Discussion in 'other anti-malware software' started by aigle, Mar 31, 2010.
i think Avast has always been a very fast and secure scanner but not a good cleaner and it really not surprises me at all
Make the program not be a huge resource hog. I like PCTools personally but the program is way too big IMO and Threatfire slowed my PC to a crawl. Also, they should offer a full-featured FREE version of SD with AV (ala' Avast & Avira) instead of a crippled half-done version. It's hard to trust a company who would allow you to put half-assed security software on your PC.
That's what they need to do.
Moreover, based on my tests I think that Avast does not perform well when it comes to zero hour malware. Last night again I tested Avast 5 free with 30 malware links and i can report that Avast failed most of them. Avast needs to shore up its behavior technology, fast.
30 malware links, and those came from where exactly? sounds like u did the same kind of test u see on youtube with slightly more samples all from the same source with no way of verifying they are "zero hour" yet everyone says how theyre samples are "zero hour" or "zero day"... but i do agree their behavior shield needs some work. basically what im trying to say is if u got those 30 "samples" from malware domain list like every other youtuber i dont see much significance in ur test.
I did more than that; I used 30 malware links for my dynamic tests (10 malware links per day for three days). Moreover, I used a special sandbox to make sure that these malware samples are really malicious and what kind of damage that they are doing once installed). I took opportunity to use Eset SysInspector to create logs (pre and post infection) in order to have concrete data of the changes that happened post infection. I also performed a cleaning and detection test to see if a particular security software would be able to install on an infested computer just to have the evidence that the tested security software would be able to detect, cure, and clean a system after infection; and I used the same amount of samples just like in my dynamic tests.
In addition to that I used a boot DVD like SARDU for example and scan the infected system with multiple scanners in order to make sure that the tested software has done a good job. It takes me a lot of time to perform these tests, actually it takes me around six days to fully test a security software and they are more in depth than the ones currently available on youtube. Now to take it a step further in the future I'm trying to build my own honey pot so that there can be no doubt that my samples are genuine zero hour.
What I working on now beside my own honey pot is to come up with some tests to test firewall and HIPS. Then and only then I will be able to provide the entire package. But for now I feel content with testing antivirus software.
Wish me luck man!
while that is much better practice than wat i usually see, what was ur source to those malware? ~Snip~
and good luck with building ur own honeypot, sounds like a really cool project
Some posts edited and removed.
Please read and heed our TOS.
Wait a minute
You said links, well then I did not post any link I just typed the NAME of a website that collects malware links for testing purpose and such a website is no secret whatsoever to most Wilders users and the computer security world at large. I did not post any link I simply typed the name. Is typing the name of a website not allowed at Wilders. This is simply ridiculous, with all due respect.
With all due respect, I would suggest confining any information on malware download locations to email or personal messages.
AVG contains a proven behaviour blocker (aka Antibot)
The avast behaviour blocker is not really effective
What do u expect, its new. Same with Avira. They need time to become strong.
Yeah I totally agree with you they will take time to improve maybe their next version would have more responsive BBs
If you look at AV-C dynamic test in 2009, AVG Internet Security 9 scored only 88% and consequently got a medicore standard rating.
In AV-Test dynamic test, AVG successfully blocked only 84.2%.
If really AVG has made such an improvement in a short time period, then it's good for them, but I'm still not convinced.
Then try for yourself
I'm not interested in AVG.
To each, his taste.
ESET actually doesn't have web browser protection like Panda , Norton or Kaspersky . ha-ha-ha to you , my dear.
ESET includes web scanner which scans HTTP traffic (this is web protection but NOT a web-browser protection). This does not guard the web browser . It scans the files before they reach your machine's hard drive.
Panda protects the browser's settings , Kaspersky sandboxes the browser , Norton includes IPS and other options to actually guards the browser . Note that all Panda , KAV and Norton have HIPS/behavioural analysis.
Virus Bulletin April issue and VB100% review will be out in about 10 days . With new vendors/products , Norton product will take part for the first . If anyone doesn't trust the results from PCWord and AV-Test , another review will hopefully open your eyes for the truth. All you need to do is to have a valid subscription for Virus Bulletin magazine to read the FULL review and test with all details.
he not only monitor the downloads, also blocks malicious scripts, exploits, etc. .. and use a blacklist to block pages that are considered as sources of attacks or phishing.
this is no web browser protection is then what?
When in reviews I read "achieved a perfect score" I see there's something wrong. There is no such thing as perfect score. Perfect scores indicate lack of capability to stress enough a software and many many other things, which I find meaningless to explain.
I find this review meaningless from another point of view too: the type of user who reads PC World, would buy anyway the products that scored high (top 3) in the review. So lost time for the reviewer and for us discussing it.
...based on scanning HTTP traffic.
This is web traffic scanner not web-browser protection , there is a slight difference.
It doesn't block pages , it consists of blacklist of known to ESET bad IPs (again - this is a bit different) . Blocking a single IP could block lots of pages including a good one,too .
If you don't like discussions maybe the wilders forums are the wrong place for you
I don't completely agree with you
Edited to underline something
There is a difference in what ESET offers and what most other offers