to avast users: opinion needed

Discussion in 'other anti-virus software' started by minacross, Jan 18, 2003.

Thread Status:
Not open for further replies.
  1. minacross

    minacross Registered Member

    Joined:
    May 12, 2002
    Posts:
    657
    after more than a month from releasing avast4, is it really worth upgrading from version 3 ? o_O
    is ver4 really better than version 3 ? taking into consideration that it does not have an enhanced mode but ver 3 does. :mad: :mad: :mad:
     
  2. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    To minacross from firefighter!

    Avast 4 Pro has enhanced mode and it has script blocking feature too. Avast 4 has totally new kernel with better trojan scannings, so it may have better other scanning skills too than the older 3 version.

    Avast 4 Pro is capable to scan more files than DrWeb from your PC, so it isn't crap either. It is incredible fast with default settings.

    By choosing the high sensitivity from scanning settings, you can get almost twice amount of files default scanned than for example with DrWeb or F-Secure, and very fast too.

    I have ever met faster updater than it has and it can autoupdate too.

    I think Avast 4 Pro is worth of trying! ;)

    Regards,
    Firefighter!
     
  3. minacross

    minacross Registered Member

    Joined:
    May 12, 2002
    Posts:
    657
    this is for the pro version, what about the free one ? ;)
     
  4. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    To minacross from firefighter!

    Avast 4 hasn't script blocker and the enhanced mode is missing too. The scanning skills are the same (excluding scripts).

    Try the Avast 4 Pro as a trial and you will love it.

    Regards,
    Firefighter!
     
  5. For the last month, I have been trialing Avast Pro..on a test computer..

    It is the only other AV product I would consider to replace NOD32 at this point. I am simply waiting for the new beta to become public. I have a problem with the way IMON handles email viruses... It would simply crash my OE program.

    What I was amazed with is the speed they answered my email with! I had a question, in less than 3 hours, BOOM! REPLY!. Will that stay the same? Who knows?

    I would like to see Avast have it's own forum in Wilders. I think it would be beneficial..

    The only thing about Avast is that it tagged some panda def files as viruses, wheras NOD did not. In reality, they were not viruses, but part of the string Panda uses (I was trialing Panda, too... ) So, now... It becomes a matter of opinion.. Is it a virus or isn't it.. Having a script blocker is nice too, for those who don't want to spend money buying Wormguard..
     
  6. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    To Straight Shooter from Firefighter!

    It is very nice to see that someone has also been interested in Avast 4 Pro. Unfortunately I have only two PC:s in my household, so there are limitedly room to great av:s like Avast 4 Pro now.

    I couldn,t load the prog. as a backup. The resident scanner started always after reboot.

    Maybe we have to wait a couple of time, after VB 100% tests have told their opinions about Avast 4 Pro and more important, what AV-test.org will have to say about it later!

    It was interesting, that the former Avast v.3 had won the checkvir.com test in last October with Sophos av. ;)

    Regards,
    Firefighter
     
  7. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Generally spoken each developer is happy if you send such false positives to them, as no serious developer is happy with that happening.
    WG is much more then just another script blocker, as you know by now; visiting the DCS forums and click on the WG name to jump to the specific WG pages with lots of explanation and trial download. It's one of the main protections against worms too, among others.
     
  8. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    SOPHOS antivirus identifies this file as virus CIH.xxx. SOPHOS is the only antivirus that has minimum false positives (SOPHOS has no heuristics).

    Panda contains virus string and it really comes to opinions.



    Technodrome
     
  9. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    To Jooske from Firefighter!

    I am not a spokesman to any AV-developer, but if there is an AV-product that don't make mistakes, so tell me immediately!

    What I am interested in is the statistics made by some independent AV-test organations (VB 100%, AV-test.org, checkvir.com etc.).

    For some reason, I don't know, NOD hasn't been with AV-test.org tests and checvir.com's.

    The only big test outside VB 100% I have read where NOD was within, was at the Technodrome24 site test, and NOD was in the Zoo test 17. from 27. The in the Zoo detection (43 843 viruses etc.) rate was 71.52 %, when it was with F-Secure 99.73 %.

    In the VB 100% tests there are 3 catecories in addition to the in the Wild test, from where I counted some
    2 500...4 250 viruses to detect in each catecory. NOD was suberb in those tests.

    But let's remember, "The truth is out there!". :doubt: :doubt:

    Regards,
    Firefighter
     
  10. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Firefighter, i speak in general terms as well: no matter which company, product, developer, telling them what happens and with which version of them you're working and which version or file of anothes alarmed on and in some cases they might ask you to forward the thing so they can refine their detection on it. I think it's general use on internet, no matter which product.

    For the amount in positive finds in tests it depends on so many factors what and how the test database was made: there have been quite a few discussions about that subject on internet and in forums, as they need to be completely independ, the files to be tested need to come from an independent base, etc. For if i for instance would use my base as a creator (if i was) of course i would find 100% while others might score less on that one, while if another developer sends his base he scores 100% and i probably less, etc etc. Some tests are known to be really good and those are highly valued.
    Maybe viruses are easier to test/detect, i don't know, could be, could be not, i only know there are some developers very specialized in viruses while other developers specialize in trojans or worms; i think these are two very different worlds in fact. And how to deal with trojans/worms dropping uses,.... very complicated.
    We see in the discussions here between the lines lots of differenct methods and pro's and contra's, what the one is able to and what the other, so reading around here longer time makes clear we might best install one main or maybe resident scanner or defence in the background and another one with other detection methods beside it or to use manually frequently in between.
    Of course we need to cover all areas of viruses, worms, trojans, ways of scanning with and without heuristics and generics, sleeping or life nasties, in archives and outside, the many packages used to hide or compress them, etc.
    That's why i think it's good to read those discussions too to see the differences and which would possibly complete our defence arsenal best.
     
  11. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Fighter,

    Reason is: they choose not to test. Andreas Marx(av-test.org) might do so in the future. Personally, I don't believe checkvir is in the same category - far from that.

    I do wonder about your interest in regard to "zoo" - as you are surely aware, these are not in the wild - thus, what's your concern?

    Indeed it is...

    regards.

    paul
     
  12. FYI...

    I did submit the files.. The developer of Avast! emailed me promptly with a polite email. I believe his belief is that because of the string, it may not be the virus actually but detecting the string itself is part of the anti viruses job. Me? My belief? Well, I am not qualified, but if all it takes is to hit the delete button to remove a virul string, as a user, I would prefer that. Others don't agree, and I can see their point, too..The developer can make his comments here, I saw him enter posts here at wilders before...
     
  13. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    To Forum Administrator from Firefighter!

    I understand that in the Zoo test hasn't so much importance when we are comparing different AV:s, but it may be the last point of view, when we are picking the pearls among the good ones!

    Regards,
    Firefighter!
     
  14. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    To each his own - personally, I'd rather focus on the main performances - as for AVs: ITW virus detection rate and cleaning rate. VBulletin tests speak for themselves in this context, as you rightly pointed out.

    regards.

    paul
     
  15. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    To Forum Administrator from Firefighter!

    I think the whole matter (in the Zoo capability) is not even clear to AV-developers, because there is so wide (at least 3x) volatility between different AV:s virus bases.


    Regards,
    Firefighter!
     
  16. Smokey

    Smokey Registered Member

    Joined:
    Apr 1, 2002
    Posts:
    1,513
    Location:
    Annie's Pub
    Hi FireFighter!

    Have tested avast!4 Pro two weeks, and I'm not satisfied.

    To many false alarms when it checks inbound mail (Outlook XP).

    Have changed the sensitivity of the email-scanner, first from high in low, then from low in custom, and still the same false alarms!

    In checking outbound mail+attachment avast! freezes complete Outlook XP.

    Further several bugs in the configuration of the program.

    I think avast! is a good virusscanner, but there is still a lot to do in development/improvement!
     
  17. vlk

    vlk AV Expert

    Joined:
    Dec 26, 2002
    Posts:
    610
    Hi, could you please drop me an e-mail and be more specific about the issues you're describing (and maybe attach one or two of the e-mails that triggered (according to you, incorrectly) an alarm)...

    I'm sure we can sort this problem out...we're open to any suggestions/recommendations you might have... ;)

    Thanks!
     
  18. Smokey

    Smokey Registered Member

    Joined:
    Apr 1, 2002
    Posts:
    1,513
    Location:
    Annie's Pub
    Hi Ondrej!

    Have send you an email which triggered one of the false alarms.

    Are still not ready with testing avast!4 Pro, for a reliable testresult I need more time including discovering (possible) bugs, but because I'm a very busy person...

    BTW: I know no virusprogram that is 100% bugfree, so avast! is no (negative) exception.

    Very positive is the fast reaction of your company problems avast! concerning, other companies can learn from that attitude!
     
  19. JayK

    JayK Poster

    Joined:
    Dec 27, 2002
    Posts:
    619
    I like the option to use AVAST as a backup, and I figured out how to close down the various components in AVAST,

    However, it still insists on scanning on bootup . How do I stop this?

    PS AVAST is good, I'm considering using it exclusively as a on-access scanner..maybe
     
  20. minacross

    minacross Registered Member

    Joined:
    May 12, 2002
    Posts:
    657
    is this a false positive? the file is downloaded in year 2000 from www.avp.com ( now www.kaspersky.com).
    I uninstalled the program and my startup menu still contains the file AshMaiSv


    note: I sent an e-mail today to alwil support and to vlk regarding this matter, hope to receive a reply soon.. :)
     

    Attached Files:

  21. minacross

    minacross Registered Member

    Joined:
    May 12, 2002
    Posts:
    657
    a snap shot from startup control panel ... o_O
     

    Attached Files:

  22. minacross

    minacross Registered Member

    Joined:
    May 12, 2002
    Posts:
    657
    Dear Mina,
    yes, it is a false alarm. BV:Mi [Trj] is a "Batch Virus", ms-dos script code readable for
    humans. There is a part of the code in this file, mentioned as an example, and Avast
    finds it. There is no way to run the code because the file has not proper format for ms-
    dos scripts.
    We are not going to repair this false alarm. The "BV" viruses are quite rare and
    obsolete now, the file contains an example of genuine viral code, it isn't widespread and
    it cannot be infected. Please include the file to the "exceptions from scanning list" to
    avoid the false alarm in the future.

    Sincerely

    Karel Divis
    Virus analyst
    Alwil software
     
Loading...
Thread Status:
Not open for further replies.