Hello I just got installed my Avira 6 months trial. I havent used Avira before so, Is the default settings good enough or do i need to "fiddle" with them?

Thank you

Bio-Hzard

The default settings should be fine.

yeah default settings are ok.

Just one thing, you might want to change the scheduler so avira can check for updates every 60min.

{QUOTE-> yeah default settings are ok.

Just one thing, you might want to change the scheduler so avira can check for updates every 60min. <-QUOTE}

Thanks, that is a good tip!

general > extended threat categories > select all

I max at all settings and no problems

{QUOTE-> I max at all settings and no problems <-QUOTE}

Have you ever had false positive with max settings?

not a single one.;)

{QUOTE-> Have you ever had false positive with max settings? <-QUOTE}
i wouldnt worry about it.

ive had more FP's from the AV's that are supposed to have a low amount, than the so-called 'FALSE POSITIVE DETECTION MACHINES'

so, i dont listen to the fp-rate arguments.

Thanks C.S.J and trjam!

I am very happy how Avira is behavibg. I am only testing it because of the deal and i had several problems with NOD32!

It is solid and light. I combine it with Sandboxie and really feel this is more then adequate.

{QUOTE-> It is solid and light. I combine it with Sandboxie and really feel this is more then adequate. <-QUOTE}

At the moment it is running along side OA AV+ and Defensewall. It is definately light. It hasnt any impact on my machine at all except the umbrella on system tray ;D

good combination.

{QUOTE-> good combination. <-QUOTE}

Thanks! It is light and smooth.

If it were me, I would still take Sandboxie over DF. On my other PC I just run Shadow Defender.

{QUOTE-> If it were me, I would still take Sandboxie over DF. On my other PC I just run Shadow Defender. <-QUOTE}

Well it is personal choice....Thanks for the help! I will put my settings up to max and see how things go!

Avira Classic is a decent AV, perhaps a great one considering it is free. Every now and then I would get a false positive, but none ever caused havoc. The interface is a bit on the complex side for the average user, though. Updates on the free edition can be slow at times, but a try later in the day usually takes care of it.

{QUOTE-> general > extended threat categories > select all <-QUOTE}

No! NEVER select all there. Avira has made the default that way because of all the complaints. You will get a lot of FP's if you change that.

{QUOTE-> No! NEVER select all there. Avira has made the default that way because of all the complaints. You will get a lot of FP's if you change that. <-QUOTE}

I will see what happens when i put them on max. I am not going to complain about it because i know this could happen.

Another thing. Do NOT leave Avira at default. You need to set ANY AV to scan ALL FILES. Set both LukeFilewalker and Guard to scan all files. Geez...how can some of you say otherwise? It won't slow down a decent computer. I don't have dual core ...just a Pentium 4 at 3.8Ghz and 2 CPU's and it has never slowed a single one of my computers to scan all files.

For LukeFilewalker, check everything under Additional Settings. They are not all checked by default. Under Archives check Scan Archives, Scan all Archive types, and Limit Recursive Depth put it up to least 50 - many set that to 99.

For Guard, check to scan ALL files. Under Archives check all boxes and 10/15/1000 is good.

Under General you probably will want to change Update Alert to one day. Also when you make a new job to check every hour for updates, you probably will want that set to "invisible".

{QUOTE-> Another thing. Do NOT leave Avira at default. You need to set ANY AV to scan ALL FILES. Set both LukeFilewalker and Guard to scan all files. Geez...how can some of you say otherwise? It won't slow down a decent computer. I don't have dual core ...just a Pentium 4 at 3.8Ghz and 2 CPU's and it has never slowed a single one of my computers to scan all files.

For LukeFilewalker, check everything under Additional Settings. They are not all checked by default. Under Archives check Scan Archives, Scan all Archive types, and Limit Recursive Depth put it up to least 50 - many set that to 99.

For Guard, check to scan ALL files. Under Archives check all boxes and 10/15/1000 is good.

Under General you probably will want to change Update Alert to one day. Also when you make a new job to check every hour for updates, you probably will want that set to "invisible". <-QUOTE}

Thank you, that was a excellent advice. This kind of advice i was looking after when i started this thread.

{QUOTE-> I will see what happens when i put them on max. I am not going to complain about it because i know this could happen. <-QUOTE}

It will depend on your specific mix of applications how many FP's you get if you put it on Max. I got a big bunch when I first got Avira. I still get too many FP's if I add Application and SPR. You may not have many applications or download many new ones that produce alerts so it may be ok for you on maximum.

edit: Actually, what I meant to say was "if you put it to check all" under Extended Threats category not "if you put it on Max".

I missed commenting earlier about heuristics. A lot of users set heuristics for both LukeFilewalker and Guard to Maximum. I leave that at default because of FP's which I really dislike. Some folks don't mind FP's that much so that has be an individual decision.

{QUOTE-> It will depend on your specific mix of applications how many FP's you if put it on Max. I got a big bunch when I first got Avira. I still get too many FP's if I add Application and SPR. You may not have many applications or download many new ones that produce alerts so it may be ok for you on maximum. <-QUOTE}

I dont download that many progrmas. I have a fair amount aplications. So assume it should be okay. Well i should know in few days.

{QUOTE-> No! NEVER select all there. Avira has made the default that way because of all the complaints. You will get a lot of FP's if you change that. <-QUOTE}
I've never had a FP w/ Avira's heuristics on high and all of the extended threat categories selected.

You don't use Sysinternals Tools? You haven't applied Evid4226 patch to XP (assuming you use XP)? You have no keyfinder program? They aren't malware but Avira insists on detecting them. Stupid. There was a whole bunch of FP's when I first got Avira and ran it. I reported them all to Stefan and he fixed the heuristic ones but not a lot of the others. You have to turn off SPR and applications. No one but Avira detects these programs. I've had them for years and used many AV's and nobody detected until Avira.

{QUOTE-> Have you ever had false positive with max settings? <-QUOTE}

Never-ever on 76 boxes in high risk internet. The claim of fps is overdone by the detractors of probably the best AV on the market.

also, select all archieves. Make sure to provide your own email server so avira can submit samples

{QUOTE-> You don't use Sysinternals Tools? <-QUOTE}
Yes, but not on my pc.
{QUOTE-> You haven't applied Evid4226 patch to XP (assuming you use XP)? <-QUOTE}
No, I don't need a modified tcpip.sys. In an event Avira wasn't the only one flagging it as malware either.

http://www.virustotal.com/analisis/739ba216ceec6b45bf7027ed871a9112
http://www.wilderssecurity.com/showthread.php?t=110122

{QUOTE-> You have no keyfinder program? <-QUOTE}
Yes, and the Avira doesn't detect magical jellybean 2.0 b4.

{QUOTE-> They aren't malware but Avira insists on detecting them. Stupid. <-QUOTE}
It's not stupid, it's due to the fact that some anti-malware apps cannot determine if the actual use of the program is going to be used for malicious reasons or not.

{QUOTE-> There was a whole bunch of FP's when I first got Avira and ran it. I reported them all to Stefan and he fixed the heuristic ones but not a lot of the others. You have to turn off SPR and applications. No one but Avira detects these programs. I've had them for years and used many AV's and nobody detected until Avira. <-QUOTE}
While I am not doubting FP's, please try not to bash Avira when other AV's are detecting the same files that you're complaining about.

All I can say is that I have had the programs for years and not a single AV before Avira detected any of them. In fact the author of Evid4226 patch stated on his website that ONLY Avira detects his patch.

As for Sysinternals, Avira has been made a laughing stock in their forums because no other AV but Avira detects some of their programs.

I have said many times that I like Avira better than any other AV I've used so I don't see how you can say I trash Avira. I don't like all the FP's though!

As for Jellybean, yes the latest version isn't detected but that is not the only keyfinder and others are detected and older jellybean was detected.

I have used many different antispyware programs as well as antivirus and none of them detected all the stuff Avira found when I got it.

{QUOTE-> All I can say is that I have had the programs for years and not a single AV before Avira detected any of them. In fact the author of Evid4226 patch stated on his website that ONLY Avira detects his patch. <-QUOTE}
According to your recent post (http://www.wilderssecurity.com/showpost.php?p=1154941&postcount=53) it has been a year or more since you've used Avira. I also posted the Virus Total report on Evid4226 in my previous post, and in case you didn't click the link there are several AV's that detect the file as a pup. Even though the VT report doesn't show Avira detecting the file, the Avira PE Premium on my pc detects it as soon as I try to save it to my pc.

D:\EvID4226.exe
[DETECTION] Contains detection pattern of the application APPL/Tool.EvID4226.A
The file was moved to '47c8a97c.qua'!

{QUOTE-> As for Sysinternals, Avira has been made a laughing stock in their forums because no other AV but Avira detects some of their programs. <-QUOTE}
I don't visit their forum, and I have not taken the time to search thru posts so I am not going to comment one way or another.

{QUOTE-> I have said many times that I like Avira better than any other AV I've used so I don't see how you can say I trash Avira. I don't like all the FP's though! <-QUOTE}
I simply said that you were bashing Avira for FP's. It is a factual observation; nothing more, nothing less.

{QUOTE-> As for Jellybean, yes the latest version isn't detected but that is not the only keyfinder and others are detected and older jellybean was detected. <-QUOTE}
I am aware of other keyfinders, and as I pointed out it's not uncommon for scanners to flag these types of files, along with malware removal apps such as combofix, smitfraudfix, etc. since they cannot determine the legitimate use of said programs.

{QUOTE-> I have used many different antispyware programs as well as antivirus and none of them detected all the stuff Avira found when I got it. <-QUOTE}
I'm not the only one pointing out that Avira's FP's are blown out of proportion.

[I]~Vtotal results removed per site Policy (http://www.wilderssecurity.com/showthread.php?t=180057)....Bubba~

{QUOTE-> In an event Avira wasn't the only one flagging it as malware either.

~Vtotal results removed per site Policy (http://www.wilderssecurity.com/showthread.php?t=180057)....Bubba~
<-QUOTE}
In that link, Avira isn't flagging that file as malware so am a bit confused with what you're saying. If it's detected with Premium, why isn't it shown here?

{QUOTE-> In that link, Avira isn't flagging that file as malware so am a bit confused with what you're saying. <-QUOTE}
VT results aint too accurate.

ive had number of files detected by drweb on my computer, that VT say are clean for the same AV.

{QUOTE->
Even though the VT report doesn't show Avira detecting the file, the Avira PE Premium on my pc detects it as soon as I try to save it to my pc. <-QUOTE}

{QUOTE-> According to your recent post (http://www.wilderssecurity.com/showpost.php?p=1154941&postcount=53) it has been a year or more since you've used Avira. I also posted the Virus Total report on Evid4226 in my previous post, and in case you didn't click the link there are several AV's that detect the file as a pup. Even though the VT report doesn't show Avira detecting the file, the Avira PE Premium on my pc detects it as soon as I try to save it to my pc.

<-QUOTE}

Are you referring to this? "Avira's FP rate is better now than it was when I got it a year ago ..." That simply meant that I got Avira a year ago not that I last used it a year ago. Haven't you read any of my myriad of posts here during this last year about my experiences with Avira? (Not to say they are that interesting :P but if you had read any of them you would know I've been using Avira since Jan 3 2007). Currently, I have the Premium version on my Host computer and I am a beta tester for Avira ver.8 Security Suite which I have on two virtual machines. With Avira, you have to apply to become a beta tester (not like Kaspersky where anyone can download a beta version). Avira has been promising us the new GUI for weeks now and I'm getting impatient. ;) I love the current GUI but I guess many think it looks dated so I'm curious to see how the new one will be. I wanted to beta test so I could offer constructive criticism and help influence Avira's direction.

As for Evid4226 and Virus Total, I did follow your earlier link and I really didn't know what to make of that because when I got Avira a year ago it detected this and I went to the author's site and sure enough he had a comment there that Avira had been detecting it for a long while, no one else did, and that he mentioned it to Avira. I found a few other references to Avira detecting it on the net. I guess that since his comment (which was not a year ago when I got Avira, but before that when Avira first started detecting it) that other vendors have begun detecting it and maybe he didn't update his comment...I haven't looked at his site in while so I don't what it says now. F-Prot didn't detect it (I had it for awhile before Avira) and KAV 2006 I purposely never ran a full scan with it during the eight months I had it. I had Bit Defender 8 free and then ver 9 Pro before KAV and it didn't detect it back then but that was before 9.5 where BD forced the antispy stuff on everyone.

{QUOTE-> In that link, Avira isn't flagging that file as malware so am a bit confused with what you're saying. If it's detected with Premium, why isn't it shown here? <-QUOTE}

It's detected under the Extended Risk Category. You have to check the box next to Application for it to be detected. Avira made a change in Sept 07 so that Application was no longer checked by default. When I got Avira it was checked by default, as was SPR (Security Privacy Risk), under Extended Risk Category. I didn't uncheck any of those boxes when I first got Avira a year ago and I ran a full scan and it alerted. After the Sept upgrade both Application and SPR are UN-checked rather than checked by default. VirusTotal is using the most recent version of Avira from Sept 2007 with the settings at default so it won't be found but any user who has Application box checked, it will be alerted on.