Avast vs AVG

[Franklin]

On Tue 21 Jun 2005 15:33:19, schrodinger's cat wrote:

An anti-virus program which does not allow scheduled unattended
scans is not a real solution IMO. That is the principal reason I
use AVG instead of Avast.

AVG free offers only a scheduled full scan.

Often I want to schedule AVG to scan only certain drives (I have
several big hard drives and some of these hold mainly static data)
but I have to buy AVG Pro version to do that.

 

[Franklin]

On Mon 20 Jun 2005 21:48:53, Wayne Boatwright wrote:

I'm beginning to think so too, even with my short term use so
far,.

AVG 7 is nicer than I expected it to be.

Avast is very good too and gives more user options. However, I
have had installation problems with Avast (no tray icon) which
could not be solved.

I find I can run AVG with all "components" enabled and also have
Avast loaded (but with no services selected at installation time)
for ad-hoc scans of files and folders.

It may be possible to do it the other way too (Full Avast and AVG
enabled just for file scans).

System power requirements are not a major factor even on a
relatively slow machine with either application.

 

[Franklin]

On Wed 22 Jun 2005 23:09:38, BillR wrote:

I should have mentioned using ClamWin (ClamAV) as an on-demand
AV. Like BD (free) it does not have an on-access
scanner/monitor. Unlike the other four products, ClamWin is
free for all users.

Am using XP.

I heard that the detection rate for Clam was not that good. Do you
find that is true?

Like you I believe that it is good to have more than one AV
application. I have got AVG full yinstalled, Avast! (no services
installed so on-demand only), F-Prot for DOS (also on-demand
following a recent thread here about using this in XP from a context
menu).

If I were to also install ClamAV then would it go on last? Are there
any install time option which it is worth knowing about which will
affect how ClamAV interacts with my other AVs.

 

[Franklin]

On Wed 22 Jun 2005 21:22:59, BillR wrote:

Detection; avast! External Control; Other Features

AntiVir, avast!, AVG, BitDefender are all free for personal,
non-commercial use/home use. All except BitDefender include
on-access (real-time) scanners in their free version. I think
all the vendors are to be commended for providing this
protection.

Very nice posting Bill. Some great links there too. Thank you for
your effort.

BTW you didn't mention that Kaspersky sets up alternate data streams
on all the files it scan. I tried Kaspersky but it needed more power
than I had spare. Otherwise I would probably go for it. But it is
$$$ware and not cheap either.

After I uninstalled Kaspersky, it took me a long time to remove the
streams from several drives I had scanned using it and even now I am
not sure all the streams were fully removed properly.

 

[elaich]

Any strong recommendation for Avast over AVG?

TIA

Reading the results here, it doesn't look like either one of them are worth
a hill of beans.

http://www.av-comparatives.org/seiten/ergebnisse/report06.pdf

 

[rex72]

It may be possible to do it the other way too (Full Avast and AVG
enabled just for file scans).

I tried AVG, but went back to F-Prot. I have F-Prot in my Sendto folder
and I use it for on-demand scans. I really couldn't seen any advantage of
AVG over F-Prot, and the updates were orders of magnitude smaller (I have a
small hard drive.)

 

[Kerodo]

On Mon 20 Jun 2005 21:48:53, Wayne Boatwright wrote:



AVG 7 is nicer than I expected it to be.

Avast is very good too and gives more user options. However, I
have had installation problems with Avast (no tray icon) which
could not be solved.

I find I can run AVG with all "components" enabled and also have
Avast loaded (but with no services selected at installation time)
for ad-hoc scans of files and folders.

It may be possible to do it the other way too (Full Avast and AVG
enabled just for file scans).

System power requirements are not a major factor even on a
relatively slow machine with either application.

Both are good, but one reason I prefer Avast is for the Web Shield. It
scans your browser traffic and catches the bad stuff before it even hits
your hard disk, even in ZIP archives and so on. Can't be beat. AVG
does nothing like this. If I can catch a virus before it even hits my
HD, then so much the better. Very nice thing to have IMO.

 

[Mel]

Both are good, but one reason I prefer Avast is for the Web Shield. It
scans your browser traffic and catches the bad stuff before it even hits
your hard disk, even in ZIP archives and so on. Can't be beat. AVG
does nothing like this. If I can catch a virus before it even hits my
HD, then so much the better. Very nice thing to have IMO.

AVG Resident Shield detects viral activity coming from the web.

 

[Kerodo]

AVG Resident Shield detects viral activity coming from the web.

Is this in the free version? That's news to me..

 

[elaich]

Is this in the free version? That's news to me..

Sure is.

--

 

[Kerodo]

Sure is.

Thanks.. I'll have to check that out..

 

[BillR]

Franklin,
ClamWin / ClamAV appears to have improved immensely. I haven't seen a
recent good comparative test. I would not have bothered with it at all
last year but I have started recommending it to those who want more
than two AVs. ClamWin does have a unique anti-phishing module that
appears to work but isn't as useful as it might be. My impression is
that, like AntiVir, avast!, and AVG, ClamWin also has a problem with
false positives. I always run anything any AV catches through
VirusScan.Jotti.Org or VirusTotal.com because of the high false
positive rates of AVG, avast!, and AntiVir.

I've recently been suggesting avast! + AEC, ewido, MS AntiSpyware,
SpywareBlaster, and a firewall as most important. I then suggest
adding Ad-Aware, Spybot S&D, and BitDefender and provide links to
several on-line scanners. ClamWin, AntiVir, or AVG don't usually make
the recommended list except as a substitute if someone has problems
with avast! or BitDefender.

I haven't quite made up my mind about where several other tools fall
(e.g., F-Prot for DOS, HijackThis + Help2Go Detective, SSM, Abtrusion,
WinPatrol, ProcessGuard ) but PrevX, MJ Registry Watcher, and SSI
might make my suggested list soon. There is a lot of functionality
overlap, especially in the registry monitoring features.

 

[BillR]

Franklin,

I assume you are referring to KAV (full version). Its use of ADS has
caused some consternation and even outright problems. I don't know
whether Kaspersky web scanner writes data to ADS. Perhaps you or
someone can confirm that one way or the other.

BillR

 

[BillR]

elaich,

While AntiVir, avast!, and (especially) AVG did not fare well in the
retrospective test, their performance using current definitions (tested
in Feb.) was much better. For most users who maintain the currency of
their definitions, layer security, and generally avoid risky behavior,
that probably suffices.

BitDefender did do quite well in the retrospective test, however,
essentially tying with KAV for 2nd place and well ahead of 4th place.
While the results may not apply to periodic on-demand scanning with the
free for home use version of BD (which excludes the on-access monitor),
I think BD is still a very valuable tool to install.

BillR

 

[elaich]

ClamWin / ClamAV appears to have improved immensely. I haven't seen a
recent good comparative test. I would not have bothered with it at all
last year but I have started recommending it to those who want more
than two AVs. ClamWin does have a unique anti-phishing module that
appears to work but isn't as useful as it might be. My impression is
that, like AntiVir, avast!, and AVG, ClamWin also has a problem with
false positives. I always run anything any AV catches through
VirusScan.Jotti.Org or VirusTotal.com because of the high false
positive rates of AVG, avast!, and AntiVir.

I've recently been suggesting avast! + AEC, ewido, MS AntiSpyware,
SpywareBlaster, and a firewall as most important. I then suggest
adding Ad-Aware, Spybot S&D, and BitDefender and provide links to
several on-line scanners. ClamWin, AntiVir, or AVG don't usually make
the recommended list except as a substitute if someone has problems
with avast! or BitDefender.

I haven't quite made up my mind about where several other tools fall
(e.g., F-Prot for DOS, HijackThis + Help2Go Detective, SSM, Abtrusion,
WinPatrol, ProcessGuard ) but PrevX, MJ Registry Watcher, and SSI
might make my suggested list soon. There is a lot of functionality
overlap, especially in the registry monitoring features.

My God, you sound like a doctor who prescribes a patient 15 pills rather
than tell them how to live a healthy lifestyle and not need the pills at
all.

Practice a healthy online lifestyle and you won't need any of those
pills. Too bad, you'll have to give up your Internet Exploder and
Outhouse Express.

 

[Franklin]

On Sun 26 Jun 2005 20:53:47, BillR wrote:

Franklin,

I assume you are referring to KAV (full version). Its use of
ADS has caused some consternation and even outright problems.
I don't know whether Kaspersky web scanner writes data to ADS.
Perhaps you or someone can confirm that one way or the other.

BillR

It's too late for me to know now as I had it on trial. I hit my
machine speed too much but it did seem good.

I don't know if the web scanner did or did not write data to ADS. I
kind of guessed that Kaspersky was using ADS as a hidden flag which
told it if the file had been there on the last scan.

When I did some ADS removing (and different tools tell me different
things about how well that went) the size of the file did not change
so I guess there was no data in it. Of course I may have
misunderstood how ADS allocates data.

 

[BillR]

On Sun 26 Jun 2005 20:53:47, BillR wrote:



It's too late for me to know now as I had it on trial. I hit my
machine speed too much but it did seem good.

I don't know if the web scanner did or did not write data to ADS. I
kind of guessed that Kaspersky was using ADS as a hidden flag which
told it if the file had been there on the last scan.

When I did some ADS removing (and different tools tell me different
things about how well that went) the size of the file did not change
so I guess there was no data in it. Of course I may have
misunderstood how ADS allocates data.

IIRC, KAV writes the file MD5 hash in the ADS. On subsequent scans,
KAV compares the current and recorded hash. If the hash matches then
the file is assumed unchanged and therefore not to require rescanning.

I don't know how far this goes as the file might, of course, contain
"new" malware only recently added to the KAV signatures. I'm not sure
which scans (on-demand versus on-access v. scheduled) depend on the
hash or when a matching hash is ignored. I presume KAV obfuscates the
hash since that would be such an obvious KAV attack otherwise.

Those concerns might be better pursued in one of the AV newsgroups or
the KAV forum.