I was becoming worried, shocked with avast!... There is a hope anyway...

What’s going on with lack of detection?

Spyware.BingoFun, Spyware.NavExcel, Heuristic.Win32.Hijacker1, TrojanDownloader.Small.Go, Backdoor.Padodor.az, BackDoor.Generic.GAX, BackDoor.Generic.GGC, TrojanDownloader.Agent.ho, TrojanDownloader.Small.bcu, TrojanDownloader.Small.bcv,
MISSED :o (http://forum.avast.com/index.php?topic=15091.msg127347#msg127347)

wmram.exe
MISSED :o (http://forum.avast.com/index.php?topic=15277.msg128630#msg128630)

Win32 Tenga
MISSED :o (http://forum.avast.com/index.php?topic=15300.msg128814#msg128814)

I’m being unfare, folks?
One of my computers get infected last week, a lot of time lost… No answers, I’m becoming disapointed! :frowning:

Did alwil changed their email or something? Anti-Vir detected a Trojan and I send alwil a possible Trojan about almost two months ago and no response. I then send the infected file to anti-vir and they told me it was a false positive the next day. I understand it’s hard to keep and maintain the software and trying to find new problems, but they should at least consider the emails they get about new possible threats. They don’t have to respond to us (as long as it’s not false positive) as long as they put the new virus in the database. I’m not giving up on avast! since this program is longest software I ever kept since McAfee. ;D

I share the same opinion with you Tech. I’m a pro and AV is just a second line of defense when my brain fails to detect something,but i do regulary submit malware.
Alwil guys will have to change something about this. They do add samples,but thats way way too slow. If i understrand correctly,only Karel keeps his hands over VPS updates so this is probably the main reason. Macro viruses are covered by some other guru,but they aren’t as common as Win32 stuff.
I was on McAfee for some time and i just loved their way of handling submitted malware. Uploaded it through their submission mechanism WebImmune and i usually got response in 6 hours or next day for sure. If it was indeed malware,they added it next day or even right away if i submited it before their DAT release.
Now Chest is kinda ok when you get used to it,but it doesn’t really serve it’s purpose since avast! doesn’t have any heuristics. Trojan-gen false positives are common,but usually not the reason to use Chest.
Second thing is that you have to use your own SMTP engine for submission.
Many people just gave up before they even learn that they have to enter that info.
Explaining to every user how to pack into ZIP and password protect it and blabla is also annoying. But even if you guys impliment some kind of web uploading form that submits directly without need to pack and password protect stuff you’ll still have to regulary check all files and add them asap.
You don’t have any proactive protection(ok,except mail),so you have to use Kaspersky way of handling malware (raw signature detection strengt).
avast! functionality is way over any other product,but main purpos (detection) is the thing that makes me worried about avast!. It’s ok,but nothing that would launch it to the top. It just gets lost between others :frowning:

So it looks like they are undermaned or what?

Hello ye all,

Well stay on top of it. Avast is a too good product to loose out on this.
Personally close the vulnerability gap. Download stinger.exe. And screen your oses for the latest vulnerabilities. I hope AVAST will keep sharp, play on the ball.

greets,

polonus

Submitted a sample a few months ago.
It took a month before it was in the vps.
But with next vps it was removed because it caused a false positive.
It was never added again after that.

I could be wrong, but I believe that Alwil needs to put more people on the vps.

About proactive protection, personally, I’ve used Kerio Personal Firewall with its Behavior blocking (similar to Prevx but less intrusive on system performance). This feature gives a good level of proactive protection by control over any starting/modify applications (including malware) on you system.

I think the Blocker in Standard Shield has high potential to be a powerful proactive protection of avast!, so I hope that Alwil team will put more improvement into Blocker in the future.

Sometimes I doubt why Alwil seems to ignore heuristics, while other AVs such as NOD32, BitDefender, Norman, AntiVir, ArcaVir are improving their beloved heuristics like crazy and use it as superb marketing point to convince people that their AVs are better than others (such as avast! that has no heuristics).

The avast! is a good product, but I never field safe with it, and some reasons are already reported here…
Some of them I already tried to discuss here without success, since some of you are avast! fanatic users, but now it seems that something changed…

Hope the best for avast! team.

Hi TAP,

That is why I have installed SSM from narod.ru to have a good system protection and monitor application. It is still free for home users and this version expires December 2005. I am quite happy with it. You can also use a heuristic scanner, but there you have the big disadvantage of a lot of false positives (F-prot DOS version etc). Use the standalone tools like stinger.exe etc. and you are fairly well protected. Today a security solution is a multi-layer thing: AV, Firewall, Anti-Malware, Anti-Trojan, Intrusion Detection and a brain. Still a lot of normal Pops and Moms still click yes, and if that does do the trick, there is always the possibility to click no, and you can do that with two sides of the browser.

greets,

polonus

Being a fanatic user is just plain stupid. Why defending a product when it’s certanly not as good as it could be? And at this point i’m disapointed with avast! detection or shall we say their interest of adding submitted malware…

Yeah,

Sorry, but I have to agree. I cant fell safe with Avast!. For a number of reasons:

1- It take too long time to a malware be added to the VPS. I keep sending samples to AVG and Avast. Avg usually adds in the next update (no more than 24 hours, sometimes a lot less, like 4 hours). Avast gets at last a week in most cases.

2- In my experience, even without the heuristics, Avast seems to cause more false positives than any other AV that me or any of my clients had used. Avast caused me 4 false positives, while AVG and Norton caused me only one… Mcafee,Panda,Nod32 never did… At last to me.

3- I had installed Avast in almost all my clients, unfortunatly I had to uninstall it and then install AVG, just to find out all the infections that Avast missed. And worse, just to find out that if I had installed AVG in first place, the infection wouldnt happen, because AVG could detect it.

I had to choose AVG for two reasons, first the fast way that they deal with new samples, updating the definitions of new malwares really fast. Second, AVG takes a lot less system resource than avast… wich in some cases is very decisive.

Also, AVG has a real bad fame in detection rate, but I can be sure that is just fame… It have impressed me in lot of ocasions, detecting malwares that I never thought it could be detect by AVG… (Sometimes I use mcafee online just to be sure, and just one time it found something that avg missed)

Its a shame, because I think Alwill is a company that really know how to deal with their costumers, getting their attention. Its antivirus had one of the most complete set of features (including the free version), but the main thing, the VPS gap just doesnt let it make a trustable AV.

I really hope that the VPS problem be solved. So I will be able to trust and tell to friends/clients, how good is to be protected by Avast!.

Elminster

elminster, I agree with you there is a lot of false positives in avast for an AV with no herustic abilites.
Command antivirus has a great deal of herustic ability and adds it to their Deffiles within 24hours of submission, and I have never had a false positive from it.
I run Avast on my PC and command on my Mac under VirtualPC and on my laptop.

Hello worried fellow-members,

Go here and read, and there you see the general situation scanner maintanance is facing. And the future looks bleak.
Read what Wilders Security has to say, and why they pulled the plug out. The days of the signature scanner as sole-defense-line are numbered, stronger solutions are to step in. It is too time consuming, too costly too, all resources are tied up, and the anti-trojan scanners are closing down one by one. Read:
http://www.wilderssecurity.com/showthread.php?t=90017
Now you know what is going on,

Have a nice day,

polonus

Alwil knows exactly whats keeping avast! from being the top AV, Detection!

Alwil seems to be against adding Heuristics to avast!, if thats the case then one would think they’d add definitions quickly after samples are turned in.

No AV offers all that avast! does, some are better in detection…

I'm becoming worried, shocked with avast!

Hmm just think how “shocked” and “worried” the other AV companies would be if avast! had BitDefender/NOD32 type Heuristics, or KAV fast definitions;)

Please, this was not a thread about Heuristic x Non-heuristic antivirus.
This is what I don’t want to discuss here.
This is what will make Alwil team does not answer to this thread.
They already said their opinion about Heuristics a lot of time.

I want another things: better detection (signatures), faster sample analysis, faster VPS updates…
Did you remember what we have months ago? Almost 20 updates a week? And now?
Worse, some are thinking I’m blaming avast… :-
I just want it better and I did not receive an answer… What is happening with the lack of detection?

I totally understand you Tech. And i know that too because i submit loads of malware almost every day. They get detected eventually,but thats not enough.
Kav sux in heuristics (pretty much),but look what they managed to do just with signatures? But then you have too add signatures faster and release more updates.
I’m not saying Alwil should release VPS every hour,but daily updates would most probbaly make a difference. Hiring more analysts would also do the trick for sure (i’m not sure hows with that in Czech and education/knowledge level required for such position).
I’m on free Home edition,but i take my time and submit undetected malware.
And for good of Professional Edition users that payed for it i expect my samples to be added asap not 2 weeks later.

Hello,

I agree with heuristics has nothing to do with it. I think I am on the right track to think that the question is much more of a fundamental thing. We are in a period where the scanner as a first line of defense is slowly loosing ground to a situation where a multi-layered protection of machines becomes inevitable. We are already in a situation that you cannot survive on the Internet without protection longer than say 10-12 minutes to be infected.
Simple surfing with only AV and FW is not enough. Of course a good signature scanner will always be needed, and it better be a good one. But as the malcreants change, the AV product is to change, no way around that. Develop protection on the one hand, and develop the awareness of the user on the other hand. The best line of defense is the human brain.

“The last virus will never be discovered in this world”

polonus

Sure but… I want avast! better right now! :frowning:

Why won`t someone from the avast team address our concerns in this thread?

I sent some samples about 4 weeks ago, they still have not been added.

Is there any point in me send anymore, if they won`t be added.

Avast used to reply to my e-mails about 1 year ago, now you get no reply!

Dont avast understand by people sending in samples, that will help avasts detection rate.

Lat time i checked the detection rates for avast, AVG and antivir were as follows:

avast 79.65%

antivir 84.50%

AVG version 7.0- 54.07%

I have considered switching to antivir but the updating for antivir takes too long, no automatic updates!

http://www.virus.gr/english/fullxml/default.asp?id=69&mnu=69

I agree with you but, again, this is not Heuristic or Virus comparison thread.
I hope they don’t come here just to say: Oh, we already discussed a lot this…
I’m trying to force them to look into users’ prayers for a better signature detection and faster samples analysis…
Maybe I’ll stop posting as it’s becoming useless after 15 days waiting…