Avast vs. AVG and Zip files

  • Thread starter Thread starter Jim Leder
  • Start date Start date
J

Jim Leder

I've discovered something I don't like with AVG. I've been a long
time user of AVG and like it's relative small size and the fact it
seems less intrusive than other virus scanners. However I have been
testing it's complete scan capability against Avast, and am starting
to believe Avast is MUCH better at detecting virus files inside
compressed (zip'ed) archives. I have 4 different EICAR files on my PC:
1 is a .com, 1 is a .exe, 1 is a .com inside a Zip and 1 is a .com
inside a Zip inside a Zip. AVG's complete scan will NOT detect either
of the Eicar's that are inside the Zip files, it will detect the other
2. However, if I 'attach' either of the zips to an email, Eicar is
detected. If I unzip either zips with Eicar, it is detected. But, on a
COMPLETE scan, it only sees the 2 unzipped Eicars. Yes, I do have
internally compressed and archives checked. Avast on the other hand
catches all 4 Eicars, zipped or unzipped on a complete scan.

I still think AVG is a great 'free' product, and know that with it
working the way it does, even a zipped virus will be detected if I
attempt to do something with it. Guess it's just the way it is
designed to work.

Anyone else notice this? Any comments?
 
I've discovered something I don't like with AVG. I've been a long
time user of AVG and like it's relative small size and the fact it
seems less intrusive than other virus scanners. However I have been
testing it's complete scan capability against Avast, and am starting
to believe Avast is MUCH better at detecting virus files inside
compressed (zip'ed) archives. I have 4 different EICAR files on my PC:
1 is a .com, 1 is a .exe, 1 is a .com inside a Zip and 1 is a .com
inside a Zip inside a Zip. AVG's complete scan will NOT detect either
of the Eicar's that are inside the Zip files, it will detect the other
2. However, if I 'attach' either of the zips to an email, Eicar is
detected. If I unzip either zips with Eicar, it is detected. But, on a
COMPLETE scan, it only sees the 2 unzipped Eicars. Yes, I do have
internally compressed and archives checked. Avast on the other hand
catches all 4 Eicars, zipped or unzipped on a complete scan.

I still think AVG is a great 'free' product, and know that with it
working the way it does, even a zipped virus will be detected if I
attempt to do something with it. Guess it's just the way it is
designed to work.

Anyone else notice this? Any comments?
Click to expand...

Concur, and if the compressed files are .rar or other formats
the odds of detection are even less.

Plus def updates with Avast take only a few seconds over my
dial-up, whereas AVG is usually around a meg to wait for.

The only negative to me is RPCSS is used to move a virus to the
vault. I would prefer to have RPCSS inactivated, permanently.

I've had excellent response from Avast, none from AVG. A recent
mention to Avast that their latest def was false alarming on
..htt files brought an immediate admission of guilt on their
part and an immediate fix in the next update. See below:
_______________________
Subject: Re: False alarms with latest definitions - folder.htt
From: "Vladimir Cernik" <[email protected]>
Date: Thu, 28 Aug 2003 12:54:06 +0200

Hello,
It's really our false alarm. I try to repair it in next version.
Best regards Cernik
________________________

BoB
 
I have RPCSS inactive and wondered what that error message was, now I
know. Thanks!
On further analysis of AVG, the report DOES claim it detected the 2
zipped Eicars, it just doesn't inform you at the time of the complete
scan. When viewing the report, they are in a different color than the
reported Eicars. So, I guess it's not that big a deal, but I would
prefer that they are reported in a more easy to see way.
 
Back
Top