Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: true indian on March 26, 2014, 03:59:18 AM
-
This is the second time this has happened...Last time Vlk had valid explaination of cloud stability issues affecting avast scores.What happened here this time I was expecting the usual 4.5/5.0 or even better scores.
http://www.av-test.org/en/tests/home-user/windows-7/janfeb-2014/
Anyone from avast! team can shed light on this topic please?
-
Well, even though last time Vlk explained it, i found that even more concerning actually. A protection so dramatically affected by the cloud problems and what's worst about it, user has no clue it is happening in the background. You expect some subsystem to give you superior protection, but you don't even know it's actually not operational. And that i find as a huge problem. I don't know how long their problems lasted or how big they were, but if they were big enough to affect the test results, they are concerning for me as well.
-
http://forum.avast.com/index.php?topic=147986.0
-
Rejzor,it is no surprise with the amount of malware coming everyday any AV will suffer without cloud modules.Forgot Avira scores few months/years back without the cloud stuff.
There is no such backend server that can keep up with everything,so even evo-gen also had to go behind with no suprise.
Rejzor,I still test avast very little sometimes and with no doubt evo-gen and other modules are still on the radar.They still detect quite a lot of malware.
Remember,if you extract samples with avast on evo-gen is going to pick up on them during extraction and then no evo-gen on execution still evo-gen is pretty effective.
People fail to understand that now evo-gen is more embedded into on-access scanning system and no more to on-execution.I am sure the offline system will get stronger with dyna-gen and DBT (Already under development).
No wonder Naren and I had weird problems with the cloud detections...Thanks avast! team for the explaination over here:
http://forum.avast.com/index.php?topic=147986.msg1075601#msg1075601
Looking forward to much better protection in upcoming months.
-
True Indian, what do you mean with DBT?
-
True Indian, what do you mean with DBT?
Dynamic Binary translation...
-
Okay.
I cant wait to check that out. Also Dyna-Gen will be fun to test out. :)
-
Okay.
I cant wait to check that out. Also Dyna-Gen will be fun to test out. :)
DBT is already being used...detections come with the name Sf as initial...They are still bettering it though..
DBT sigs look like this:
Sf:Zbot-A[Trj]
They are adding a few of these everyday check the virus update history.
Remember,these detections come from deepscreen module.
-
True Indian, what do you mean with DBT?
Steven, see: http://forum.avast.com/index.php?msg=1060172
-
Okay.
One more thing learned today. :)
But i think it will getter over time. Deepscreen got better over the newer versions. But there is still a lot of work
to do.
-
DBT is already being used...detections come with the name Sf as initial...They are still bettering it though..
DBT sigs look like this:
Sf:Zbot-A[Trj]
They are adding a few of these everyday check the virus update history.
Remember,these detections come from deepscreen module.
Sf detections have been added since several years ago, since the launch of the v5 if I remembered correctly.
And Sf are also detected via normal scanning, at least I saw it around 2011 during malware testing.
So I consider Sf detection are based on Code Emulator. Of course, integration of dynamic binary translation into code emulator is the most probable.
-
True Indian, what do you mean with DBT?
Then how come Panda Cloud Free scores fantastic results every single time in tests? It's also heavily dependent on cloud, yet it works perfectly. It was also among the very best in the latest AV-Test.
-
Sf detections have been added since several years ago, since the launch of the v5 if I remembered correctly.
And Sf are also detected via normal scanning, at least I saw it around 2011 during malware testing.
So I consider Sf detection are based on Code Emulator. Of course, integration of dynamic binary translation into code emulator is the most probable.
No,since v5 they were there but not added so often as now and they werent active as of now what avast blog article tells me is safemachine 2 has been launched couple years back so I am guessing its from v6 and they were working on it since then.
I have seen Sf detections from the avast deepscreen module and that is the reason I am confident its that.Plus,3 or 4 years back I never saw it in the sandbox neither it came in vps update history and it came very rarely.
Read: https://blog.avast.com/2014/02/07/research-buzz-undercover-technology/
This technology was fired up only in the start of this year and they are bettering it since then.Although Sf has been there even before it was very basic and very rarely added detection.Since end of feb I am seeing in every alternate VPS.
Rej,Panda is a full cloud AV.There is a difference when you are exclusively working on 1 technology and plus I am sure they have more attention to their cloud whereas avast has to see both home-made as well as cloud and also develop new protection modules.
-
True Indian, I respect your poised opinion. But which of the new technologies are working OK in Avast , not buggy and unstable at times. Yes, other vendors also introduce new technologies but not at the expense of bugs and instability. And now this back-end issue that seems to have been present about 2 months without the user being aware - what is worse - the results in a test like AV (which I consider a joke, especially the performance part) or the false sense of security in users, thinking that everything in their AV is working as it should, the green tick is there, you are protected.
-
Does it? Panda Cloud is NOT just cloud AV. They also cache local definitions, they also offer local behavior analyzer and blocker.
I've noticed a trend with avast! where they have bunch of really awesome ideas all the time, but they rarely make them useful in the end. Or they don't appear so to the end user. Behavior Shield. We thought we'd finally see behavior blocker in avast!. And it turned out to do exactly nothing at all. Autosandbox when it was introduced, didn't yield much results and hardly anyone has ever seen it detect anything. Then it was a brief time of awesome sightings of Autosandbox detections for like 1 month and then it all went silent. DeepScreen was introduced and since it's introduction, just like with Autosandbox, we haven't seen much of it's detections. A lot of "Analyzing" popups and hardly any detection. Then there were several upgrades with hardly any effects. Their statistics may say otherwise, but seeing it work in the wild is another thing. Only thing that actually seems to work is Evo-Gen. I just don't understand what's going on in there. What's the cause of all the bright ideas to never function in real world. Or i just set the expectations too high. But then again i had the same expectations for Bitdefender and Kaspersky and look where they are constantly in the tests...
-
Perhaps the results would be different if the 'Sensitivity' was high. I think AV-Test uses the default settings. Even the on demand avast scan.
-
No,since v5 they were there but not added so often as now and they werent active as of now what avast blog article tells me is safemachine 2 has been launched couple years back so I am guessing its from v6 and they were working on it since then.
I have seen Sf detections from the avast deepscreen module and that is the reason I am confident its that.Plus,3 or 4 years back I never saw it in the sandbox neither it came in vps update history and it came very rarely.
Read: https://blog.avast.com/2014/02/07/research-buzz-undercover-technology/
This technology was fired up only in the start of this year and they are bettering it since then.Although Sf has been there even before it was very basic and very rarely added detection.Since end of feb I am seeing in every alternate VPS.
Yes, more and more Sf detections are added recently. Back on 2011 they were added once in a month or less.
But it does not mean it was not working at that time... see the Virustotal results back in 2011, they detected "Sf:Mystic [Cryp]" as avast5 detection (although its version is already 6 at that time).
This is what I saw during these times. There was no DeepScreen back then.
I checked my old malware samples and yes, I sent some samples detected as "Sf:Mystic" to avast lab in Jan 2011.
https://www.virustotal.com/file/2bddc8f914d99e7a3e73896a93b848024704fea8873a740e9cbc37f7a13c8ed2/analysis/1316908834/
https://www.virustotal.com/file/a7b550e521bf41d4acb445aaaca9a93d0c4bb1784be55cd2eb4ab02361db1292/analysis/1310784766/
-
Perhaps the results would be different if the 'Sensitivity' was high. I think AV-Test uses the default settings. Even the on demand avast scan.
I can tell you that it wouldn't. I'm not even sure if sensitivity levels even do anything. There were supposedly differences, but i frankly could never see them.
-
I've noticed a trend with avast! where they have bunch of really awesome ideas all the time, but they rarely make them useful in the end. Or they don't appear so to the end user. Behavior Shield. We thought we'd finally see behavior blocker in avast!. And it turned out to do exactly nothing at all. Autosandbox when it was introduced, didn't yield much results and hardly anyone has ever seen it detect anything. Then it was a brief time of awesome sightings of Autosandbox detections for like 1 month and then it all went silent. DeepScreen was introduced and since it's introduction, just like with Autosandbox, we haven't seen much of it's detections. A lot of "Analyzing" popups and hardly any detection. Then there were several upgrades with hardly any effects. Their statistics may say otherwise, but seeing it work in the wild is another thing. Only thing that actually seems to work is Evo-Gen. I just don't understand what's going on in there. What's the cause of all the bright ideas to never function in real world. Or i just set the expectations too high. But then again i had the same expectations for Bitdefender and Kaspersky and look where they are constantly in the tests...
IMHO, they are focused on other software items to generate $$$ and not keeping eye on the A/V ball.
Frankly, I do Custom Install and uncheck all but the shields.
The virtualization driver for Sandbox "appears" to cause BSODs.
AOS is still limping along.
Don't get me started on GrimeFighter.
I think the "developers" have posted loudly this is not their decision but managements.
I think "management" is going down the Symantec path which IHMO is offering nothing...especially to pay for.....and diluting what they are good at and during which diminishing the Avast "brand".
Wonder if there is "new" management within Avast.....or worse.....they hired some consulting firm to "help" them guide the biz.
Hope they figure this out before they spiral too far down the rabbit hole.
-
[
I think "management" is going down the Symantec path ...
Wonder if there is "new" management within Avast.....
Well, the CEO no doubt trod that path while a VP at Symantec.
"New" since when? There may be a cause/effect relationship between this trend and the hiring of a former Symantec Sales exec as CEO. Or it may just be a positive correlation with no causal implications ...
-
[
I think "management" is going down the Symantec path ...
Wonder if there is "new" management within Avast.....
Well, the CEO no doubt trod that path while a VP at Symantec.
"New" since when? There may be a cause/effect relationship between this trend and the hiring of a former Symantec Sales exec as CEO. Or it may just be a positive correlation with no causal implications ...
OMG !!!!!!!!.....I was absolutely kidding.....but did a Google: http://www.reuters.com/article/2009/07/08/idUS69353+08-Jul-2009+MW20090708
Wow....that explains a lot. :) ....or as you said.....may be nothing. :-\
Of course I'm a born conspiracy theorist. 8)
-
Well he has been the avast! CEO for five years, so this policy didn't happen when he arrived.
-
Well he has been the avast! CEO for five years, so this policy didn't happen when he arrived.
Perhaps not *immediately* after his arrival.
That doesn't preclude the possibility of his influence in the current direction apparently being taken. It's unlikely that it would be happening - aggressive marketing and up-selling - if he didn't approve. It's a strategy for company growth and profitability which would appear to be consistent with his past activities and successes at Symantec. As they say: "If the Foo s...s, wear it." But as I commented in another thread, this is probably
part of his mandate from the Board of Directors which hired him.
-
Rejzor Come on dont be blind....Its not just evo-gen they later developed FilerepMalware.
And now FileString,FilrepMetagen and many more are seen to be working in the wild...agreed that deepscreen hadnt been so useful but since end of feb they are implementing and improving safemachine2 technology.
Deepscreen has improved since january...I am just curious to see how deepscreen performs when avast labs come back to their normal reaction times and recover the lost detection rate.
Still I would not compare avast to panda....Both are completely different...I guess panda updates in the cloud most of the time which is unlike avast.
I am very sure about sf detections I am seeing them in deepscreen since last month.I had like a bunch of them from my last 10 tests.
As Vlk said earlier,it is a one time failure and obviously they will make sure it will never happen again.
The reason why the scores fell soo low because it was not just the cloud but also the Virus database that got caught and suffered a set back as it was mentioned by setjko.I am sure this is happening with the VRDB for the first time.Enough said I am curious to see how avast does in upcoming months and then we can all have our opinions. :)
Well,zerotox I do believe even during setbacks avast labs would have tried to keep up with real threat landscape out there which no test has ever shown.
Tests are mostly useless these days,they are just for geeks like us to make fog opinions on AV's.I dont think the average Joe even knows about Testing organizations.So what they use? well,they use their own experience to make comclusions on a AV program.And everyone is bound to find 1 AV and the other bad.
On the program Bug and bloat side,I would agree.They need to seriously get rid of all that crap.
-
Tests are mostly useless these days,they are just for geeks like us to make fog opinions on AV's.
or teenagers.....evrytime they see a new AV on top in a test, they reinstall...... and run full scan 10 times a day with evry free tool found on the net
-
I'm not blind, i see perfectly well. Especially considering how long i'm following avast!. I think it's 10 years this year.
-
I'm not blind, i see perfectly well. Especially considering how long i'm following avast!. I think it's 10 years this year.
You don't have to follow for 10 years to see the trend.
Just read the Forum and look at the "type" (and severity) of issues....just read other Forums and compare.....I do.
Then look at the results of A/V tests......of course there is always excuses, wonder what they would say if they were #1 ?
I'm betting all of a sudden the tests are valid, etc.
The bottom line is Avast has been head-and shoulders above the rest in usability and protection but as V8 and especially now V9 has come into play, as you said,....you'd have to be blind to not see the degrading in quality, the increase of absolutely useless bloat-ware (yes, you can easily get free packages that are much better than what Avast is "pushing"). I don't be-grudge them for wanting/needing to make money but IHMO they are going down the wrong road.
Anyway, YES.....I'm still with Avast because I'm not so easy to give-up.....but they need to get rid of the marketing guys who are telling them the direction they are going is way of the future. :'(
-
Tests are mostly useless these days,they are just for geeks like us to make fog opinions on AV's.I dont think the average Joe even knows about Testing organizations.So what they use? well,they use their own experience to make comclusions on a AV program.And everyone is bound to find 1 AV and the other bad.
Then , please, explain why it is you have posted comment , and links to test results , again, and again, and again , month after month ?
Who is always first to post these useless test results ?
-
Time for my two pennorth the only test is the one you do in your personal use of the computer, no infections good, infections bad :)
-
Time for my two pennorth the only test is the one you do in your personal use of the computer, no infections good, infections bad :)
Ohhhh..........you are bringing logic and sanity to the discussion ?.......that is just not right.
If you are going to be rational then how can we complain about the "what if" and "why not" and "how come".
Essexboy, that is not playing fair. :)
OK.....I'll bat the ball across the net.........here goes.
In your "self use test" scenario.....if you don't do any "bad" stuff on your PC then you don't need A/V at all.....so in this logic no A/V is just as good as Avast, and I rate Avast much higher than that.
Seriously, I think A/V (malware protection, etc.) is like an insurance policy.....you know you need it but not ever sure how much you need or how good it is until lightning strikes. Thus, it is a balance of how much cost versus reward (protection) you need. I think the point of all the above is that these tests "are" relevant in that this is how.....for better or worse.....things are compared.
-
I'm not blind, i see perfectly well. Especially considering how long i'm following avast!. I think it's 10 years this year.
Rejzor,not commenting on your experience with Avast! No offense to you.You have better experience with Avast than me.RESPECT!!
Yes product quality is decreasing because of the unwanted bloat and it needs to be fixed.Come on Avast,steer the money into protection areas not in marketing. :-[
As I mentioned on Wilders Forums I no longer use or recommend avast anymore.I moved all clients to different solutions.I just hope avast to get back on track soon.
-
Hi True Indian,
Always had a feeling you hadn't installed avast! yourself. ;D
Your av is just part of any security set-up.
avast! kept me free of malware during the last couple of years.
Whenever you see what scanning I do in the virus and worms,
I came closer to malicious site code as anyone could without actually trying to go there.
So if there is anyone who could say something about avast protection status 8)
Well I know a bit about what it does and does not flag.
I am very pleased with the added security from avast shields.
I liked the added security from using avast"s software updater.
I definitely do not like GrimeFighter from what I have seen and experienced from other users recently.
For dropbox I cannot say anything conclusive.
The avast backend trouble could not be avoided, but hopefully is only a one-time incident.
But there is more about securing your PC than just installing a resident av solution.
There is additional non-resident tools like I have installed SAS, MBAM and MalwareBytes anti-exploit.
I am not particularly keen on avast! Web Rep.
DrWeb's url-checking extension combined with BitDefender's TrafficLight give a far better overall protection.
Again said the avast shield's detect a lot of issues all other av solution let pass by unnoticed
(script detection issues, avast has some keen avast team developers there).
What is still an unnoticed threat and this is so for all av solutions,
is that cybercrime sites and IPs aren't being blocked under all circumstances,
see what goes on here: http://cybercrime-tracker.net/
(do not click any results there, you have been warned!).
Recently I have analyzed a lot of SE redirections,
clearly meant to curve the bends for fraudulous clicks,
but again largely going under the av detection radar (see killmalware SE redirect flags).
I also frown about solutions hyped like the White Hat Aviator browser,
which is mainly a hyped Google Chrome clone with some added extensions and standard search engine.
Users that know what do do have a decent adblocker solution with added malware blocking,
a decent script blocker like NoScript or ScriptSafe and Request Policy extension installed
and feel more secure against malscripts and third party crap.
In these respects bad test results are just a hick-up once in a while.
But still we should keep the av-solutions pulse to establish it is going the right direction.
polonus
-
Tests are mostly useless these days,they are just for geeks like us to make fog opinions on AV's.
or teenagers.....evrytime they see a new AV on top in a test, they reinstall...... and run full scan 10 times a day with evry free tool found on the net
Most of the "teenagers" I know don't use / know how to use an antivirus, much less know how to use a Desktop PC.
~!Donovan
-
The avast backend trouble could not be avoided, but hopefully is only a one-time incident.
polonus
It's hard to attribute the low scores to a one-time failure, presumably of relatively short duration, given the time span during which avast! 2014 has scored poorly:
Windows 8, Nov-Dec/2013
http://www.av-test.org/no_cache/en/tests/test-reports/?tx_avtestreports_pi1[report_no]=134923
Windows 7, Jan-Mar/2014
http://www.av-test.org/no_cache/en/tests/test-reports/?tx_avtestreports_pi1[report_no]=140613
These tests appear to span at least 3-4 months and use avast! 2014.
They show a marked decline in performance scores from earlier tests using prior versions.