puzzled over all the AV's

"Any ole AV"...true.

My experience has shown...

...you're always...ALWAYS...going to run across some cases, where no matter what AV product is used, no matter what anti-malware product is used...you'll come across a case where stuff slips by.

Why? Because putting all your eggs in one basket does not work. There are other parts of the equation. One of the most important other factors of the equation is something as simple, and free, as doing your Windows updates. Last week two of us from work spent over 3 full days cleaning up a research lab from a major global research company...that got infested with the W32.MyTob.AQ worm. The workstations recently installed by us, which we setup..therefore had all windows updates, simply shrugged off the bugger. The older workstations that were in place already from the prior IT support...they were Win2K...and over half of them were not updated by staff. Many were service pack 3, even 2...and more importantly, didn't have the 2x critical updates that fixed the LSA and DCOM vulnerabilities that the Mytob work took advantage of. Those computers were hit HARD. And let me tell you, these older slower computers were a pain in the butt to update, running at a glacially slow pace. But hey, research lab equipment doesn't need high horsepower to run flouroscan machines and other Waters stuff.

BTW, this lab supports Guinness in verification technologies...oh boy, working amidst all those bottles of Guinness... what temptation!

And I don't have control of their AV product, it's dictated by the parent company in the UK.

Your antivirus product often can only run as good as the operating system will allow it to. If the OS is weakened by other various factors, your AV product will often not be 100% effective.

Many of you who might support home users computers...just look at the health of many of them? Kids installing all that warez/music downloading junk software, shopping bars and weatherbug galore...these systems are often so unstable to begin with, resources driven up through the roof, even the best of the best of antivirus products may simply not be able to function up to snuf. (insert some analogy such as "A house is only as strong as the foundation it sits on", or "a chain is only as strong as its weakest link")

Another thing to do..."Educate your customers/clients". Tell them about cleaning internet junk files, tell them to pay attention to that little globe that pops up in the systray saying Windows updates have been downloaded and are ready to install, tell them how to update malware tools like Spybot and hit that immunization button afterwards, etc etc. I learned how to make my clients a bit more self sufficient a long LOOONG time ago, and find that those customers, in the long run, have the least amount of problems. I make my money doing install projects for all types businesses, stuff like servers, workstations, routers, VPNs, WANs, network upgrades, a lot of stuff with Small Business Servers...stuff that commands much higher hourly rates, so it's a waste of my time to get bogged down with petty malware infections, which is why I find it much better to educate my clients. It also reflects better on you, for referrals..a happy customer is one with a healthy problem free setup, so it's in my best interest to educate them to make them more self sufficient.

 

That's not bad, run Pest Patrol too. I cleaned up a machine last week that had 4,500 threats (no, not cookies). Including 53 Trojans among all of that.

They were using CA eTrust AV... I upgraded them to Dr.Web w/Adware Extensions.

 

Hi,

In my own experiences, Pest Patrol is a bit too aggressive with too many false alarms. The software that I choose to use for cleaning, seems to find everything that Pest Patrol does without all of the FPs. I guess it is a matter of taste.

Rich

 

I couldn't agree more with you, there are several good choices out there, Kaspersky, DrWeb, Nod32, Bitdefender, AVK2005 and believe it or not i quite like McAfee . All of these has excellent protection, but Kaspersky is the better choice of course ..........................................for me that is.

I'm not sure if you are talking about a specific brand here, but i guess that all AV's doesn't have a choice, the users want them to cover as much as possible including spyware and while some of it is relatively benign, some are nasty little buggers and not easy to get rid of when installed.

I never really read the Virus.gr, so can't comment with regards to that.

I'd like to clarify something, i didn't single you out or anything, we're not too far apart in our opinions, it was just the first thing on mind after those "first six lines" and i found that funny.

 

Rich dude, I was hoping no-one would ask, since I did not need a written
report for myself. I had these results from Virus Bulletin. I remember it because the site was so memorable/focused.

http://www.virusbtn.com/vb100/archives/products.xml?eset.xml
NOD 32 Result summary: 31 passes / 3 fails - last failed July 2002

http://www.virusbtn.com/vb100/archives/products.xml?kaspersky.xml
KAV Result summary: 26 passes / 13 fails - last failed June 2003

I read and researched more but that's all I have for now. Once you get to the site you can look at the various results using the list on the right


MCAFEE Result summary: 19 passes / 18 fails - last failed February 2005
Norton Result summary: 27 passes / 6 fails - last failed Sept 99

AVG - last failed Feb 2004
AVAST - last failed June 2004
AnitVir - last failed Feb 2004

Arguably Norton is the best over the last 5 years. But again at what price, and at what level of bloatage.


Now if this person was puzzled before they will soon be out of their mind with all these opinions.

 

But y'know, VB100 is not the only source for analysing an AV, because VB100 tests response times to In-The-Wild threats, so those with better updates will, of course be better at VB.

Zoo malware detection also does matter, and you can see those tests at http://www.av-comparatives.org

NOD32 and KAV are evenly balanced in my opinion, because KAV roll out updates like early morning newspaper print machines, and NOD has got those great heuristics

 

Well, I was hoping we were comparing current products that are actually available and on sale. But, if you purchased a system several years ago, I can see where you are coming from.

Rich

 

On these Zoo tests, KAV comes out number 1. Good information, good contribution. AV bulletin wasn't the only place I looked it was just the only place I could remember.

 

Of course, those tests also do show the Proactive detection capability of AVs, and NOD obviously comes out on top

Just see the 'Retrospective/ProActive' Tests for heuristic detection assessment

 

Right on man.

 

But I prefer Signature detections about Heuristics detections, because they (most of the time) can't provide proper cleaning

 

Oh well....a proper balance will always be good

Besides, sending the heuristic sample to the vendor will give you a free signature

And anyway NOD is improving rapidly in signature detection, and BitDefender is improving heuristics - The fight will be between these two in the future.....

For me its a no brainer - I choose NOD because I can get it dirt cheap

<This time I'm not kidding - NOD its gonna be >

 

Are you sure? You seem to change AV's as often as i change my underwear (about once a month ).

 

LOL

Yes I'm sure, and to seal the deal, I'm making sure I'm tied to the license by taking more than a year's license

 

Good for you, Kaushik.

 

Actually I've just started collecting malware......With the amount of AVs I got some day I'll be able to put out a comparative....but not without checking the samples with Happy Bytes first!

Dont worry I got only 3 or 4 right now LOL

 

VB is a great, neutral site to look at for comparisons. One thing to remember though, which mirrors what I always say. Look at the failures...most of them are such oddities as "DOS", or "Novell"...perhaps a "WinNT4". And does that mean the product would fail the same test today? Because back then they tested it with DOS or NT4...it was some way way waaaaay outdated version of the product.

Remember to always step back and look at the picture, look at the few exceptions and think about them for a minute. Because unfortunately some people fall to simply rely on the surface numbers, without actually analyzing the data.

 

Have you compared the two as far as counting def updates each day? Sometimes NOD can have several updates in one day too.

 

I trialled NOD for a relatively short period so I dont know...Daily updates are enough for me anyway.

But only KAV has hourly updates....

 

Happy Bytes prepared for a cooperation with Firecat.
Firecat, regarding nod32 updates, just be informed that sometimes is getting update 3 times per day.

 

Thanks for info

The latest magazine review of NOD32 that I saw said 'Almost daily updates'

 

Well, NOD32 isn't bad at all, and I like it's speed... But it's expensive
If i want to use NOD32 I've to pay "1083.62 руб" wich is around 39.0131 USD!!! Holy crist, that's the rent I pay for my house... With a salary around 80 USD it's impossible to buy things like this

 

Please do, and remember not to mention Firefighter's Or VirusP's tests, he will wash your mouth with soap, and make you write "disassembly" 200 times after school if you do that............

 

Stylewarz: you mean 39 dollar?

KAV is from Russia and asks more for their software, dont; they?

Strange if wages are so low in Russia that you cannot afford 39 dollars for a whole year.

 

Well, KAV is 39 dollar as well... When it's comes from Russia it doesn't mean Russians can affort it...
I don't want to do pitiful but 39 dollar a year means 3,25 dollar a month... For West-Europeans and Americans a lousy bit, but for us a awesome amount of money... If I want this, that will mean I can't use the bus anymore to go home in the weekend, but have to walk two hours first... World is strange, and you won't hear me complain... But software cost to much...

So, I will use free university licenses and I'm happy with them... Although, things you like to use like ZoneAlarm Pro, NOD32, Outpost ect. Wich are not used by universitys are far away from me... And no, I don't use illegal software, since I found the trustworthy doubtfull

(and a note for lamers... No I'm not lazy, working from 07:00 till 21:00 6 days a week... So that's not the reason of the low wages)