Author Topic: I did some testing (Someone from Alwil should read this)  (Read 15248 times)

0 Members and 1 Guest are viewing this topic.

Offline RejZoR

  • Polymorphic Sheep
  • Serious Graphoman
  • *****
  • Posts: 9271
  • We are supersheep, resistance is futile!
    • RejZoR's Flock of Sheep
Re: I did some testing (Someone from Alwil should read this)
« Reply #30 on: August 24, 2008, 01:18:49 PM »
It may or it may not, but that still doesn't have much to do with EICAR specifically.
It just means those three do not follow EICAR rules as designed by EICAR creators.
Visit my webpage RejZoR's Flock of Sheep

Offline essexboy

  • Malware removal instructor
  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 40632
  • Dragons by Sasha
    • Malware fixes
Re: I did some testing (Someone from Alwil should read this)
« Reply #31 on: August 24, 2008, 01:38:46 PM »
AVG is now running heuristics and the amount of people posting and asking for help at G2G has increased with false positives generated by AVG.  Also it blocks some analysis tools making the cleanup task harder.   Heuristics are a two edged sword

My 2p

Offline BJ_GeOrgE

  • Avast Evangelist
  • Sr. Member
  • ***
  • Posts: 350
  • prevention is better than cure
Re: I did some testing (Someone from Alwil should read this)
« Reply #32 on: August 24, 2008, 01:46:18 PM »
You should ask yourself why only those 3 are detecting it and NO one else...
My answer is that all others follow the very specific detection rules for EICAR and these 3 AV's don't.
torelly agree with RejZor....the question is not why only three detected it but why did they detect it?
OS:Windows 7 Professional 64-bit SP1
Antivirus: Avast Free v8.0.1497/Firewall: Windows Firewall/On Demand: Malwarebytes Free Edition/Other tools: CCleaner

Offline Mike Buxton

  • Full Member
  • ***
  • Posts: 155
Re: I did some testing (Someone from Alwil should read this)
« Reply #33 on: August 24, 2008, 03:24:38 PM »
PotatoMan,

(a) Re your final words as quoted from your Reply # 7 [my corrections]:

....every member on this forum is going to do everything in there [their] power to prove me wrong. Please lock this forum [thread].

(b) Re your final words as quoted from your Reply # 23 [my comment]

I swear, I would make a good lawyer, hmmm??

[Lawyers are trained to understand the importance of grammar,. words and spelling.]

Offline PapaSmurf

  • Full Member
  • ***
  • Posts: 159
Re: I did some testing (Someone from Alwil should read this)
« Reply #34 on: August 24, 2008, 03:46:37 PM »
AVG is now running heuristics and the amount of people posting and asking for help at G2G has increased with false positives generated by AVG.  Also it blocks some analysis tools making the cleanup task harder.   Heuristics are a two edged sword

My 2p

I would have to agree with this, but that will be true for any AV that is advancing scanning techniques.
I think it is important to note that you should not depend solely on a single piece of software, but rather a combination
that work well together to provide an all around balanced approach to keeping the system safe.
I am NOT a big fan of false positives, but they are bound to happen as the AV software versions advance. Sort of a debug
phase.
If I thought that one single piece of software would do the job, my start up folder would be alot smaller..lol.  ;D
PapaSmurf is running Windows XP  Professional (SP3)
NVIDIA GeForce 7600 GT
Pentium 4/ 3.* Ghz  Memory 1024MB
avast! Antivirus  v5.05 Home Edition, Outpost Firewall Pro 7.0, Mozilla FireFox/NoScript/AdBlock Plus

Offline PotatoMan

  • Jr. Member
  • **
  • Posts: 67
Re: I did some testing (Someone from Alwil should read this)
« Reply #35 on: August 24, 2008, 04:26:06 PM »
PotatoMan,

(a) Re your final words as quoted from your Reply # 7 [my corrections]:

....every member on this forum is going to do everything in there [their] power to prove me wrong. Please lock this forum [thread].

(b) Re your final words as quoted from your Reply # 23 [my comment]

I swear, I would make a good lawyer, hmmm??

[Lawyers are trained to understand the importance of grammar,. words and spelling.]


I hate you, please go away, troll... :D


Anyways, I guess I am wrong, I just thought this test would help avast! improve, but, oh well. Thanks for everyone who posted positive comments (not the guy I am quoting).

Sorry for any false data I may have provided...

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 82308
  • No support PMs thanks
Re: I did some testing (Someone from Alwil should read this)
« Reply #36 on: August 24, 2008, 04:36:11 PM »
avast! still needs better heuristics

You keep talking about avast! Heuristics (or better heuristics) and as far as the definition of Heuristics goes, avast doesn't have heuristics, confirmed in many topics in these forums. So any test you devise to test its heuristics will fail as it doesn't have heuristics.

The Internet mail is said to have heuristics (which doesn't extend to the standard shield or other shields), but this is very basic and not what most would call heuristics.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 19.8.2393 (build 19.8.4793.544) UI-1.0.415/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ WinPatrol+/

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67269
Re: I did some testing (Someone from Alwil should read this)
« Reply #37 on: August 24, 2008, 11:06:20 PM »
avast! still needs better heuristics
Besides what David said, the effectiveness of the generic signatures is there...
http://forum.avast.com/index.php?topic=38131.msg319212#msg319212
The best things in life are free.