Author Topic: Antivirus Tester 3  (Read 19533 times)

0 Members and 1 Guest are viewing this topic.

Offline Kaleus

  • Jr. Member
  • **
  • Posts: 20
Antivirus Tester 3
« on: July 26, 2003, 08:59:39 PM »
Hi @ all,

I'm new user of Avast! using Norton 2k3 before ::)
I searched a way to test the efficacity of my new antivirus, so I downloaded Antivirus Tester 3

http://www.damselsoft.freeservers.com/

So the first time all my test was unsuccessfull, I changed the Standard Shield to High and EICAR test is ok, like the Enhanced Worm test, but Simple Worm and Encrypted Worm test isn't successfull yet.
Is there any options to check ?
The proggy say that if the EICAR test is ok, we have no reason to worry, did you think so ?

Thanks a lot. :)

Offline Waldo

  • Sr. Member
  • ****
  • Posts: 397
  • Avast does the ownage
Re:Antivirus Tester 3
« Reply #1 on: July 26, 2003, 11:36:50 PM »
well, if no signature of the worms is included into the AVAST database, it won't detect them i guess...

As none of the (test) worms that can be launched from the program is dangerous, its just a normal apllication wich is harmless.

So the vendors of AVAST won't include the "fake" worms in there database...

AVAST uses NO heuristics (checking for unkown virusses) for its detecting in the main scanner or resident guard (only in its mail providers)....But it has a verry good unpacking engine and detecting options. Wich is fare more important than having a heuristic module, that will give most of the time false alarms.

If the worms should have some dangerous content > AVAST will be the first to detect it, as there updates are truly amazing fast.







 
**Guns are for show, knifes for a pro**

Offline Kaleus

  • Jr. Member
  • **
  • Posts: 20
Re:Antivirus Tester 3
« Reply #2 on: July 27, 2003, 12:03:40 AM »
Cool, thank you for your reply :)

Offline Vlk

  • Avast CEO
  • Serious Graphoman
  • *
  • Posts: 11664
  • Please don't send me IM's. Email only. Thx.
    • ALWIL Software
Re:Antivirus Tester 3
« Reply #3 on: August 19, 2003, 05:25:16 PM »
OK, we have made some more testing of this "test-suite", and generally what it does is that it saves some files on the root of the C: drive.

- Eicar test puts classic eicar
- Simple Worm test puts an artificial simple VBScript, generally harmless (so I believe the behavior of avast is correct)
- Enhanced Worm test puts a more complicated VBScript, derived from the classic love-letter. Indeed, it is identified by avast as Love-Letter.

Hope this helps,
Vlk
If at first you don't succeed, then skydiving's not for you.

Offline JimIT

  • Jr. Member
  • **
  • Posts: 37
    • Gremiss Computing Services
Re:Antivirus Tester 3
« Reply #4 on: August 19, 2003, 05:45:40 PM »
AVAST uses NO heuristics (checking for unkown virusses) for its detecting in the main scanner or resident guard (only in its mail providers)....But it has a verry good unpacking engine and detecting options. Wich is fare more important than having a heuristic module, that will give most of the time false alarms.

I would say that's a matter of opinion and preference, as heuristics are pretty important in my book.  ;)
avast! Reseller
United States

Offline Waldo

  • Sr. Member
  • ****
  • Posts: 397
  • Avast does the ownage
Re:Antivirus Tester 3
« Reply #5 on: August 19, 2003, 06:05:05 PM »
There are so many posts and threads about Avast and the "lack of heuristics", it's getting insane.

As far as i'm concerned it isn't a lack of features. But wisely programmed this way to make the risk of having false alarms less.

Having a verry reactive heuristic gives a lot of false detections. Wich could be verry dangerous in the hands of unexperienced users.

If you make the heuristic less reactive, it is of no use anyway.

Having false alarms puts a program in a bad daylight.

Updates are these days sooo fast, new virusses are detected almost immediatly when they break out.

Virus vendors do communicate wich each other, so they know almost all at the same time, if a new virus or variant spreads.

Avast scores in the respected AV-tests, better or atleast as good as other scanners with
a heuristics engine.

AVG (form Grisoft) uses heuristics, but it is well known for its weak detection capabilities.

Like you said, it's just a mather of opinion.  ;)

Waldo


« Last Edit: August 19, 2003, 06:07:50 PM by Waldo »
**Guns are for show, knifes for a pro**