Wai_Wai

Thanks that you find them useful. If you have any enquiries relating my post or even the AV programs (eg you may wish to ask why some rpograms perform badly etc.), free feel to ask me.

> Anyways, I and many others don't like software which goes far beyond > it's scope od duty, like all post-2002 symantec products do. What bad things do they do on our computers? I woudl like to know more.

Updated

It seems both Kngston and Corsair produces good RAM What chipsets do you like most?

Thanks for your feedback. This makes me feel my efforts are not wasted. I will work harder and make more good posts. By the way, your hand looks scary.

Updated to v1.0.1

My Anti-virus Program Comparison Analysis Version 0.3 Note: - Again this post becomes more and more long-winded. So scan the bold/italic headings first. If the heading interests you, read on. - But please read this heading " Important!!!!! You should know before reading my reviews!!!!! " before going straight to my reviews. ================================== Update logs: v0.3 Another 1/2 volume of contents are added - make more clarifications about this post, my comments and my reviews. - explain more about the limitations of my reviews and the summary tables. - inclusion of Important!!!!! You should know before reading my table!!!!! So hopefully readers will not be misled when reading my tables. - clarify, add some comments made on anti-virus programs - The dates of the reports are added - mistakes on the images are discovered v0.2 A lot of contents are added. The post expands by 3/4 volume. - Explanation on My evaluation methodology - Add a lot more comments on the anti-virus programs - Have some overviews on their strong and weak points - Includes links to my reports - Includes links to other brief reports v0.1 - the first draft of my post ================================== Introduction It is hard for us to judge if an anti-virus can protect us well. Simply using it cannot give you accurate evaluation. Consider this case. A virus bypassed your anti-virus program. They don't cause serious problems in your computer. You never notice of its existence. You still feel your anti-virus program is doing a great job. In this regard, I did a long research. Afterward I tried to pick up some of the best anti-virus programs and introduce to you. So you can save your time and troubles reading a lot of reports, or thinking hard on picking a good AV program. I tried to summarize a lot of reports and provide one large table for users to read. In the table, I try to compare different anti-virus programs in terms of their virus protection capabilities, including a lot of areas, namely: - ITW (known/common virus) protection - Zoo (unknown/rare virus) protection - heuristic system - false positives (ie false alarm to clean files) - compressed files - non-viral malware protection - office infected files - virus removal ability - and so on Hopefully you may find the information useful. Enjoy! ================================================== My evaluation methodology I am going to comment on their anti-virus capabilities based on the reports I have read, some of which brief, some detailed; and some of the tests/trials I made (if applicable). I value detailed reports much more than simple/brief reports because they analyse their anti-virus capabilities in a comprehensive and thorough way, not just focus on one aspect only. Usually the brief reports assess their abilities to detect known (ITW) viruses. And it is not uncommon for them to make mistakes. I hardly rely on magazine reviews because their analyses are light and may be partial as some articles point these problems out. I would pick up the best ones if more reports (at least 2, and especially the detailed ones) rank them excellent. I will not conclude an anti-virus program as excellent just by 1 report says so. Even within the same report, some parts may not be representative enough (eg because I notice their sampling size is small). Then I will not rely a lot on these results in making my judgement. I won't really add any subjective points/opinions into my judgement. I am based on the results given from reports and tests, and make conclusions. Finally I have provided a table which summarises most of the detailed reports. The brief reports are excluded. But I have provided links, so you can read them yourself. All the summary tables and links can be found at the end of my post. Help yourself and enjoy! Important!!!!! You should know before reading my reviews!!!!! Since some readers are (or will be) frequently raising such kinds of questions/challenges, it is the best to make a good strong emphasis first. So reader will not be misled from the information in my post. Q: So are you suggesting XXX is the best AV program, and all people must use this one?!? I'm no longer a 3-year-old baby!!! A: No, I haven't made such claim in anywhere of my post. I just pick the best AV program based on their AV capabilities only, and no more. High AV capabilities are just one aspect (although important). There are some other aspects which we haven't considered (eg features, ease of use, compatibility/stability). You may need to consider them as well before making a decision. In a nutshell, AV with the best AV capabilities is never a byword for the best AV!! Don't be confused with these 2 ;-) Q: Your comments and recommendations are extremely subjective! Please consider rewriting it. A: All my comments are based on rock solid facts, I try my best to isolate all my sentiments before reach my judgement. I don't add any comments/opinions/points which are not found in the reports. And I don't rely on ONE SINGLE report to make my judgement. This is to prevent the mistakes, bias or whatever bad things made by a report. In fact, I've read a lot of reports in order to reach the conclusions. In fact, my spirit was as if on vacation when I was writing my report. I completely submitted to what the reports say. All are written by the reports, NOT me. Scary huh? If you ever find one single point which is not concluded from any report, please tell me and I will gladly remove it. Q: Your conclusions are completely unacceptable. They are all contradictory to our common sense. XXX is known to be the best. Everyone knows except you id***. A: Bear in mind, if I say something is not good, it is in terms of their AV capabilities and no more. What's more, it is the reports which lead me to the conclusions, NOT me. My spirit was away when making such judgement. As far as AV capabilities is concerned, if it is said their AV capabilities are not good enough, I am confident to tell you it is very likely to be the case. I realise it is exceptionally hard to accept. But it is painfully true. It is the same to me. When I see how my favorite AV programs score poorly, I feel upset. I don't wish to accept the truth and comfort myself, saying such-and-such reports must be mistaken and so on. But it is not just 1 report which says so, at least it has to be 2 very reliable sources in order to make me such kinds of conclusions. However there are some limitations in the reports. For details, see the heading " Limitations" at the end of my post. Q: How can you say XXX is abysmal? In fact there are much more crappy AV programs which are worse than XXX. Why don't you criticise them? You are too demanding!!!!! A: All anti-virus programs which are short-listed should meet the general standard. Otherwise I will not list them in the first place. In fact, all are about comparisons. All comments are relative. XXX is said to be bad if others are better than XXX. When others only detect 50% of virus and XXX detects 70%, it is already the best and we will say it is excellent. However when others detect 90% but XXX detects 70% as usual, we will no longer say XXX is good anymore. It is because the standard is pushing up. The same case holds true again. But among the top products, they are just bad by comparison. In fact, most of them do good jobs. Q: Why don't you analyse more AV programs like YYY or ZZZ? There are far far more anti-virus programs in the market. Do you have any evil plans in mind? A: Yes, I only shortlisted the well-known & good ones. It is because most people wish to know about them. It appears to be no point in spending time on analysing a crappy or immature AV program, just to tell you how crappy the AV program is. And I doubt people care to know about that. However it is worth analysing among all good AV programs, so you can see their strong and weak points by the process of competitions. By the way, I may have some evil plans in mind. Who knows (including me)? ;-D The best anti-virus programs [Note: All comments are based on the information found in the reports. I don't add any personal statements/opinions in making my judgement] McAfee http://www.mcafee.com/us/?cid=10550 - A well-rounded anti-virus(AV) program which achieve well in most of its areas, but not perfect. (Anyway no AV program is perfect) - It is the only program which can remove ALL viruses (100%) successfully in a series of virus removal tests performed by a report. - It hardly generates any false positive which is a merit. 0 false positive is impressive. - It has problems in detecting virus in archived and compressed files though. Kaspersky AVP http://www.kaspersky.com/ - It focuses a lot on its detection capabilities. It can catch more viruses than others (eg Norton). - It does well to catch unknown viruses too which is also an aspect we should not ignore. - It works harder to deal with non-viral (less harmful) malware which other anti-virus programs often ignore. - But it can't disinfect well. - In a test, it has serious problems in catching any boot virus. Yes, it caught 0 boot virus when you access to the infected files. - It generates some false positives once in a while. McAfee can generate none for most of the time. It can't. Seemingly good AV programs The following may be good although I would like to read more reports to confirm: F-Secure http://www.f-secure.com/ - It seems it incorporates multi-search engines into its anti-virus program, but one article argues that it doesn't help you much. It is just a marginal benefit. The costs don't outweigh the small benefits. - Anyway, it seems to have good virus protection although I need to read more to confirm. AVK http://www.antiviruslab.com/ - This program seems good but only gets German version only. - I haven't included this in my analysis (because the program is German) . More reading is needed to confirm its quality. Some other anti-virus programs It may surprise you much, and exceptionally hard to accept. Some anti-virus programs are well-known but do not do their job well. They just can't beat the best ones: Norton Anti-Virus (Symantec) - Although it is a long-established anti-virus company, I couldn't imagine it can score poorly in some areas, as if it were an immature new anti-virus program. I suppose it is excellent, at least in terms of anti-virus protection. - It cannot detect and scan well as most people might suppose so - It has problems in scanning archived/compressed files PC-cillin (TrendMicro) - Doesn't do well in detecting both known and unknown viruses. - can hardly equal McAfee and Kaspersky in terms of anti-virus capabilities. Avast (Alwil) AVG (Grisoft) - quite many people recommend these 2, but unfortunately here's the bad news - their AV shields are not strong, I'm afraid. They are not mature at this stage. - They can't catch known viruses well. Avast (80.55%); AVG (72%). At least it needs to be above 90% in order to meet the case. - They can become infirm in face of unknown viruses. - They can't handle archived/compressed files properly. - Generate far more false positives than Norton and McAfee. NOD32 (Eset) - As a comparison, it is better in detecting unknown viruses than known viruses. - But it is not a good idea since the chance of encountering a known virus is much higher than that of unknown. - Need to work hard to deal with known viruses. It scores 82.68% only in one test. Fail! - False positives are one of the problems Panda Anti-Virus - Don't protect well. - Become infirm in face of unknown viruses. - System crashed in WinME while scanning in one of the test! - Have some glitches. ================================================================ About my table I would like to say sorry first of all. The table is far from perfect. I haven't explained each entry and their scores. I rely on your wisdom to interpret the data, still less it is too simple and ugly. But that substandard table has already spent me 1 day to produce it! Unbelievable but true! I slept late at 4:00am on that day, and had to wake up early at 8:00am on the next day to work... Exhausted... If you don't understand some parts of the table and would like to know more, ask me and I will explain to you. Even if you just wish to know more details about your favorite AV programs, you may ask me too, and I will compile more for you. Alternatively, you may read the links and explore yourself. My table is just a starting point to give you some general ideas about your favorite AV programs. Details of analysis Back to the issue, the tables are as follows: [Note: Thanks for telling by a kindhearted user. I made a silly mistake at the company name of RAV (GeACD). Please read GeACD as GeCAD. Blame me for making a table at midnight!!] Annual Report 1 (Date of the report: 2004. See, very new and up-to-date report! ) http://img74.exs.cx/img74/9296/avcompare017ol.gif Annual Report 2 (Date of the report: 1st test - 2002; 2nd test - 2001) http://img72.exs.cx/img72/3131/avcompare021hx.gif Annual Report 3 (Date of the report: 1st test - 2003; 2nd test - 2002) http://img98.exs.cx/img98/9688/avcompare035tj.gif Thanks for ImageShack http://reg.imageshack.us/v_images.php for free image hosting. Limitations Outdated reports are the problems. I have to admit the reports I chosen are not up to date. Most of the detailed reports are 1-2 years ago. Av-comparatives produce the latest reports. But frankly, they reports are not as comprehensive as some of my other reports (although it is still better than quite many other reports/reviews). But why detailed reports are always outdated? It is easy to understand why. It's because a good and comprehensive anti-virus report needs a lot of time to produce - Half year is not unbelievable! It is never impossible to finish a report within a month unless you are going to read some magazine reviews. I rely on detailed reports to make most of my comments because they are more trustworthy and reliable than brief reports and magazine reviews. But the price is I cannot get up-to-date information. Think twice, if the information is not accurate or reliable, what's the point of getting them even if they are up-to-date? How to deal with this 1-year gap? Nevertheless we don't really need to worry too much about this limitation (the information is 1 year old. I call it 1-year gap ). If the normal situation goes, a good program will keep being good even after 1 year. If you haven't heard of any (major) bad news from the AV program within the year, it is quite safe to assume the program is still good. It shouldn't change dramatically in this 1-year gap. On the other hand, if you hear from many magazines saying some new anti-virus programs do very well (or they suddenly improve substantially) in this 1-year gap, but the detailed reports are not available, it could be a painful dilemma. However I would like to say something about magazine reviews (or its similar types): - Most simply do not have enough resources to conduct effective and representative anti-virus capability test. Unless the magazine is using the results from a big and independent testing organisation, the reviews cannot reflect their true value. - Some magazines receive money support from these anti-virus programs (by advertisements etc.) So do you think they are will be impartial enough - Small magazines may rely on analyses or research data from big magazines. Then they make their reviews and comments based on these data. So... But many users praise anti-virus programs highly. So it must be good, right? Yes, it may be. But I would like to point out some of the cases where it would not be true: - Users comments are based on the magazine reviews they have read. And magazine reviews are actually... so... - Experiences may lie unfortunately. Consider this case. A virus bypassed your anti-virus program. They don't cause serious problems in your computer. You never notice of its existence. You still feel your anti-virus program is doing a great job. - An anti-virus program generated a false positive, falsely claiming that the file is infected. You think it is great. Other anti-virus programs cannot detect this virus, but this anti-virus program can. Excellent! Finally, I wish you good luck on the road towards the best anti-virus program. Other links of brief reports: http://www.virus.gr/english/fullxml/default.asp http://www.virusbtn.com/ http://www.icsalabs.com/ Excellent sources of anti-virus comparison reports!! http://www.msfn.org/board/index.php?showto...=0entry242685

Updated to v0.2 Half of the volume is added.

Would you mind to tell me why? I can't understand it.

Questions about memtest, under-/over-clocking Hardware Info CPU: AMD Althon XP 2500+ (FSB: 333mhz) Motherboard: Asus A7N8X-X RAM: KingMax DDR400 2.6V 512MB*2 [Note: I never overclock!] Recently I ran memtest86 v3.1a (http://www.memtest86.com/). I found some errors in some tests. The details are at the end of the post. ---------------- One possibility of the errors is relating to voltage (vdimm) and RAM frequency. One suggests adding vdimm because when RAM runs at DDR400, it may need more voltage. It also suggests lowering RAM frequency to 333mhz may help. It's because my CPU FSB runs at 333mhz. RAM running at 400mhz not only does no help, but even harm your performance. Question time: - I don't know much about setting all of them? How to do? The mother manual is available at http://www.asuscom.de/pub/ASUS/mb/socka/nf...461_a7n8x-x.pdf I've read it. But don't kow how to set. Please help! - I am conerned about raising RAM voltage. What is its upside and downside of raising voltage? Is there anything I need to know before chaning RAM voltage? Will this harm my hardware? - I am concerned about unclocking my RAM. I think underclocking should never harm my RAM. But when it runs at a lower frequency, should I set a shorter CL? - If so, similar questions to RAM voltage, what is its upside and downside of shortening CL? Is there anything I need to know before chaning RAM voltage? Will this harm my hardware? If you need any further info, please ask me. Or even if you don't wish to read all info here, ask me the info you wish to know, and I can quote for you. Attachemnt Memtest report: ========================================= Test 1: RAM A in DIMM1 I have run memtest for several times. No error. Test 2: RAM B in DIMM1 I have run memtest for several times. No error. Test 3: RAM A in DIMM2, RAM B in DIMM3 I have run memtest for several times. Errors were sometimes detected, sometimes not. Errors were found in test 5. 2-4 errors were once found, ranging from 996-1021MB Errors were found in test 8. 2 errors were once found, in 1002.8 and 1017.3MB respectively. Test 4: RAM B in DIMM2, RAM A in DIMM3 I have run memtest once. Errors were detected! Errors were found in test 10. 9 errors were found, ranging from 535-723MB. ========================================== Question time: - From the above results, what implications could we draw? - I don't think the problems lies on DIMM slots, or it should give rise to a lot of errors, right? - I just don't know whether my RAM are faulty or not. Should I ask the manufacturer for RAM replacement?

Excellent sources of anti-virus comparison reports!! Version 1.0.1 Note: - If anyone finds any other good websites and/or sources, please tell me and I will update my post. Thanks! - It is very long-winded. So scan the bold/italic headings first. If the heading interests you, read on. - I haven't read thoroughly all the websites which I posted. If I have read the websites and find them very great, I will label them as (highly recommended!) or (recommended!) ================================== Update logs: V1.0.1 - pick up some minor mistakes and correct them :-D v1.0 - Inclusion of My Anti-virus Program Comparison Analysis . It introduces you to the best anti-virus programs based on my research and observation. - It seems I have done a lot on that. The post is mature now. It may be time to move on to other topics/areas v0.3 1/4 volume of the content is added. - more links to reports - more links to free online virus scans - get some tools about anti-virus and testing anti-virus on your own - more links to articles/resources - more explanation and articles on how to pick up a good AV program v0.2 Half volume of the content is added. - more links to reports - more links to articles/resources - *new* links to free online virus scans - more resources about virus, and anti-virus - some info about virus, written by me (eg how virus attack you, how we can protect ourselves, how to choose a good anti-virus program) v0.1 - the first release of my post ================================== Overview I found some excellent sources relating to anti-virus(AV) comparison. There are reviews, reports, analyses. the sources are: My Anti-virus Program Comparison Analysis http://www.msfn.org/board/index.php?act=ST&f=19&t=35308 Reports, Analysis http://www.av-test.org/ (highly recommended!) http://agn-www.informatik.uni-hamburg.de/vtc/ (highly recommended!) http://www.av-comparatives.org/ (recommended!) http://www.virus.gr/english/fullxml/default.asp http://www.virusbtn.com/ http://www.icsalabs.com/ Free Online Scans - http://www.kaspersky.com/remoteviruschk.html - http://us.mcafee.com/root/mfs/default.asp?...mfs/default.asp - http://housecall.trendmicro.com/ - http://www.bitdefender.com/scan/licence.php - http://www.pandasoftware.com/activescan/co...n_principal.htm - http://www.ravantivirus.com/scan/ - http://www3.ca.com/securityadvisor/virusinfo/scan.aspx Articles/Resources http://www.vht-dk.dk/vhtdk/pc/pc.htm http://www.cert.org/security-improvement/ (recommended!) http://kaspersky-esac.org/index.php (recommended!) http://www.scmagazine.com/products/index.c...ls&GroupId=5891 http://antivirus.about.com/ http://www.microsoft.com/athome/security/ Detailed reports Av-test.org (highly recommended!) Av-test.org http://www.av-test.org/ is an unbiased organization. The project is held by the Business-Information-Workgroup at the Institute of Technical and Business Information Systems at the Otto-von-Guericke University Magdeburg. They made a lot of detailed and good analyses on anti-virus programs, in terms of their detection and prevention abilities. The tests include: - VIRUS DETECTION ITW ON-DEMAND SCANNER - VIRUS DETECTION ITW ON-ACCESS GUARD - VIRUS DETECTION ZOO ON-DEMAND - ARCHIVED AND COMPRESSED FILE FORMATS ON-DEMAND - PERFORMANCE / SCAN TIME ON-ACCESS (IN SECONDS) The categories they test are: - known virus - unknown virus from their labs - File viruses - Macro viruses - Script viruses - Polymorphic viruses - Other Malware - False positives (ie wrong claims of the infected files) - Compressed program files (with virus) - password-protected files (with virus) - and so on On the detection side of know virus, nearly most of the anti-virus programs score very high, ranging from 95-100%. But on other aspects, the scores can vary greatly. So we can see their weaknesses and strengthens by reading their reports. Their reports are excellent - highly recommended people to read them. It doesn't mean you must make a switch to the AV program which score the highest mark, or do anything else after you read the reports. But they can be served as good indicators to tell you how well your AV program protects you - something that you can't know just by using them! Virus Test Center - Hamburg (highly recommended!) Virus Test Center http://agn-www.informatik.uni-hamburg.de/vtc/ is a non-profit cooperation without any hierarchic structure of membership. Their reports are written in plain text which may discourage people from reading them. Anyway, their reports are resourceful. If you don't mind their appearance, you will find their information interesting and useful. Their tests are also as comprehensive as the AV-test.org Extract of one of their comprehensive test: ======================================================================= Eval WXP.01: Development of Windows-XP Scanner Detection Rates Table WXP-A: Comparison File/Macro/Script virus detection rates Eval WXP.02: In-The-Wild Detection under WXP Eval WXP.03: Evaluation of overall WXP AV detection rates Eval WXP.04: Evaluation of detection by virus classes under WXP WXP.04.1 Grading the Detection of file viruses under WXP WXP.04.2 Grading the Detection of macro viruses under WXP WXP.04.3 Grading the Detection of script viruses under WXP Eval WXP.05: Detection of Packed Viruses by virus classes under WXP WXP.05.1 Detection of Packed File Viruses under WXP WXP.05.2 Detection of Packed Macro Viruses under WXP Eval WXP.06: Avoidance of False Alarms (Macro) under WXP WXP.06.1 Avoidance of False Alarms (file) under WXP WXP.06.2 Avoidance of False Alarms (macro) under WXP Eval WXP.07: Detection of Malware by classes under WXP WXP.07.1 Detection of File Malware under WXP WXP.07.2 Detection of Macro Malware under WXP WXP.07.3 Detection of Script Malware under WXP ======================================================================== Some remarking tests are they run particular tests on false positive(=false alarm to clean files), and non-viral malware. Especially false positives, these areas are what I am in great interests. Good job! AV Comparatives (recommended!) AV Comparatives http://www.av-comparatives.org/ is another alternative. They produce good and in-depth reports as well. They will explain their sorting and testing methodology. You can see their sincerity in making these great reports for us. They will test anti-virus abilities in different areas, including: - known viruses - unknown or new viruses - Retrospective/Proactive Test - On-demand comparative AV Comparatives test only anti-virus programs which they feel they are up to standard. Currently there are 13 anti-virus programs. Other rip-off and poor anti-virus programs will not be tested in the first place. (But this is already enough, isn't it?) Short Reports virus.gr virus.gr http://www.virus.gr/english/fullxml/default.asp tries to collect viruses all over the world to form a virus database. Then it will use test different anti-virus by scanning the virus database, and see how many viruses they can catch. This test is not as comprehensive as AV-test.org has. It focuses only on their abilities to catch known viruses only, which is not enough. New viruses are always coming. but they ignore this important category. But they test much more anti-virus programs (including poor and rip-off anti-virus programs). The latest testing result (10-25 August 2004): http://www.virus.gr/english/fullxml/default.asp?id=67&mnu=67 ICSA labs If you hate reading long reports, you may seek help to ICSA labs http://www.icsalabs.com/index.shtml. They listed all the certified AV programs. Virus Bulletin Virus Bulletin will issue its VB 100% logo is awarded to anti-virus products providing that the product can: * Detect all In the Wild viruses during both on-demand and on-access scanning in Virus Bulletin's comparative tests. * Generate no false positives when scanning a set of clean files. Their tests are simple and limited unfortunately (only anti-virus abilities on catching known virus are tested). And some says their reports are not too reliable. Comparison table of all AV programs http://www.virusbtn.com/vb100/archives/products.xml?table List of each AV program report http://www.virusbtn.com/vb100/archives/products.xml? Free Online Scans No single anti-virus can catch all viruses. It is worth using other AV programs to help you to spot out the most hidden/disguised viruses. I have searched for some online scans, and they are free . - http://www.kaspersky.com/remoteviruschk.html - http://us.mcafee.com/root/mfs/default.asp?...mfs/default.asp - http://housecall.trendmicro.com/ - http://www.bitdefender.com/scan/licence.php - http://www.pandasoftware.com/activescan/co...n_principal.htm - http://www.ravantivirus.com/scan/ - http://www3.ca.com/securityadvisor/virusinfo/scan.aspx Anti-virus Tools Virus Help Team Tools for testing anti-virus programs ( Interesting ) http://www.vht-dk.dk/vhtdk/pc/eicar.htm They provide a way for us to test our own AV program. Sounds interesting!! Quote: The EICAR test file is designed for users and administrators who want to check the proper operation of their anti-virus software without using actual viruses. Since it is never a good idea to test with real viruses, anti-virus researchers designed a completely harmless test file that most anti-virus products detect as if it were a virus. The EICAR test file is completely benign and contains NO virus code. Other tools (free of charge!) http://www.vht-dk.dk/vhtdk/pc/free.htm Articles/Resources Cert.org (recommended!) There are a lot of articles regarding security issues. The topics they cover are: - Practices about hardening and securing systems - Practices about preparing to detect and respond to intrusions - Practices about detecting intrusions - Practices about responding to intrusions - Practices about improving system security - Practices related to outsourcing managed security services Although I haven't read through all articles, it is very resourceful! A must-visit website! http://www.cert.org/security-improvement/ kaspersky-esac.org (recommended!) There are a number of articles which are well-written. They discuss or explain some issues which you can't find normally elsewhere. A few good articles are much better than a lot of commonplace articles. Evaluating anti-virus tests - Why some reviews are better than others? http://kaspersky-esac.org/index.php?PageID=9 Good article! An article of wisdom. It explains in depth why some of the reviews are not reliable, how we should judge from the reports, limitations of different kinds of reports etc. To use one or two Scan Engines...not so easy... ftp://ftp.kaspersky.fr/utils/private/ESAC/TwoScanEngines.pdf It explains about the strategies used in protecting the computer. Should I use more than 1 anti-virus program? Should I use 1 anti-virus with multi-scan-engines? More Publications: http://kaspersky-esac.org/publications.php?PageID=0 SC Magazine http://www.scmagazine.com/products/index.c...ls&GroupId=5891 They have some reviews on the major anti-virus programs. Instead of giving the overall rating only, they will give rating in each category too, which could be great for users to know more about their strengths and weaknesses. However it is strange that a few have not been rated at all - only comments are available. Antivirus.about.com Before You Buy Antivirus Software http://antivirus.about.com/cs/softwarereviews/bb/bybav.htm Top Picks Windows: http://antivirus.about.com/cs/beforeyoubuy/tp/aatpavwin.htm Macintosh: http://antivirus.about.com/cs/allabout/tp/aamacvir.htm See also: http://www.virus.gr/english/fullxml/default.asp?id=67&mnu=67 Microsoft What are viruses, worms, and Trojan horses? http://www.microsoft.com/athome/security/v...s/virus101.mspx Protect your PC in 3 steps http://www.microsoft.com/athome/security/p...ct/default.aspx Other Information about virus, anti-virus Why do I need to protect my computer from anti-virus? You may think if you use your computer carefully, you will not get any virus/trojan etc. It is a wrong concept. The villains can knock your computer down even if you just connect to the Internet. See how these villains can knock you down: >>> Connect to the Internet. That's it! Q: Why? I am a very alert user. I will only browse the most reputable websites. I don't install any suspicious things (even *.txt). I think I am safe enough. A: Unfortunately it is not. No operating system is perfect. They all have "security holes" which can be exploited by a new type of viruses in order to infect the computer, without asking you any permission at ANY time at ANY situation. They are free from devastating your computer. By the way, most villains will attack Microsoft Windows since it occupies a majority of the market. Q: How can they find me out and attack me? It's not easy to look for a needle in a haystack. A: It is easy. A way to find you out is to use port scanners. It doesn't need to be an expert in order to use a port scanner. A lot of great scanners are available on the Internet for free. Villains who make use of them can scan millions of computer within minutes, or even seconds. Once you are connected to the Internet, they may be able to find you out. Q: I don't have valuable resources in my computer. The villains will not target me. A: No, some of their objectives are for fun. It is a fun to them to crash our system. They may get a great sense of success and happiness when they succeed in intruding your system. Some villains need to control your computer. Later they can use your computer to attack their real targets without worrying about counter-attack (because it is now you to suffer from these attacks). Some villains need to control a lot of computers, so they can issue denial of service to paralyse their target website. Other ways: >> Browsing websites (even if you browse the reputable ones! It's because, say, a virus can infect the website. And when you browse the website, you get infected too.) >> Just reading pr previewing emails (some evil codes will be stored in *.html, or in the pictures!) Q: How can I prevent from these attacks? A: Don't read suspicious emails. Only read plain email (ie non-html emails!). Disable any graphics/pictures. >> Opening infected hard disk, CD-ROM or diskette. >> Executing attached infected files Q: How can I prevent from these attacks? A: Don't install or execute any suspicious files/programs etc. If you do wish to try them, scan them fully before installing/executing them. But pay special attention to compressed or password-protected or encrypted files. They may contain the evilest viruses which anti-virus programs find hard detecting them. How can I protect my computer from anti-virus? I recommend you doing the following: - installing a good anti-virus program. But how can I choose a good one? See the information in another heading - How can I choose a good anti-virus program . - frequently update your anti-virus program - frequently run full-system scan on your computer (eg weekly) - frequently do online scans from other anti-virus companies (eg monthly, or even weekly) (Note: For their websites, see my previous paragraphs) What's more, you should shield-up your computer by doing the following as well: - frequently update Windows - install a software firewall program - install a hardware firewall if possible - have better knowledge in using and protecting your computer How can I choose a good anti-virus program >> read the reports I recommend reading the most elaborate reports!. Click on the websites which I collect for you. For these reports, they can tell you accurately about the abilities to: - detect/remove known viruses (most reports focus on this area!) - detect/remove unknown viruses (this is also important too because there are in fact many unknown viruses in the world. But most reports ignore this kind of abilities. AV-test.org http://www.av-test.org/ has been producing good reports on these areas. Worth reading their reports!) >> Don't rely on magazines, website reviews too much The reviews in (eg CNet) do not really write good reviews. There are several reasons: - Most magazines simply do not have enough resources to conduct an effective and representative anti-virus capability tests. Unless the magazine is using the results from a big and independent testing organisation, the reviews cannot reflect their true value. - Some magazines receive money support from these anti-virus programs (by advertisements etc.) So do you think they are will be impartial enough? - They will not just spend a lot of time to do one review. They are a lot of other things to do. A good and comprehensive test needs a lot of money and time (eg half year). How come they will afford a lot just for some reviews? It's not commercially advantageous. >> ask user advice I don't think users can fully experience how well a program can protect you from anti-virus simply by using the program. One of the problems is a virus bypass your anti-virus program. They don't cause serious problems in your computer. You never notice this virus. You still feel your anti-virus program is doing a big job. But most reports which I recommend tell you their anti-virus capabilities. You may wish to know some other aspects including: - stability - virus database - support - features - customizations One of the best ways to know about them is to "ask". They can tell you their experiences and feeling of the products, and see how they comment. More links about this: - http://kaspersky-esac.org/index.php?PageID=9 (recommended!) Good article! In this article, it explains in depth why some of the reviews are not reliable, how we should judge from the reports, limitations of different kinds of reports etc. - http://antivirus.about.com/od/antivirussof...irusprotect.htm Finally I hope you will find this post interesting/helpful. :-P Cheers!

Excellent sources of anti-virus comparison reports!! http://www.msfn.org/board/index.php?showto...=0entry241780

I started getting problems when I was using NSW2004. Norton was fine when I was still in Win98 era. I just installed it because it chanced to meet this anti-virus in the first place. At that time, I was just a computer layman. I intended to switch when using NSW2004, but I just couldn't help mssing some of its features. However it created more and more problems which I couldn't stand anymore. Now I can find some great stuff which can replace this bad guy, and what's more, they are free. NSW is crappy and costs! Other programs are free and great! I was paying money for crappy programs. A bit regretful... Bye bye Norton unless you do something to convince me to switching back. By the way, what AV programs are you using now?

I used NSW 2004 previously. When I updated to SP2, it won't work anymore. I tried to update + reinstall in vain. I switched to NSW2005 to see if the problem was solved. No unfortunately. The dump file is suggesting Norton has a problematic driver which causes the STOP code. (SYMTDI.SYS) I think I should stop using NSW and see if the STOP codes will be gone. Abou alternatives, it doesn't need to be all-in-one. It can be different programs which do different kinds of good jobs. In fact, I do feel quite a lot of utilties in NSW is crappy. I spot some of its mistakes/errors once in a while. Norton CleanSweep isn't uninstall programs well. It sometimes make mistakes, plus it can't undo changes made to a file, it can just delete added files. Too limited.

Concerning the brand name, MSI is said to be bad. Probably they produced a lot of bad motherboards and become notorious. Yes, I think the only best way to get a good motherboard is to do research before purchase. Relying on one brand probably doesn't get you to the right choice. In buying a new computer, I think we should focus most on motherboards and RAM. It seems to be these 2 components can cause a lot of troubles if we select the bad ones.

Any alternatives to Norton SysmtemWorks Decision to completely remove Norton I would like to completely remove this program because it is becoming really annoying recently. This program continues making troubles. The last time I got problems with Norton was when I upgraded to Wins XP Pro SP2. Norton Anti-virus suddenly couldn't’t startup anymore (even after I installed all Norton updates!). Before removing it, I have to find substitutes. Or my computer will be in danger. Does anyone have good recommendations relating to: (Note: It doesn't really matter it has to be in one suite. If I can get several programs and they meet my needs, it is perfectly fine. I don't mind to pay so long as they are good enough.) - Anti-virus - File Recovery Requirement: -- I would like it to work like what Norton Utilities do -- It will backup all deleted files, items, entries etc. -- I can tell the program how long I should keep the file -- It has an exclusion list, so I can exclude some file types or folders which I don’t wish to backup - Wipe File Permanently -- so I can safely delete a file which cannot be recovered forever - Installation Monitor Requirement: -- Can record changes made during installation (eg provide snapshots before/after installation); -- Can remove installed files and reg. -- Can undo changes made to (overwritten) files/dll/reg etc. NB: Norton CleanSweep is limited. It cannot really undo a lot of changes. If a file is being overwritten/updated. There’s no way for CleanSweep to help me with that. And I sometimes spotted the program deleting wrong files (and it says it is safe to delete. It is not indeed!) Thanks.

I used Asus A7N8X/VM 400 previously, but its compatibilty is very low. Now changed to Asus A7N8X (non-deluxe one). But still get some problems. Not sure who's faults, my motherboard, or my RAM. The first time buying Asus, the first time getting troubles... >_<

Hi. I would like to know which RAM and motherboard you think is/are: - the best - the worst And why if possible? I have a bad experience about my motherboard and RAM. I would like to choose a better ones next time I upgrade or buy a new computer. Feel free to air Merry Xmas.

The best and the worst RAM and motherboard in the world Hi. I would like to know which RAM and motherboard you think is/are: - the best - the worst And why if possible? I have a bad experience about my motherboard and RAM. I would like to choose a better ones next time I upgrade or buy a new computer. Feel free to air Merry Xmas.

STOP code when Norton is scanning (?) (ver 2) System Info: - Wins XP Pro SP1 - Norton SystemWorks 2005 (including Utilities, Anti-Virus, CleanSweep) ============================================================================ The case is rather complex. I don't know if it is really related to Norton Anti-virus, or its other components, or even my hardware. Anyway the case is as follows: Memtest told me my computer failed Recently I ran memtest86 v3.1a (http://www.memtest86.com/). I found some errors in test 5 and 8. In fact, I could sometimes pass all tests with no errors, but sometimes not. I wonder the following components are faulty: - RAM (Kingmax DDR400 512MB*2. I got 2 RAM of the same brand and module) - Motherboard (Asus A7N8X-X, non-deluxe one) ..<-- In fact I got A7N8X-VM/400 previously. But due to compatibility issues with my RAM said by Asus distributor, I exchanged this with A7N8X-X. - AGP Display card (Asus Radeon a9200se) Some relevant info: - My sound card is on-board. - My display card is on AGP. I only use one PCI, ie Ethernet network 10/100Mbps card. - I don't have any USB or SCSI hard drive to my computer. - I never overclock anything Use programs to pinpoint the cause of trouble!! Then I decided to run other stability/stress/benchmark tests. The programs I ran were: - 3d mark 2001 SE (Passed. 4100-4300 marks. I've run for several times.) - 3d mark 03 (Passed. 631 mark) - Mother Monitor 5.3.7.0 (Below 50 degree. Voltage is stable.) - Prime95 23.8.1 (http://www.mersenne.org/freesoft.htm) [blend-mode stress test, with custom RAM usage (750-800MB). I've run for 3 times: 1st - 2 hrs. 1 error: 6BC84F91, expected E91EEB5A 2nd - 9 hrs. STOP code: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1). Details shown in next paragraph 3rd - 5 hrs. No error.] - By the way, how can I check the health of my HDD? I wonder if bad sector or other errors from HDD may cause problems. How did the STOP code occur It was the second time I ran Prime95. The programs I was running at that time: - Norton Anti-virus 2005 (Scheduled full-system virus scan) - Zone Alarm 5.5 - Prime 95 23.8.1 - Motherboard Monitor 5.3.7.0 - Yahoo Messenger &/or ICQ (Not sure if I was running either, or both) - Windows Messenger (It just stayed i the system tray, and couldn't turn off. I didn't use it at all) The PF usage: about 0.96GB (I got 1GB RAM) When Norton scheduled full-system virus scan had been run for about 30 mins, a STOP code DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1) occurred. A full memory dump was generated. I used Windows debugging tools to check the dump file. The analysis is at the end of my post. Q: Does anyone know which causes the problems of the memtest errors, and the STOP code? Is it possible for a faulty driver to cause my computer failed to pass all memory tests in memtest? Tell me if you need more information. Memory Dump Analysis ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Microsoft ® Windows Debugger Version 6.4.0004.4 Copyright © Microsoft Corporation. All rights reserved. Loading Dump File [C:\WINDOWS\MEMORY.DMP] Kernel Complete Dump File: Full address space is available Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/down...ols;C:/WINDOWS/Symbols Executable search path is: Windows XP Kernel Version 2600 (Service Pack 1) UP Free x86 compatible Product: WinNt, suite: TerminalServer SingleUserTS Built by: 2600.xpsp2.040919-1003 Kernel base = 0x804d5000 PsLoadedModuleList = 0x80550dd0 Debug session time: Fri Dec 24 21:11:06.593 2004 (GMT+8) System Uptime: 0 days 11:24:52.197 Loading Kernel Symbols .................................................................................................... ......................... Loading unloaded module list ................ Loading User Symbols ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck D1, {ff4d8d4e, 2, 0, ff4d8d4e} *** ERROR: Symbol file could not be found. Defaulted to export symbols for SYMTDI.SYS - Probably caused by : SYMTDI.SYS ( SYMTDI!DisconnectTCPSession+1da9 ) Followup: MachineOwner --------- kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1) An attempt was made to access a pageable (or completely invalid) address at an interrupt request level (IRQL) that is too high. This is usually caused by drivers using improper addresses. If kernel debugger is available get stack backtrace. Arguments: Arg1: ff4d8d4e, memory referenced Arg2: 00000002, IRQL Arg3: 00000000, value 0 = read operation, 1 = write operation Arg4: ff4d8d4e, address which referenced memory Debugging Details: ------------------ READ_ADDRESS: ff4d8d4e Nonpaged pool CURRENT_IRQL: 2 FAULTING_IP: +ffffffffff4d8d4e ff4d8d4e ?? ??? DEFAULT_BUCKET_ID: DRIVER_FAULT BUGCHECK_STR: 0xD1 LAST_CONTROL_TRANSFER: from 084df1d9 to 8052ee23 SYMBOL_ON_RAW_STACK: 1 STACK_TEXT: f7c72c98 084df1d9 0000000a f74d8d4e 00000002 nt!KeBugCheckEx+0x19 WARNING: Frame IP not in any known module. Following frames may be wrong. f7c72cb4 862e6af8 002e6af8 862e6af8 ffc72ce0 0x84df1d9 ff00005f 00000000 00000000 00000000 00000000 0x862e6af8 STACK_COMMAND: dds @$csp ; kb FAILED_INSTRUCTION_ADDRESS: +ffffffffff4d8d4e ff4d8d4e ?? ??? FOLLOWUP_IP: SYMTDI!DisconnectTCPSession+1da9 b2f7ba38 55 push ebp FOLLOWUP_NAME: MachineOwner SYMBOL_NAME: SYMTDI!DisconnectTCPSession+1da9 MODULE_NAME: SYMTDI IMAGE_NAME: SYMTDI.SYS DEBUG_FLR_IMAGE_TIMESTAMP: 41705aad FAILURE_BUCKET_ID: 0xD1_CODE_AV_BAD_IP_SYMTDI!DisconnectTCPSession+1da9 BUCKET_ID: 0xD1_CODE_AV_BAD_IP_SYMTDI!DisconnectTCPSession+1da9 Followup: MachineOwner --------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Any Good Hardware Doctor Hi. I would like to check if my computer has any hardware problem. Do you know if there're any programs which could do so? The following components I would like to check are: - CPU - Motherboard - RAM - Graphic card (2D and 3D) - Sound card - Hard Disk Drive - CD/DVD drive - Network card - voltage (eg stable or not) - watt supply (eg whether it is adequate or stable) - Compatibility Issues (with different hardware) - Performance Issues Thanks a lot.

I would like to hear why you feel Virtual PC is superior to multi-OS in multi-partitions. It seems virtual PC is interesting. Like to know more

Are you talking about My Docs folder? I think the reason is they wish to move personal stuff out of OS drive, and store in another partition which is specially for that.

And I would like to ask how I can install applications on 2 OS. If I install the same program in 2 equal OS (ie Win XP and Win XP <-- I get 2 Win XP!!), do I need to log in on first OS and install. Then log-in on 2nd OS, then install. True? Or is there any faster way to do? How about if installing the same program in 2 different OS (eg Win98 and WinXP)?

cyberthug: Yes, exactly. Although Wins XP provides a complatibility mode, I just ifnd it absolutely useless. Whenver I can't run some old programs/games in Wins XP and try this mode, it never works. Really suspect of its ability. The best way again is to install the old Windows. It's a fact of life.