Greetings everyone,
This is Scott from http://bangsonpc.com, your friendly computer guy.
Norton and McAfee
First, let me cover the Norton McAfee topic really quick. I don’t recommend Norton or McAfee at all. The first reason is both of these applications are intense resource hogs, they utilize too much of your system memory and can slow your PC down to the speed of a drunk tortes. The second and probably the most important reason, is because, they just do not perform at the level of protection they should, especially for a product that demands a fee based subscription. The majority of PC’s, laptops that I have had brought to me for virus and spyware removal, had either Norton or McAfee installed, updated and didn’t detect, or remove the hundreds of infected files I was able to remove and clean off of your machines.
The reason for this is because Norton and McAfee are just too “famous”; they are so popular that when some of these evil virus creators are working away at their next project, it’s easy for them to write in stealth abilities to circumvent Norton and McAfee. Remember, “well known” doesn’t mean “the best”. Take me for example; I am not that “well known”, but I am certainly the best computer guy! :)
Anti Virus Protection
Ok, let’s get back to Anti Virus protection. Anti Virus Software should perform at three levels, listed below in order of importance.
Prevention Contact: Preventive measures will prevent a virus from coming into contact with your system. Meaning, if you accidently make a wrong click while browsing the web and a virus is starting to be saved on your system, your AV software should kick in and stop that from happening. Same is true if a friend brought over a CD with some cool software to show you, and an unknown virus was present, your AV Software should prevent that file from being copied onto your system.
Prevention Intrusion: Preventive Intrusion measures will prevent a virus from actually being “installed” in the Operating System of the machine. Should a file actually sneak itself in and get placed on your system, then usually the virus will then need to be executed. This usually occurs when a user runs the EXE file, or the setup program to install their “cool new software”. The virus will then start the Intrusion phase. A good AV product should be able to detect and stop this intrusion.
Removal: This is probably one of the most difficult phases to perform for all AV products. A virus got on the system, it successfully completed intrusion, and now your machine is a mess. However your AV product did a recent update, and now is able to detect the virus, and its infected files, however a bit too late. So now your AV product has the responsibility of attempt to remove and clean your infected files.
Obviously, if an AV product can succeed in the first phase, it doesn’t need to worry about the second or third, and likewise if an AV product was able to succeed at the second phase, it wouldn’t have to worry about the final and terrible third phase.
Let the Tests Begin
Recently I had the opportunity to acquire several viruses and spywares and was able to bring them in contact with several systems in a controlled environment. This is where I discovered that AVG 7.5 Free failed at the most fundamental and most important phase of AV Protection, Preventive Contact. It also failed at Preventive Intrusion, and it failed at Removal.
My testing logic used the following criteria.
Each machine had a fresh Windows install, and the AV Software was installed first, updated and performing at 100% without issue.
Each test had three phases:
- Attempt to download known infected files to the host machine, and attempt to copy those same files from another machine to the host machine via a network connection. This replicates the friend with a cool CD scenario I touched on above.
- If any files actually passed phase 1 and got placed on the host system, then we would attempt to install those files and allow the virus to start the Intrusion process.
- Final phase of each test was removal of any virus that actually was able to partially complete the Intrusion step.
You can review the actual screenshots and notes of each step that was performed and see the proof for yourself. Go to http://bangsonpc.com and in the left margin you will see a link AVG Fails Preventive AV Test, while Avast Concurs!
That link will allow you to download a ZIP file which contains 3 PDF documents.
AVGPrevTest.pdf: This will illustrate that AVG 7.5 Free, failed miserably at all 3 of the testing phases. Yet this is the highest rated free AV software on the Internet.
AvastPrevTest.pdf: This will illustrate that Avast Home Edition, passed 100% of phase 1. We were unable to test phase 2 and 3, as none of the infected files were even allowed to come into contact with the host machine.
AvastCleanAVG.pdf: Now I decided to have some fun, so I installed Avast on the same PC that AVG allowed to be infected. This was an attempt to clean and fix the damage that AVG allowed to occur. While Avast did get more of the items off of the infected machine, it did not get everything, and this is ok, I will explain more below.
Even the Best Anti Virus Protection is Still Not Enough
A PC cannot rely on good AV protection alone; a PC also needs AS Protection, or Anti Spyware protection. Viruses and Spyware by definition are very different and have distinct characteristics, yet some Viruses and some Spyware share very similar characteristics.
In the AvastCleanAVG.pdf document, you will see at the end I had to bring in PC Tools Spyware Doctor Free version, available from Google Pack to clean up the rest. Which it did, so in combination Avast with Spyware Doctor, this PC was fully cleaned and healed.
What Now?
Remove AVG: I would recommend using Revo Uninstaller for removing ANY program. This can be downloaded here, check it out: http://www.revouninstaller.com/
Install Revo, and then run Revo and use its ability to remove AVG. As always, when using Revo to uninstall a software application, do not restart your computer, after the uninstaller finishes, Revo has more things to do, if you restart your PC, this will cancel out what Revo needs to do, and you cant have Revo continue after the PC is rebooted.
Install Avast Home Edition: Avast does require registration, but it’s free and this will give you a license number good for one year. At the end of that year, you just request another key and you’re good to go for another year. Pretty painless for a free AV Product that has great protection ability. You can get Avast Home here, check it out: http://www.avast.com/eng/download-avast-home.html
Install the free version of Spyware Doctor from Google Pack, check it out: http://pack.google.com/intl/en/pack_installer.html?hl=en&gl=us
Note, Spyware Doctor does utilize a good amount of system recourses, if you have a lower end PC, then use this, update it, scan your system, remove infections, and then shut it down. Right click on the Spyware Doctor icon in the systray (lower right corner by the clock) and choose shut down. You can always run this again from your Programs start menu.
Before doing any system scan for viruses or spyware, always use CleanUp to remove your temporary files from your PC, so the protection scans will take less time. You can get CleanUp here: http://www.stevengould.org/index.php?option=com_content&task=view&id=29&Itemid=72
Ok everyone; I think this about covers it for now. As always feel free to contact me if you have any questions, comments or concerns, and of course I can assist you in making the transition or cleaning up your systems.
Thanks again,
Scott