Avast Fail a simple test review

Avast has been tested & re-tested & re-tested for literally years & years, by pros with malware databases in the multiple thousands. Then along comes an amateur with a 5-item test-basis, and we are to decide Avast is going downhill? Good grief!

You want to see TAV tested by a non-professional with a miniscule malware database? Whatever for?

Hey, this sort of stuff is good fun to read, but any IT who based a buy/non-buy decision on this sort of thing would place his job in serious jeopardy. In any event, the only test data that have any real value are produced by COMPARATIVE tests of several SIMILAR security applications, using a LARGE database of contemporary REAL, in-the-wild malware. Anything else is mere fluff.

 

Avast! by Alwil is a very strong AV but you must remember that talented programmer students worldwide as well as seasoned ones are always out to detect shifts in certain AV patterns they can claim as success in exploiting known first as Proof-of-concept by some and actually released as a disruptor by the others.

The end user gets throwed off balance by these but IMO they serve also to make AV programmer teams take notice and work even more diligently to plug those holes. I don't know of any AV that is 100% untouchable by any stretch at some point in time, thats why it's always a good idea to keep on hand and use other security programs like Behavior Blockers (Mine is MAMUTU) for one and a very reliable HIPS unless it's built into your AV of choice and is proven itself worthy of confidence.

EASTER

 

No need to hit the 'panic' button or calling out, 'the whole sky is falling'.

Regarding avast!, an infected user would either be encouraged to perform a boot scan to pick up the file, or seek further support. eg. post on the avast forum, and have the problem file identified.

Hey, they might even be recommended to install something simple, like a-squared's hijackfree, see all running processes, or ports, identify the problem, and then kill and delete the problem file, all done!

No AV program is 100 per cent effective, if you find it, let us all know!

Regarding HIPS, or sandboxed programs, yes by far they are more effective, but then you have the same problem with a novice user having difficulty using the program. For example, shutting down/quarantining a legitimate system process, or complaining, 'where did my important file go that I downloaded? I downloaded file from email, deleted email, and now file is gone. I'm screwed!' (sandbox program either rolled-back/or deleted contents).

 

This case is not for my software, definitely.

 

Hehehe... Good for you man. (I'm not being sarcastic either).

 

If sandboxie isn't setup to recover the same path as the browser download folder, a file may be lost. It was only until recently, sandboxie addressed IE downloads, as on some occasions I had to manually look through the sandboxed contents and find the file I wanted to keep.

Ilya, by default, DefenseWall keeps all changes and files which is great. And by default, with no user interaction, your program is rock-solid and better than an AV.

But with every program, you'll have the odd occasion, a novice say attempt to change settings they shouldn't. For example, perform a roll-back (which they shouldn't do), without realising anything downloaded will disappear. But as I mentioned, by default, your program won't cause a user any concern.

I think my point is, AV programs are intended to be simple, and straight-forward and cater to all everyday users. For most users, they do a good job. But for those who browse around a little deeper, visit unknown sites, download suspect files, run unknown files prompted in the browser for no reason, they aren't going to provide bullet-proof protection.

 

Avast is fine for a second or third opinion (using on-demand scans), but it shouldn't be used in the real world since it has no HEURISTIC engine. These days threats are released every second (forget zero-day).

Would you install an antivirus with no heuristic engine for clients that you want to keep for life? I don't think so. I'd have a lot of angry infected users and in the end they would lose trust in my ability to protect their family PC's.

 

Agreed. I run DefenseWall and haven't seen anything like that.

 

But then again also heuristics cant keep up with "zero second" malware, thats y most vendors offer different types of protection technology in 1 package to provide a descent defense. Its up to the users not top depend solely on 1 penetrable solution.

 

i think that antivirus is a thing of the past,dont get me wrong but proactive is the way to go smell the coffee and get real ,how many times people get their antivirus up to date and still get infected?i havent use any antivirus/antispyware for 2 years already without a scratch then again
open your eyes proactive is the way to go admited

 

Yup, very true. HIPS and Sandboxing are the future.

 

Agreed. I stopped running AV on our PC's at home once I discovered DefenseWall (sandboxing).

 

cool well they can be use as a second opinion(on demand scanning) antivirus detect malware for me not satisfy to detect,prevent make me more satisfy prevention is better than the cure
note:i am watching the avira video

 

The average Family ,I would have to say wouldn't have other means of security other then Antivirus or a suite.Heuristics or not if you have bad habbits or just careless or perhaps think your beyond infection because the guy down the street told me that X has the best detection in the world because its heuristics are the best and testing labs say so.I say best wishes to them. That said, I have used avast for yrs,and had 1 infection while using Avast, but avast nailed it on a boot scan.Avast can be a very effective weapon in the right hands.Example my Neice's husbands computer is a mess it will not even run.I can recommend Him the products we see and use in here and He would probably still turn it to ****,Because his habbits are extremley bad on a computer he visits every adult site one could imagine and downloads everything under the sun,beside the fact he would disable anything blocking his way.

 

Why does it have no heuristic engine?

 

i know it has a behaviour blocker built in

 

does the professional version have heur?

 

I don't think so.

 

That topic is starting to loose any sense(if it ever made any).Yea it missed a rootkit out of the hundreads created every day...And please do not tell me it should have caught it with heuristics..please,we are still in the age that Rustoc variants are being chopped up and carved and still less than 5 AV's effeciently prevent it.Please,there is more than 1% chance one will not even wake to see another day,so much for missing a sample.

 

I may be wrong but I believe avast does use heuristic for email only and VDB for its resident shields.

 

as RejZoR noted..

 

A- I am not now a user of Avast, nor am I a particular fan. However, it chills me to witness what amounts to character assassination of a good AV by a self-proclaimed "tester" who lacks even proper use of terminology and evidently hasn't explored Avast's structure or track record deeply enough.

B- When assessing whether *someone* can effectively perform a particular job, it is just plain silliness to base one's conclusions on whether or not that *someone* uses a particular tool to do that job.

B1- One should assess the effectiveness of the job done (in this case, Proactive protection) rather than simply the presence or absence of a particular tool (in this case, heuristics -- concerning which, I strongly recommend reading THIS link and then THAT link).

B2- For example, if looking for a contractor to build you a home, a wise shopper would not reach a decision by asking the contractor, "By the way, do you have a hammer?" Instead, I would hope that a wise shopper would mainly concentrate on looking at the quality of the homes that the contractor has actually built.

C- Thus, it would make sense to review VALID tests, by QUALIFIED testers, when assessing Avast's proactive proficiency, rather than simply implying that Avast is only of 2nd-or-3rd-opinion value because they do not use a particular tool someone read about somewhere. And there ARE many tests which cover Avast. A few examples...

C1- AV-Comp's Retrospective/Proactive Tests - comparatives numbered 2,4,6,8,10,12,14,16,18,20

C2- here

C3- & here

D- In most of the proactive tests cited above, Avast usually ranks in the mid-portion of the top tier of Avs. How do they do it?

D1- Avast's standard shield includes some behavior blocker options/capabilities. (By the way, Avast does use heuristics for its email module.)

D2- Avast utilizes a very aggressive generic detection algorithm.

D3- And what else? I do not know. It seems evident, however, that Avact uses something that is doing a job in this area.

E- Why confuse the issue by casting a cloud over the well-known term "zero-day"? One should bring clarity, not obfuscation.

E1- The term "zero-day" generically covers ALL malwares, attacks, & exploits that are so new that list-based anti-malware programs have not yet been tweaked so as to protect against them. Notes 1, 2

E2- "New" encompasses seconds, minutes, hours, sometimes days. Why split hairs, except perhaps in an attempt to make one's self appear to be wise?

E3- Also, some good reading here.

 

Yikes, a hater ! I wish I had the time to answer all these points, however I'm a self-proclaimed tester (I hope that's the right terminology ) and I need to get back to looking for applications that offer the best protection possible.

 

bellgamin
Very nicely and comprehensively put. Thank you.

removemalware
Hater? Don't think so. Just somebody who appears to be correctly using logic to put a bit a bit of much needed balance into this thread.
If you were at all serious, you would take the time to acknowledge the points made.
That you haven't bothered to says as much for your credibility as the title of the thread.

(BTW, I'm not a hater, either. I do use Avast, and have found the protection and general functioning of the program more than adequate.)

 

I suppose you're right. I'm just too busy give a huge long winded answer. I didn't even start this thread btw.

I'm sure Avast is fine for some people and that's great. If you find an application that works for you that's all that counts.

Also, I never said anything bad about Avast. It missed a malicious script and allowed a trojan to be loaded and I documented that in a video....that's it...how is that "character assignation" of an application?