Want to improve detection?

Avast Free Antivirus / Premium Security
1

Just a suggestion to improve detection…
Use a P2P program and download stuffs like keygens, cracks, keymakers… etc.
If avast does not detect them, run Ewido and see what you’re missing 8)

2

I accept that Ewido and Avast together really improve detection. That is the reason I have Ewido, and the reason I removed another good AV whose Support folks insisted I remove Ewido.
I conclude that Ewido plus Avast is better than X without an AT.

I think I will just forego the further tests of bad sites. ;D

Jerry

3

Hi,

That is what I do to get virus samples and test them, because this is the way some of the newer viruses go around (of course I don’t use the keygens). Also Melih and myself may be setting up a “honeypot” to help obtain samples of newer viruses.

4

What is a “crack?” I have seen it mentioned, but have no idea what it means.

Thanks,
Jerry

5

It is a fake product key for a program (i.e. the one you recieve for purchasing avast! Professional Edition) that will activate the program.

6

Thanks, Justin. Now I know.

Jerry

7

I wish there were tests that tested AVs with and without a AT application also running in real time.
I realize this tests the system instead of the AV, but the overall security is what I am most interested in.

Firefighter ran some tests in 04 that did such. It was enlightening to me, and showed the value of layering.
FWIW, here is the thread on Wilders.
http://www.wilderssecurity.com/showthread.php?t=58597

If you follow the thread to posts 17 and 19, and then compare with post 1 it is obvious that the addition of a good anti-trojan provides much more protection.

Jerry

8

A crack is actually an executable file which when run defeats the registration process in a commercial program so that it will work without buying it. This is different from a key, which is simply an alpha-numeric code which will activate a program, and is normally sent to a legitimate purchaser in an email. Illegally copied or generated keys may be found on crack sites, but they are not dangerous like cracks, which are often Trojan horses.

9

Yes. This is only the thing I don’t like about avast. Their virus detection is not “first come first serve” that makes virus submission is not a fun thing to do…

10

Hi,

A lot of keygens have viruses inside. I have found most with trojans but a few of the really nasty ones with worms :-.

11

Maybe they should start at adding virus definitions more often ::slight_smile:
4 days since the last signature update and still nothing. Khm. WHy don’t we wait for whole week? This thing still bothers me a lot. Other AVs add loads of signatures daily and avast! adds just some in few days here and there.
You don’t make good detection this way…

12
4 days since the last signature update and still nothing

Huh?

My last update 0623-0 was June 5th 2006.

13

Probably just false positives fix as it’s not listed on VPS history page…

14

I sent a malware sample to avast!, AVG, AntiVir and some other AV’s on Saturday (6/3/06) and AVG updated and caught it on Monday (6/5/06), I’ve noticed that AVG is quite fast to adding new/non-urgent malware so I don’t surprise if people say AVG find some malware that other AV’s don’t.

15
Probably just false positives fix as it's not listed on VPS history page...

I guess we’ll see … I certainly hope that they give more priority to getting the VPS file up to date and delivered than updating the history file.

16

Here is a comparison of a infected sample of files of mine (made by keygens/cracks as posted in the begginning of this thread)

Windows Defender: a false positive Hijacker.AllStar and a detection of a keylogger.

Ewido detected:

cdpatch.exe → Downloader.Harnig.bq
crack.exe → Dropper.Agent.anl (on 6 files)
crack.exe → Hijacker.Delf.fm (on 8 files)
iks.sys → Not-A-Virus.Monitor.Win32.IKSlog.21 (same Keylogger detected by Windows Defender)
RAS.exe → Not-A-Virus.PSWTool.Win32.RAS.a (on 2 files)
patch.exe → Trojan.Agent.jh (2 files)

It’s just a matter of downloading samples from P2P… :stuck_out_tongue:

17

I checked ewido networks to find this…

Is ewido anti-malware compatible with 64-Bit versions of Windows?

Unfortunately, at the moment ewido anti-malware is only comaptible with 32-Bit versions of Windows.

Any other suggestions? or just wait till 64bit version release…

18

I am not sure if the latest version of A squared is compatible with W 64 bit. I posted the question on that forum. I’ll post the answer or you can check.

http://forum.emsisoft.com/Default.aspx?g=posts&t=940

Jerry

19

Here is the reply posted from a-squared. At this point in time the 64 bit is not supported by a lot of programs I guess. Sorry.

Quote
a-squared is not 64bit compatible either. While the scanner works the whole realtime protection is not working.
Regards,
Andreas Haak

a-squared Team - www.emsisoft.com
End Quote

Regards,
Jerry

20

Strange I thought that the win64bit version was able to run 32bit programs as there are so few 64bit windows programs (obviously not but the responses above). By all accounts win64bit also has a 16bit virtual environment for 16bit programs.

I mean avast for windows is a 32bit program but that is compatible with win64bit, perhaps it has to be signed/approved by MS and avast have been working closely with MS to achieve this I think.