I don’t typically take time out of my day to bother complaining on forums but I just have to ask, what is going on with Avast over the past couple years?
I’ve gone from giving it top recommendations for home users and only falling slightly behind NOD32 for corporate clients to warning people to stay far away.
Over the last couple years I’ve seen increasing issues with false positives and it has been by far been the biggest thorn in my side in all of my years programming with heuristics even flagging and deleting my own business logic code.
Now just today after receiving an angry call from a client that noticed inventory reports hadn’t been generated for the past 6 days I remote into the server and notice that yet again avast has erroneously flagged my code. This time a php module that only logs into a local ODBC data source and builds a inventory report for FTP distribution to wholesalers.
I fully understand the need for heuristics in today’s world of polymorphic virus and malware code but come on guys, no other AV is flagging my code and causing issues. Every single time one of my products gets flagged and nuked it turns out Avast is the culprit.
There isn’t exactly a increase of FP’s.
It might seem that way, but with new detection methods you will get FP’s especially in the period shortly after the release as it is not possible to test things to the millions of (possible) threats that are out there.
As I see it (and I’ve said it before) avast has been growing to fast loosing sight of their customers.
Releasing new things way to soon.
Look at the “beta” versions.
A beta is supposed to be software that shows no bugs/problems during internal (Alpha) testing.
But avast doesn’t seem to know the difference between the various stages.
avast! has the most conservative heuristics I’ve ever seen. If I’m complaining over anything, it’s over them being too conservative and not aggressive enough.
I don’t know about that. Almost every AV product has made the news at some point or another breaking windows installs and I have to admit as far as false flagging important windows components I’d still say Avast is one of the lowest offenders but it tends to cast a pretty broad net for untrusted processes and has been flagging almost any of my tools that make a connection to external FTP sites.
Just because an app makes a FTP connection it does not warrant deletion. It’s easy enough to just exclude the application folder from inspection but by the time I hear about an issue the problem has already occurred (Customer installs avast, avast deletes program code, I get a call when they notice things are broken).
Almost all of the first link doesn’t apply to my tools. No packaged 3rd party software, No ads whatsoever. In fact most don’t even have a UI, they are just background services or scheduled tasks that fire periodically to gather data for sales etc and generate reports.
As far as white listing. That may work for a couple applications that are compiled to executable code, but a lot of it is php script triggered from web based administration portals and contains database functionality with sensitive client information (API Keys etc) that I’m sure they’d rather not be distributed since it’s in readable text format
Somehow I have to come to the aide of avast here as to explain their position.
We end-users even on these avast support forums are not always aware,
as to what an extent this so-called “conservatism” is not coming from avast,
but by sort of binding demands from other “binding” third parties.
This for instance is also limiting the way in which Avast could do for instance so-called modern deep browser inspection.
No av-vendor would like to be “shown the door” like Kaspersky’s recently, :-[
just to give an example here of some of the “complexities and limitations” involved,
and what this so-called “declining quality” is all about in my opinion and according to my views.
I mean I do not have to go into any detail and I also do not expect avast to comment here.
polonus (volunteer website security analyst and website error-hunter)
