And the winner is...
Tuesday, 6. May 2008, 11:23:07
None.
I've been trying the main 3 free antivirus, AVG, AVAST and ANTIVIR. Now, AVG version 8 doesn't even install correctly on Win2K (scheduler and updater are disabled), ANTIVIR sucks a lot of resources, takes forever to open dialogs and gives me a BSOD from time to time (probably only when it finds some other software running, do not know which), AVAST is the most complicated antivirus ever, with several resident modules for monitoring different activities, a skinnable GUI, options distributed in "hard to find" dialogs here and here. On top AVAST misses heuristics besides the mail module.
At the end, given the catastrofic failures of AVG and ANTIVIR I am using AVAST, with the bare minimum of modules installed but thinking of living without any "on access" scanner and use CLAMAV (ported to Win) from time to time.
Edit: did I say AVAST? So far I got this interesting "features":
1. scanning my 170MB Thunderbird mailbox it generates 2 or 3 120MB temp files, if I stop the scanning before it ends those temp files are left on the disk in the _avast_ directory. It seems also that after creating those files AVAST doesn't actually do anything, skipping the content. On a side note, ClamAV does the same with temporary files if you "cancel" before completion.
2. there is a feature to block (it asks for authorisation) writing of executable files, unfortunately it is triggered also by directories whose name is "mario.com" and some software installers create such folders, for example TopStyle. An alert is risen any time you access a dir if some subdir has such names.
3. automatic updates of the virus signatures can cripple the scanning engine.
I've been trying the main 3 free antivirus, AVG, AVAST and ANTIVIR. Now, AVG version 8 doesn't even install correctly on Win2K (scheduler and updater are disabled), ANTIVIR sucks a lot of resources, takes forever to open dialogs and gives me a BSOD from time to time (probably only when it finds some other software running, do not know which), AVAST is the most complicated antivirus ever, with several resident modules for monitoring different activities, a skinnable GUI, options distributed in "hard to find" dialogs here and here. On top AVAST misses heuristics besides the mail module.
At the end, given the catastrofic failures of AVG and ANTIVIR I am using AVAST, with the bare minimum of modules installed but thinking of living without any "on access" scanner and use CLAMAV (ported to Win) from time to time.
Edit: did I say AVAST? So far I got this interesting "features":
1. scanning my 170MB Thunderbird mailbox it generates 2 or 3 120MB temp files, if I stop the scanning before it ends those temp files are left on the disk in the _avast_ directory. It seems also that after creating those files AVAST doesn't actually do anything, skipping the content. On a side note, ClamAV does the same with temporary files if you "cancel" before completion.
2. there is a feature to block (it asks for authorisation) writing of executable files, unfortunately it is triggered also by directories whose name is "mario.com" and some software installers create such folders, for example TopStyle. An alert is risen any time you access a dir if some subdir has such names.
3. automatic updates of the virus signatures can cripple the scanning engine.
By MizzMartinez, # 6. May 2008, 11:34:29
By LorenzoCelsi, # 6. May 2008, 11:52:14
By MizzMartinez, # 6. May 2008, 11:54:54
Avast failed me to clean a virus some time ago. I dunno about the new version of AVG.
Actually, on my old laptop, I'm really looking for a low-resource hog software.
Thanks for your review.
By pfelelep, # 14. May 2008, 14:41:48
I haven't tested it actually but its strong point should be the "euristic scanning", meaning it uses "smart" detection to recognize "unknown" threats instead of relying only on strings of "known" threats.
Generally speaking, the cleaning of viruses most of the times ends in deleting (or moving to quarantine) the whole file that contains the virus.
That is expecially true for "real" viruses that usually overwrite part of the original file with their own code so it is impossible to restore the file in its original state.
It is easier removing viruses when it comes to worms that are stand-alone programs and much bigger than "real" viruses and macro virues that come with "office" documents.
Detecting a virus when it is elready active in your system is good for stopping it to spread further but then you probably need to erase the system and re-install it from scratch, after you have saved your critical information.
By LorenzoCelsi, # 14. May 2008, 15:08:20