Anybody read this review...?

[DavidR]

I too haven't read the review and I don't think I will be buying it just to read it, I'm here sat behind my keyboard, a happy avast user for two years and if avast were really bad, would I not be infected by now.

No I exercise caution and have a multi level approach to protection, I use avast, adaware, spybot S&D, spywareblaster, ewido and hijackthis on occasion as my main security programs; this backed up with exercising common sense should see most people right.

In some of the posts in this thread they are talking about trojans, now a trojan by its nature can be many things, adware, spyware, etc. and since avast is primarily an anti-virus program that happens to detect some other malware, it may well miss a trojan that is picked up by another AV but this is true for many AVs.

Yes avast can definitely improve its detections but does it make it bad, I don't think so. Some of the recent reviews from the likes of avcomparitives places AVGs detections below that of avast, yet this single review places it higher.

Now neither of this means they are bad AVs, just that in that particular test, not knowing how it was conducted and what samples were used, avast did less well. There is more to an AV than simple detection rate, yes it is an important factor, there are some that may well have great detections, but it doesn't provide email protection or P2P support, etc.

We all know (I hope), that prevention is better than cure so stopping a virus getting into you system is better than trying to remove it once established, so in this case better detection isn't necessarily going to protect you better. So all I'm trying to say is that you need to compare more than simply detection rate tests.

[hlecter]

Hi,

Is there an excerpt or something like that on the Net. A link?

Difficult to discuss someting you havn't seen. 

HL

[FreewheelinFrank]

Here's the review for anybody interested:

[FreewheelinFrank]

Some info about the source of the malware here:

http://insight.zdnet.co.uk/internet/security/0,39020457,39239134,00.htm

MessageLabs antivirus team deal with a mixture of long and short-term projects running concurrently. Long-term projects include looking at different ways to roll out malware signatures over the company infrastructure and measuring the efficacy of other vendors' antivirus engines used by MessageLabs. Currently, the email monitoring company use antivirus engines from McAfee and F-Secure, having switched last year from Sophos.

Short-term projects arrive as-and-when for ad hoc fire-fighting. Every day MessageLabs stop 12,000 items that are not stopped by the antivirus engines alone. Dedicated mailservers are used to filter emails for malware by analysing how much 'chaos' is contained in the code. Good files such as legitimate updates have a different stat distribution within the code. If the code has a number of different values, it is classed as chaotic. "If the code has 64 bytes, and every single byte is different, then the code is likely to be malware," said Shipp. For example, bad files often have encryption, and look different from good files because they are trying to hide themselves.

MessageLabs also compares new code with its signature file databases, which is between 2GB and 3GB of information. This database is constantly being updated, "so having caught variant A, we're confident of catching B, C, and D," says Shipp.

Initially defining viruses is "processor intensive". MessageLabs take the potentially malicious code and analyse it. Unusual features in email immediately mark code down as being suspicious. "If the code has IRC, FTP and email — not many legitimate programs have all of those capabilities," says Shipp.

MessageLabs also look for profanity, and virus writer handles. "Virus writers have big egos — they like putting their own names into the code. This never appears in good files," he adds.

Knowing their code contains indicators has led hackers to attempt more subtle social engineering tactics to propagate malicious code, including sending links in emails. This circumvents this problem as the malicious code is not actually contained in the email. "That's why the bad guys are sending links," said Shipp. One example of social engineering tactics is an email pretending the recipient has been sent an e-card. When the person clicks on the link to the card, they are redirected to a site containing malware, and infected.

MessageLabs work around this by detecting if the links have been obfuscated in an email to hide the URL or URI of the site the user would go to. There is also a link-following system which feeds into a discrete network that is dedicated to analysing the links.

Antivirus knowledge is also increased by MessageLabs sharing virus information with other companies, and law enforcement agencies. The company provides virus samples to sharing networks such as AV Gurus. This site maintains and publishes a collection of viruses using PTP encryption, and can only be accessed by legitimate users, according to Shipp.

The threat landscape: A new threat that the antivirus team has seen are data-stealing Trojans sent in spam. The email only has to be opened and the Trojan — hidden in a word document — is activated. These are being repeatedly sent to banks and government agencies in the hope that some information can be stolen.

So the malware used to test was caught by McAfee, F-Secure or MessageLabs themselves.

[RejZoR]

Why noone ever cares to try to understand the program? They are all talking about skinned inteface but no one cares to tell that there is also normal, non skinned and non "futuristic" interface.
Thats why i call all reviews BS. Testing AVs is not about installing them and quickly judge (and misjudge them), but in actually understanding them, learning what specific features do and so on.

[OrangeCrate]

Hmm...

I don't profess to be an expert on anything, but, it looks like an objective evalutation to me.

However, avast! plus the "wonderful three" are working for me. I don't think I'll change a thing.

Interesting read though.

[DavidR]

When talking about a futuristic looking interface (non--standard interface, what the hell is a standard interface, there is no such beast ?), the review becomes subjective and not objective,

[hlecter]

Part of the test seems to be subjective in my opinion.

But it also states that Avast is not the best trojanscanner in the world. 

I don't think that's something new, lets hope on improvements in that area.   

Personally I will continue to use Avast because I like the most of it.

But let's face the facts, too. Not everything negative about Avast needs to be wrong. 

HL

[OrangeCrate]

DavidR,

I wasn't referring to the interface (I agree with you), but Message Labs' definition of the Malware used in Computer Shopper's test, the testing procedures outlined in the "How we test AV software", and the testing results outlined in the second to the last paragraph in the article.

If you can get past the interface, and care to comment on how and why the testing procedures and results are flawed, I'm all ears, and happy to learn.

Thanks.

[DavidR]

And I wasn't replying directly to you or I would generally use a quote.

I still don't see any detailed mention of what was tested and how it was tested, however, I didn't mention anything about the AV tests themselves because I don't know what and how the tests were conducted. I did however agree that avast could improve detections previously.

Yes avast can definitely improve its detections but does it make it bad, I don't think so. Some of the recent reviews from the likes of avcomparitives places AVGs detections below that of avast, yet this single review places it higher.

But when a summary lists only three items, Free, Detections, Non-standard Interface, two out of three have no barring on the effectiveness of an AV and to me that isn't objective, sorry if you think differently.

[drhayden1]

or norton............
or panda............
or trend micro....
or......stick with avast
i saw the review and i still have my avast! pro and its staying there

[OrangeCrate]

DavidR,

No offense taken from this end. Different views are the spices of life. My apologies if you read that into my post.

Frank was kind enough to post the article, and the Message Labs' methodology on providing the raw data for the test. It was that info I based my comments on. In my opinion, there's enough meat there, for someone who knows a lot more than me, to comment on the effectiveness of the testing. I'm not going to take the time to look them up, but I have vague memories of a couple of other marginal reviews in other publications recently. So, I'm interested, but as I mentioned in an earlier post in this thread, unmoved by the article.

You're correct, that you don't really know for sure what they did, unless you're looking over their shoulder when they're doing it, but when I said I'm all ears, and willing to learn, that's what I meant, and why I read this forum.

[Vlk]

We don't like the way the review was written, and for that reason, we have contacted its author and asked him to explain some of its points. Also, Eda (our CEO) will probably be meeting him during the next week (in London). Let's see what the results will be like...


Thanks
Vlk

[scaa]

I have neither read the review nor am that  competent a person to comment on the efficacy of the review.
I however feel avast is THE BEST
However we should not be complacent about negative comments and the ALWIL team should endeavour to improve the product so that  scope is not given for commenting on basic functions of the antivirus
LONG LIVE AVAST
Vlk, please keep us posted on the result of the meeting

[hlecter]

By rereading what was written, I agree upon that the presentation was not good. 

I f you read the excerpt, and know nothing about antiviri programs, you might get the impression
that Avast generally speaking is a one star(out pf 5), which I of course know is VERY misleading.

IMHO I would Give Avast 4 stars out of 5, with a user interface and ease of use that I
like very much. After rereading, they focus on lack of trojandetection in the text, which is not the stongest part of Avast, as stated many times on this forum.

I must admit that I thought the "one star" was because the trojans that went through.
I understand now that I have misintepreted the presentation, and then I totally agree that
the conclusion is wrong, looking at the whole of Avast.

If I misintepreted the results, I suppose others might do,too...

Keep on the good work.

HL