[pchelpers] Re: AVG no longer free
- From: "Ekhart GEORGI (last name last)" <Ekhart.GEORGI@xxxxxxxxxxx>
- To: pchelpers@xxxxxxxxxxxxx
- Date: Sun, 04 May 2008 23:48:42 +0300
Hi Scott (for others: we're talking about Avira AntiVir)
> EGlnl> It's really quite amazing due to the combination of highest
> EGlnl> number of updates, fastest update after virus outbreak, and by
> EGlnl> far the highest detection of new, unknown malware through
> EGlnl> heuristic analysis. I've seen some incredible statistic charts,
> EGlnl> but i couldn't find them quickly now. I think they were at the
> EGlnl> above site.
>
> According to the report at
> http://www.av-comparatives.org/seiten/ergebnisse/report16.pdf, it has
> a high false-positive rate.
Yes, but the number of false positives in fact depends on the relevant
setting chosen. And it seems false positives were weighted too much in
giving the final rating. In real life, most people will not believe
their antivirus program if it claims that a program they know and have
been using is malware. They will probably be annoyed or perhaps even
confused or worried, but they will definitely not usually let the AV
remove or quarantine a trusted program they know. And as explained on p.
7, all FPs were reported to the vendors and fixed. The same is true of
possible new FPs; some testers and many users will complain about them,
and they will be fixed soon.
I much prefer getting false positives, which one can easily deal with by
clicking "ignore", if the AV program is much better at detecting new
malware for which an update does yet exist. AntiVir beat NOD32 81 to 71%
in this, and all the other AVs were far or very far below.
> ESET NOD32, which is #2 on av-comparatives, and tied on
> virus-bulletin, is very interesting: av-comparatives marks it as NO
> false positives (the only one marked this way), and fast. It ranks
> "Advanced+" on both the on-demand and retrospective tests; the only
> other product to do so is Kaspersky, which seems to otherwise be an
> average performer.
Yes, i've been recommending it to people who can't believe that a free
program can be as good or better than a pay version/program.
> I'm about to install Comodo here, perhaps we can work out the problem.
Thanks, but i'm very busy, so i'll have to wait a while.
> I'll also install Avira; I'll see if I can give you an easier way to
> disable that message.
Easier than right clicking and denying right to execute or installing
ProcessGuard? There actually is; just turn off automatic updates and
update only manually. (Since users can do this whenever they want to or
whenever they need to open an attachment or install a program from a
site whose reputability they haven't had time to check, they'll actually
be better protected than most because they don't bother to find out how
to make AntiVir get new updates every few hours.)
If you can find an easier solution than the execution denial, you'll be
famous soon. The Internet is full of discussions of this topic.
Here are the other methods i collected in the past:
block using firewall
control panel-> administrative tools-> local security policy->software
restriction policies->additional rules->new path rule-> choose the path
of avnotify.exe (default is C:\Program Files\AntiVir PersonalEdition
Classic\avnotify.exe) and the security level (disallowed).
Control Panel - administrationtools - local security principles -
additional rules + right click and choose new hashrules - browse for and
add avnotify.exe (shows as a lot of letters and numbers) and set this
rule to "dont allow"
--
-------list-services-below-----------
Regards, John Durham (list moderator) <http://modecideas.com/contact.html?sig>
Freelists login at //www.freelists.org/cgi-bin/lsg2.cgi
List archives at //www.freelists.org/archives/pchelpers
PC-HELPERS list subscribe/unsub at http://modecideas.com/discuss.htm?sig
Latest news live feeds at http://modecideas.com/indexhomenews.htm?sig
Good advice is like good paint- it only works if applied.
Other related posts:
