Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: Lisandro on June 03, 2006, 04:33:19 PM
-
Just a suggestion to improve detection...
Use a P2P program and download *stuffs* like keygens, cracks, keymakers... etc.
If avast does not detect them, run Ewido and see what you're missing 8)
-
I accept that Ewido and Avast together really improve detection. That is the reason I have Ewido, and the reason I removed another good AV whose Support folks insisted I remove Ewido.
I conclude that Ewido plus Avast is better than X without an AT.
I think I will just forego the further tests of bad sites. ;D
Jerry
-
Hi,
That is what I do to get virus samples and test them, because this is the way some of the newer viruses go around (of course I don't use the keygens). Also Melih and myself may be setting up a "honeypot" to help obtain samples of newer viruses.
-
Just a suggestion to improve detection...
Use a P2P program and download *stuffs* like keygens, cracks, keymakers... etc.
If avast does not detect them, run Ewido and see what you're missing 8)
What is a "crack?" I have seen it mentioned, but have no idea what it means.
Thanks,
Jerry
-
It is a fake product key for a program (i.e. the one you recieve for purchasing avast! Professional Edition) that will activate the program.
-
It is a fake product key for a program (i.e. the one you recieve for purchasing avast! Professional Edition) that will activate the program.
Thanks, Justin. Now I know.
Jerry
-
I wish there were tests that tested AVs with and without a AT application also running in real time.
I realize this tests the system instead of the AV, but the overall security is what I am most interested in.
Firefighter ran some tests in 04 that did such. It was enlightening to me, and showed the value of layering.
FWIW, here is the thread on Wilders.
http://www.wilderssecurity.com/showthread.php?t=58597
If you follow the thread to posts 17 and 19, and then compare with post 1 it is obvious that the addition of a good anti-trojan provides much more protection.
Jerry
-
A crack is actually an executable file which when run defeats the registration process in a commercial program so that it will work without buying it. This is different from a key, which is simply an alpha-numeric code which will activate a program, and is normally sent to a legitimate purchaser in an email. Illegally copied or generated keys may be found on crack sites, but they are not dangerous like cracks, which are often Trojan horses.
-
Yes. This is only the thing I don’t like about avast. Their virus detection is not "first come first serve" that makes virus submission is not a fun thing to do..
-
Hi,
A lot of keygens have viruses inside. I have found most with trojans but a few of the really nasty ones with worms :-\.
-
Maybe they should start at adding virus definitions more often ::)
4 days since the last signature update and still nothing. Khm. WHy don't we wait for whole week? This thing still bothers me a lot. Other AVs add loads of signatures daily and avast! adds just some in few days here and there.
You don't make good detection this way...
-
4 days since the last signature update and still nothing
Huh?
My last update 0623-0 was June 5th 2006.
-
Probably just false positives fix as it's not listed on VPS history page...
-
I sent a malware sample to avast!, AVG, AntiVir and some other AV's on Saturday (6/3/06) and AVG updated and caught it on Monday (6/5/06), I've noticed that AVG is quite fast to adding new/non-urgent malware so I don't surprise if people say AVG find some malware that other AV's don't.
-
Probably just false positives fix as it's not listed on VPS history page...
I guess we'll see ... I certainly hope that they give more priority to getting the VPS file up to date and delivered than updating the history file.
-
Here is a comparison of a infected sample of files of mine (made by keygens/cracks as posted in the begginning of this thread)
Windows Defender: a false positive Hijacker.AllStar and a detection of a keylogger.
Ewido detected:
cdpatch.exe -> Downloader.Harnig.bq
crack.exe -> Dropper.Agent.anl (on 6 files)
crack.exe -> Hijacker.Delf.fm (on 8 files)
iks.sys -> Not-A-Virus.Monitor.Win32.IKSlog.21 (same Keylogger detected by Windows Defender)
RAS.exe -> Not-A-Virus.PSWTool.Win32.RAS.a (on 2 files)
patch.exe -> Trojan.Agent.jh (2 files)
It's just a matter of downloading samples from P2P... :P
-
I checked ewido networks to find this...
Is ewido anti-malware compatible with 64-Bit versions of Windows?
Unfortunately, at the moment ewido anti-malware is only comaptible with 32-Bit versions of Windows.
Any other suggestions? or just wait till 64bit version release...
-
I am not sure if the latest version of A squared is compatible with W 64 bit. I posted the question on that forum. I'll post the answer or you can check.
http://forum.emsisoft.com/Default.aspx?g=posts&t=940
Jerry
-
Here is the reply posted from a-squared. At this point in time the 64 bit is not supported by a lot of programs I guess. Sorry.
Quote
a-squared is not 64bit compatible either. While the scanner works the whole realtime protection is not working.
Regards,
Andreas Haak
a-squared Team - www.emsisoft.com
End Quote
Regards,
Jerry
-
Strange I thought that the win64bit version was able to run 32bit programs as there are so few 64bit windows programs (obviously not but the responses above). By all accounts win64bit also has a 16bit virtual environment for 16bit programs.
I mean avast for windows is a 32bit program but that is compatible with win64bit, perhaps it has to be signed/approved by MS and avast have been working closely with MS to achieve this I think.
-
Thanks for your replies!
I mean avast for windows is a 32bit program but that is compatible with win64bit, perhaps it has to be signed/approved by MS and avast have been working closely with MS to achieve this I think.
win64 has kind of a simulator thing to run 32bit programs, I guess avast can be simulated by that while some others don't
and Avast is compatible with windows defender, another clue as to avast team indeed have been working closely with MS?
-
Well, I wouldn't call it exactly "a simulator", but yes, Win64 is able to execute 32bit user-mode applications without any problems.
What it can't do, however, is to load 32bit drives - only 64bit drivers are supported. So, your application can be 32bit, but if it requires special drivers to work correctly, updated 64bit ones have to be supplied (which affects low level programs like antiviruses, and their resident protection in particular, probably CD burning tools, etc.)
And no, Win64 does not have a 16bit virtual environment - Win16 or DOS executables are not supported anymore there and can't be run.
-
Thanks for the explanation Igor, especially about the 16bit programs as this cropped up in another Topic re Vista and I can't remember if that was for the 32 or 64 bit version.
-
From what I was told, the 16bit subsystem support has only been removed from the 64bit version (and not only Vista, WinXP is affected as well).
-
I have been told that BOCLEAN is compatible with 64 bit W.
Here is a review
http://www.anti-trojan-software-reviews.com/review-boclean.htm
I have not used it and there is no free version.
Jerry