AntiVir. On Win98 64 megs forget it.
If you have a fast machine Avast is totally cool, but my laptop at 2.5 years old is not quite fast enough. The detection rate is good but not the best, but the software inspires confidence.

AntiVir doesn't scan email. It is fast and small, and does on access scanning for files being read or written and as I understand it has the best detection rate of the 3. Since I live in North America, and I am on broadband I don't have an issue with the updates, so far they are always working. I am still having a problem with scheduling through windows scheduler, because it always asks me to start the update. Help anyone I don't want to use the Antivir scheduler as that's just one more extra program, and I already have the Window Scheduler running. On Win98 64 megs Yes Yes Yes AV baby where have you been all my life.

My own research on the net has lead me to the conclusion that NOD32 is the best AV available today. Kasper or KAV as it's called, is not the best, there is a lot of sales hype around it in my understanding, and it is in the top 4. I have looked at many sites and ratings. On everything up to this point I feel strongly but on my next point I could remember incorrectly. I think when I checked the price that the KAV was more expensive to keep up to date than NOD, and perhaps the initial cost of KAV is more as well. KAV is sometines described as geared to more techinical people, and I think that inspires confidence in the product, but detection is the bottom line for an AV not the interface or features.

To sum up, in my opinion, if you go free, I would suggest Avast or Antivir for a fast machine, and AntiVir all the way if you find Avast too slow. You must consider dialup as an issue for AntiVir. There is one more free one out there that I haven't tried, I think it is not as serious a contender however. If you are going to pay, have an expenive machine,really important processes running or data and/or you want the best. NOD32. Good support as well. You still may want to scan only with a different AV, but only one can be running at the same time.

When things change, perhaps AVG correct the update problem and then AVG will get back in the running, but not on my slow machines. My final word Just say no to Norton and Mcafee, bloatware.

 

Just subscribing, to the thread. Did my post sound like a NOD ad. NOD got the NOD as the best, but, my machine doesn't really need the best, and my pay check isn't regular, so I'm a go free guy. Maybe some day I'll learn my lesson and pay again.

 

Hi,

"My own research on the net has lead me to the conclusion that NOD32 is the best AV available today."

While I have a very high opinion of NOD32's heuristics, my own research (e.g. tests, my own experiences, architectural information, database composition) led me to a completely different conclusion. I would be interested in what information/sources you found on the Internet that led you to the conclusion that NOD32 has better scan/detection/cleaning capabilities than KAV. Thanks for the references.

Rich

 

Long live Trend Micro has firewall..all in it!!... set leave?? not 1 virus to date? Combined with Trojan hunter active gaurd..!! What more duz one want?... I uninstalled nod32 today cuz i just Love trend..and Nod32 was finding false positives a few times..!!! I've been browsing now 3yrs and perhaps in that time..1 trojan or 2 b4 i used trojan gaurd..thats pretty good for Trend Imho...

Only other one I've used is Norton and well lol..a joke..cuz when i went over to t trend. it found 10 or so norton missed...LONG LIVE TREND !!! sorry.well and truely convinced..and i do value all ur opinions...MD

spyware seems a bigger problem !!

 

Best free anti-virus is Clam

 

Yeah I chose NOD as my VAR reselling product..but I still always will say that "There are a growing number of great products out there". As long as you use a product that's very well rated..you're fine. Wether it's NOD32, or AVG, or KAV, or..(in the business environment only) Symantec Corporate Edition. Note that I separate that, because most home users cannot afford Symantec CE/SBE since the minimum CALs is 5. It's cost prohibitive for the home user with <5 computers.

It's outside the scope of this thread, but over a year ago, when I was searching for another product to fit the bill outside of Symantec CE/SBE jobs...I was looking around comparing KAV and AVG, at the time I made a decision to become an NOD32 reseller. I chose something that in my opinion was in the top 3 AV products, and I had other variables to consider. I don't subscribe to the typical persons approach of "My AV is best, yours sucks". I subscribe to the approach "There are several very good AV products out there...the best choice for you may depend on your situation/environment/needs of your computer".

My initial point, reworded a bit..I try to look at the picture more in separating virus/worm, from trojan. The term "Trojan" is getting used too loosely, I mean..when it comes to the point of simple cookies getting labeled as a trojan...comon now! Cookies were always manageble from within Windows, you don't need some 3rd party AV or spyware program to remove those. Some products out there are getting too caught up in the rat race to win over customers..by having their scans end up with the highest numbers...no matter what the files were that sums up to produce those numbers. Gives the naive end users a sense of "Wow, Produce A told me that I had 3,453 bad guys on my computer, and Product B told me that I only had 643 bad files on my computer...therefore Product A must be better!" That's somewhat of the approach virus.gr tests did...without actually looking at what those 2,810 files really were (the difference in 3,452 and 643)...by actually validating what they were.

 

Hi,

"As long as you use a product that's very well rated..you're fine."

Unfortuantely, this was not the case for my friend. A couple of bad pieces of malware got past Trend Micro, and made her system unusable. As a result, it cost me tons of time to clean the machine.

As for the cookies - she had no idea. What then? Not everyone spends their days on Wilders learning about all of the threats. It is not because she doesn't care - she doesn't know. She thought that by choosing one of the "top-rated AVs" she was fine. She was misled.

What I told her was that she needs really hardened defenses and that she needs to pay attention nowadays. The old advice of choosing any ole AV just isn't good enough nowadays. Sooner or later some nasty will get through. And you don't have to be unlucky. It has become the norm. That is the reality of the situation that I learned a year ago - and that she has just learned. My recommendations reflect this reality. Not just one of the best - but the best that she can find and then some, i.e. layered protection.

Rich

 

are u too sure about this??or is it the reverse??
detection wise kav is the king.no 1.thats the opinion of many people around here and in any other forum in the internet..and thats proven too..people may say many things against it like it detects garbage and so on..that may or may not be true,but in overall malware detection kav is in first place.
version 4.5 of the kav,and nod itself can be said to be geared to more technical people,when looked thru the perspective of a complete computer novice..
and ofcourse resource usage ,heuristics,and stability, nod is the king..

 

NOD is a good AV, but there is always going to be a very high noise level in NOD's favor around here because the support board is also located here. Perhaps a higher noise level than it really deserves.