Don't get me wrong, but I am trying to keep Avira on my system. I'll also add that I am incredibly picky and critical about software that doesn't function like I want them to. And to all who have read my previous posts, you'll probably also note that I really hate any, and I mean any, system slow down at any level of using a computer.

Just a quick question about Avira. Has anyone noticed with Avira guard on:
"For some reason, Avira makes my system "not" idle and thus C:\WINDOWS\Prefetch\Layout.ini seems to take about 5-6 hours (of supposedly idle time) before "updating/defragmenting". No problems with NOD32 or Comodo Antivirus, where it only takes about 10-15 minutes idle time before Layout.ini updates".

Also, opening Avira GUI is very fast, but not as fast as opening NOD32 GUI or Comodo GUI. Needs improvement. That's right...it's a very competitive field out there Avira!

Those are the main complaints for now.

And before I get bashed on this forum, let me say that Avira Free is one of the best AVs out there! Phew.

shades of a v/s b v/s c..........but avira takes the about least time...effort and reources to keep a sys clean and kick malware's.......bu....thats the most imp job of an av...imho..

well......i am coming from the viewpoint of an ex kis2009 and bitdefender user ... with bitdefender the only thing idle in my sys was bitdefender...and kis has a tool to clear prefetch..but kis 8.056+ was erratic ever now and then it raised its hands saying databases corrupted........so imho i find avira v9 security suite quite light on sys resources...........but that's my personal view.........no idea about cis......i used nodv4 but it deleted firefox and that was it........so see i hv had many woes........too

I'll just add that as a hobby malware finder/tester that Avira is way up there with detections but there are way way better security options than any AV can provide.

Sandboxie, Returnil, Defensewall and Shadow Defender would be the best around.

-{ Quote: "I'll just add that as a hobby malware finder/tester that Avira is way up there with detections but there are way way better security options than any AV can provide.

Sandboxie, Returnil, Defensewall and Shadow Defender would be the best around." }-agree here,antivirus is a thing of the past:)

-{ Quote: "agree here,antivirus is a thing of the past" }-
Nope, you are a bit wrong here. The real problem with anti-viruses is misusing. AV marketing people promote their solutions as the first line of anti-malware defense as it were before, but, nowadays, the first line are behavioral-based solutions.

Frankly, I'm not impressed with Avira Free's BASIC anti-spyware.

You'll have to pay to get the FULL anti-spyware protection.

avast! Home has a better spyware detection rate IMHO, comparable to the paid version.
And that gives you a better sense of security, since spyware is more rampant than viruses these days.

-{ Quote: "Frankly, I'm not impressed with Avira Free's BASIC anti-spyware.

You'll have to pay to get the FULL anti-spyware protection.

avast! Home has a better spyware detection rate IMHO, comparable to the paid version.
And that gives you a better sense of security, since spyware is more rampant than viruses these days." }-
may i ask what you are basing this on? avira free and premium run the same engines for scanning, well done for trying to turn this into a A vs B argument but anyway i dont know how you can say avast home has better than avira free when ALL tests prove that avira free does better, has less fps and scans faster.

Avira. Pretty small resource usage. Pretty simple interface. Pretty good price - free. Pretty good detection rates, depending on who or what you believe. A pretty little umbrella icon ... no, just kidding about the icon.

Antivirus today, like Avira, being so small on resources, can be employed to help find problems that it can deal with. It is not a cure-all end-all tool. It does one thing (Avira) for me, it finds problems that it knows how. I employ other methods to safeguard myself, but definately have found Avira to pipe up from time to time, just as it should.

You can throw AV away, not use it, and be fine. You can also keep a light one, knowing what it's job is, and still be fine. I prefer to use it because it is no detriment, even if it is not the swiss-army-knife that so many other tools aspire to be.

I have not seen, on XP, the problem you describe, with the latest freeware version.

Sul.

-{ Quote: "may i ask what you are basing this on? avira free and premium run the same engines for scanning, well done for trying to turn this into a A vs B argument but anyway i dont know how you can say avast home has better than avira free when ALL tests prove that avira free does better, has less fps and scans faster." }-

-{ Quote: "Avira. Pretty small resource usage. Pretty simple interface. Pretty good price - free. Pretty good detection rates, depending on who or what you believe. A pretty little umbrella icon ... no, just kidding about the icon.

Antivirus today, like Avira, being so small on resources, can be employed to help find problems that it can deal with. It is not a cure-all end-all tool. It does one thing (Avira) for me, it finds problems that it knows how. I employ other methods to safeguard myself, but definately have found Avira to pipe up from time to time, just as it should.

You can throw AV away, not use it, and be fine. You can also keep a light one, knowing what it's job is, and still be fine. I prefer to use it because it is no detriment, even if it is not the swiss-army-knife that so many other tools aspire to be.

I have not seen, on XP, the problem you describe, with the latest freeware version.

Sul." }-

+1 :thumb: :thumb: :thumb:

-{ Quote: "Frankly, I'm not impressed with Avira Free's BASIC anti-spyware.

You'll have to pay to get the FULL anti-spyware protection.

avast! Home has a better spyware detection rate IMHO, comparable to the paid version.
And that gives you a better sense of security, since spyware is more rampant than viruses these days." }-

Much as I like Avast, in every tests done, Avast doesn't come close to Avira's detection, be it spyware or malware and I mean this for free Avira.

The Avira GUI may not be fancy or fast but heck, as an AV it outdetects all including paid ones and that to me is the only criteria for a AV and nothing else.

Yeah Avira indeed detects quite a lot, especially unharmful exe-compressed files which contain no treat at all. Every compressed executable is being flagged as "infected" by Avira Antivir.::)

"every" ? lol.

I have seen this happen on some. Far from every though. Want to know where it happens most? Game cracks. So funny, when I go to a LAN party sometimes you can hear all these beeps from different computers, mostly when they have no-cd cracks and stuff. Seems they are ok to use, but antiviruses pick them up as bad. I one time went to one, and they were starting Battlefield1942 (that shows how long ago that was), and you heard all these 'beeeep beeeeep' sounds. It was humorous.

Avira today is much better about fixing false positives that years ago. Even some upx, which is probably what you are talking about, is flagged as bad, but fixed in a few days. Used to be months.

Sul.

-{ Quote: ""For some reason, Avira makes my system "not" idle and thus C:\WINDOWS\Prefetch\Layout.ini seems to take about 5-6 hours (of supposedly idle time) before "updating/defragmenting". " }-

Are you saying that the windows idle defrag feature doesn't kick in until 5-6 hours? How do you know this?

-{ Quote: "Finally someone understands what I'm saying. Yes that is what I mean!

I know this because:
1. I switch on computer in morning at say 7am and leave it to do nothing
2. I go out (therefore, my computer is idle from around 7am)
3. I come back and check the C:\WINDOWS\Prefetch\Layout.ini file. It should have updated itself at around 7:15am (you can tell this by looking under "date modified").

But with Avira installed, it updates at around 1pm! With NOD32 or CIS, it updates at around 7:15am. What is Avira doing in the background that prevents my system from updating until 5-6 hours later?

EDIT: I have noticed this delay with Avira more than 3 times now, so it is not co-incidence!" }-
Have you tried adding the file into AntiVir's Guard exclusion list? And what OS are you using?

I'll look into this issue, as well -- I use AntiVir Free. Layout.ini is the file that manages the boot optimize feature of Windows, correct? If so, then this would definitely be a huge issue for me, too. One thing I really hate about Vista is how long it takes to boot up, and the fact that I've spent nearly a month trying to find ways to speed it up >:( .

Rant aside, I do have a small question of my own: how many times a day should I update AntiVir? I've created a rule that will update it at my computer startup (If anyone is wondering how to do this, set the update frequency to Daily at time 0:00 h, and check "Repeat job if time has expired".) Is this enough (i.e. once a day)?

I will check out if there is a problem with Avira affecting the idle behaviour of XP.

-{ Quote: "Sandboxie, Returnil, Defensewall and Shadow Defender" }-

I never understood why people think those kind of tools can replace an AV. They don't detect malware when it is intruding your system. They are perfect cleanup tools after an infection. But then, how you notice the infection?
What about malware that directly performs its intended malicious actions such as sending out your credit card information as soon it is launched? Yes, on next reboot the malware is gone. Your data was stolen already anyway. The malware was able to run all the time until the reboot. And how does it help against scareware? The users are tricked into willingly installing those programs. No behaviour blocker or sandboxing will help.

Also, with the past experience of how malware does evolve and adapt, I think it is only a question of time until the malware authors find a way to break out of the sandboxes and bypass the cleanup on reboot. I wouldn't be surprised if this is already the case. Concidering the insane amount of malware that is out there, no one can test those tools against all of them.

So, as any other security solution, sandboxing apps / restoring systems is not a bullet proof thing.

-{ Quote: "I will check out if there is a problem with Avira affecting the idle behaviour of XP.



I never understood why people think those kind of tools can replace an AV. They don't detect malware when it is intruding your system. They are perfect cleanup tools after an infection. But then, how you notice the infection?
What about malware that directly performs its intended malicious actions such as sending out your credit card information as soon it is launched? Yes, on next reboot the malware is gone. Your data was stolen already anyway. The malware was able to run all the time until the reboot. And how does it help against scareware? The users are tricked into willingly installing those programs. No behaviour blocker or sandboxing will help.

Also, with the past experience of how malware does evolve and adapt, I think it is only a question of time until the malware authors find a way to break out of the sandboxes and bypass the cleanup on reboot. I wouldn't be surprised if this is already the case. Concidering the insane amount of malware that is out there, no one can test those tools against all of them.

So, as any other security solution, sandboxing apps / restoring systems is not a bullet proof thing." }-

For the toughest in the virtualisation arena (hardware virtualisation). allready true, see http://www.wilderssecurity.com/showthread.php?t=239227

So for software virtualisation only a matter of time (since this should be easier to evade in theory than hardware virtualisation).

There is some Wilders Member with a Borg quote "All your base are belong to us" :P

Stefan's remark not a Scifi story, but a fact of life :o

-{ Quote: "I never understood why people think those kind of tools can replace an AV." }-
Neither do I.

-{ Quote: "Neither do I." }-

x3 :thumb:

-{ Quote: "It would have been nice if you posted in that thread to support me haha." }-

I must have been busy writing one of those insane i-detect-all-packed-samples generics. :-[

Speaking of which, can someone explain to me why Themida added an option "anti av-detection"? I mean, Themida claims to be a commercial protector, why they would need anti-AV features? If a company adds features to it's products that their customers demand, I *really* have to wonder what kind of "customers" Orens actually has... The funny thing is - in breaking my Themida detection they actually *rise* the false positive ratio on Themida packed programs. Instead of Themida, I will detect it as an unknown cryptor... Great plan, really! NOT! :wacko:

-{ Quote: "Speaking of which, can someone explain to me why Themida added an option "anti av-detection"? I mean, Themida claims to be a commercial protector, why they would need anti-AV features? If a company adds features to it's products that their customers demand, I *really* have to wonder what kind of "customers" Orens actually has... The funny thing is - in breaking my Themida detection they actually *rise* the false positive ratio on Themida packed programs. Instead of Themida, I will detect it as an unknown cryptor... Great plan, really! NOT! " }-

hi Stefan,
can you finished crypter pack dedection?
(malwaretestlabs test packs)

maymoons, yes - I am just working on finishing the aeheur module for the release today.

-{ Quote: "I will check out if there is a problem with Avira affecting the idle behaviour of XP.



I never understood why people think those kind of tools can replace an AV. They don't detect malware when it is intruding your system. They are perfect cleanup tools after an infection. But then, how you notice the infection?
What about malware that directly performs its intended malicious actions such as sending out your credit card information as soon it is launched? Yes, on next reboot the malware is gone. Your data was stolen already anyway. The malware was able to run all the time until the reboot. And how does it help against scareware? The users are tricked into willingly installing those programs. No behaviour blocker or sandboxing will help.

Also, with the past experience of how malware does evolve and adapt, I think it is only a question of time until the malware authors find a way to break out of the sandboxes and bypass the cleanup on reboot. I wouldn't be surprised if this is already the case. Concidering the insane amount of malware that is out there, no one can test those tools against all of them.

So, as any other security solution, sandboxing apps / restoring systems is not a bullet proof thing." }-


I would rather run Avira+LUA and hardware DEP with SRP, a light and better compatible layer of security which should provide the necessary protection.

-{ Quote: "maymoons, yes - I am just working on finishing the aeheur module for the release today." }-

i will be happy, if you can say when you released.
i sent comodo also, they finished but mostly not generic.
i packed some other malware, comodo cant dedect them.

is it hard job?
is generic malware fingerprint generation hard? or packed files dedection?

-{ Quote: "I never understood why people think those kind of tools can replace an AV. They don't detect malware when it is intruding your system. They are perfect cleanup tools after an infection. But then, how you notice the infection?" }-

Stefan, you already talk about different techologies, with different means and objectives.
DW is policy based, and so you can forbid access to some critical areas or files per policy at kernel level.
Returnil, that I don't really know, is totally different in the concept (virtualizing modifications and then let the possibility to undo them?) and because of this has nothing to do with protection of sensitive data for example.

I am an intensive user now of policy restrictions and rules. I have your free version of antivir installed on my computer, except the guard, and use it to check all the programs I download.
For my credit card, I can't access it from LUA, as I modified the ntfs rules. My images and movies can be stolen, or even destroyed, I have a copy on external disk and these are private stuff, that nobody cares in my opinion.
If a new generation of malware was to appear, able to break through all of this..., well, I am not ready to sacrifice the risk of false positive, the use of cpu, ... to the hypothetical risk of a super malware.

Security is a process, not a tool.

-{ Quote: "Risk of false positive, the use of cpu? If it's false positive, just restore it? Simple" }-
That's the point. The probability, in my own opinion, to restore because of this, and compatibility issues..., is higher than because of a malware.

And no, I (when I say I, I mean just I) don't like the idea of having another process running 100% of the time for a potential problem, which might not even happen at all.

To finish, the main point is that antivirus softwares adapted to the behaviour of users and implementation of OSes, that is, allow everything. So they have to be anti-all-stuff. In this view. There is a thread about the new mebroot rootkit: many antimalware softwares do not recognise it yet. Well, fair enough: this is definitely not any kind of issue in unix-based systems as LUA windows based systems...

-{ Quote: "Stefan, you already talk about different techologies, with different means and objectives." }-

Yes, of course and I think all those technologies have their purpose are supplement each other nicely. What I meant is that I have the impression that some users here believe they don't need AV if they use Sandboxie, Shadow Defender or a similar product.

-{ Quote: "i will be happy, if you can say when you released.
i sent comodo also, they finished but mostly not generic.
i packed some other malware, comodo cant dedect them.

is it hard job?
is generic malware fingerprint generation hard? or packed files dedection?" }-

It's online now (aeheur 8.1.0.119). No fingerprinting, I added about 5 new generic detections and 1 heuristic rule (there was an interesting VB cryptor/dropper that I missed) and some minor flags that cause ATRAPS.Gen detections indirectly. Trojan.Filecoder is not really suitable for good generic detection rules, it does nothing much that is really suspicious. The packers were already all handled, either unpacked (and no detection because Filecoder is so "harmless") or caught by my generic cryptor detection with I used for the new heuristic rule. The ATRAPS.Gen modifications didn't result in much new detections, about 80 new generic hits on our database. The VB cryptor/dropper was much more "rewarding", 1800+ malware samples newly detected. So similar droppers were used pretty often by malware recently.

-{ Quote: "Yes, of course and I think all those technologies have their purpose are supplement each other nicely. What I meant is that I have the impression that some users here believe they don't need AV if they use Sandboxie, Shadow Defender or a similar product.



It's online now (aeheur 8.1.0.119). No fingerprinting, I added about 5 new generic detections and 1 heuristic rule (there was an interesting VB cryptor/dropper that I missed) and some minor flags that cause ATRAPS.Gen detections indirectly. Trojan.Filecoder is not really suitable for good generic detection rules, it does nothing much that is really suspicious. The packers were already all handled, either unpacked (and no detection because Filecoder is so "harmless") or caught by my generic cryptor detection with I used for the new heuristic rule. The ATRAPS.Gen modifications didn't result in much new detections, about 80 new generic hits on our database. The VB cryptor/dropper was much more "rewarding", 1800+ malware samples newly detected. So similar droppers were used pretty often by malware recently." }-

hi Stefan

i want to ask you a question ??

avira is highly depending on generic rules thats why its one of the best AVs at detection !!

my question is

why most AVs.Co don’t add alot of generic detecion like avira ?? is it because they fear the numbers of FPs or something else ???

-{ Quote: "why most AVs.Co don’t add alot of generic detecion like avira ?? is it because they fear the numbers of FPs or something else" }-

They do add generic detections all the time or use detections that also catches variants. I really like the generics in the Microsoft scan engine. Currently the best available generic detections I think but they are still not on top with the entire detection. FPs are always a big problem, for every AV program. I think many AV programs still try to add generic detection for single malware families, to have "exact" detection. I don't apply that restriction.

And maybe they haven't yet reached the same level of madness. It's called TR/ATRAPS.Gen for a reason... ;D

Before Stefan's aeheur module update

After

i will retest avira with another packed malware and new crypter soon

Thanks Stefan, Thanks Generic Signature Tech

I removed Avira Antivir Free because while downloading with Utorrent it gave me computer BSOD's even though I don't have the firewall ...

-__-

-{ Quote: "I removed Avira Antivir Free because while downloading with Utorrent it gave me computer BSOD's even though I don't have the firewall ...

-__-" }-


I have utorrent and have no issues using Avira free,so it's gotta be somethin else thats giving you the BSOD.

-{ Quote: "I have utorrent and have no issues using Avira free,so it's gotta be somethin else thats giving you the BSOD." }-
same here, not even a single issue. must be something else. not avira, that's for sure.

-{ Quote: "I removed Avira Antivir Free because while downloading with Utorrent it gave me computer BSOD's even though I don't have the firewall ...

-__-" }-

never had a problem with Avira and utorrent, im almost positive u have some other issue as the root cause.

-{ Quote: "
I never understood why people think those kind of tools can replace an AV. They don't detect malware when it is intruding your system. They are perfect cleanup tools after an infection. But then, how you notice the infection?
What about malware that directly performs its intended malicious actions such as sending out your credit card information as soon it is launched? Yes, on next reboot the malware is gone. Your data was stolen already anyway. The malware was able to run all the time until the reboot. And how does it help against scareware? The users are tricked into willingly installing those programs. No behaviour blocker or sandboxing will help.

Also, with the past experience of how malware does evolve and adapt, I think it is only a question of time until the malware authors find a way to break out of the sandboxes and bypass the cleanup on reboot. I wouldn't be surprised if this is already the case. Concidering the insane amount of malware that is out there, no one can test those tools against all of them.

So, as any other security solution, sandboxing apps / restoring systems is not a bullet proof thing." }-

A flawless argument, but if I had to choose on which to rely as a first line of defense I'm afraid virtualization would come first (I think/hope Avira and Shadow Defender will give me the 99,9 % that is impossible to get from a single application).

Furthermore I'd like to add that most of the sandboxing /virtualization applications do seem to update their products against malware that seems to have been designed specifically for them.

-{ Quote: "I removed Avira Antivir Free because while downloading with Utorrent it gave me computer BSOD's even though I don't have the firewall ...

-__-" }-


I use uTorrent 1.8x beta with Avira free and premium, I have downloaded quite a few DVDs and never did I ever get a BSOD. If you are getting a BSOD with uTorrent, it could be something to do with your TCP stack.

mine seems to get stuck here weird...
http://i43.tinypic.com/2eba64j.jpg

-{ Quote: "A flawless argument, " }-

Not exactly. His flaw was lumping Sandboxie in with disk shadowing programs. Unlike programs like Shadow Defender, Sandboxie can block access to passwords and personal files. It can also block sandboxed programs from network access so it can provide considerable protection from info stealers, some of them which can't be detected by AV such as Avira. I still scan new executables with Avira and KAV but I always run them in Sandboxie before I trust them.

anyone know why my scanner gets stuck at 37% >:( >:(

Assuming you mean the Avira scanner, which file is scanned when the scanner gets stuck?

-{ Quote: "Not exactly. His flaw was lumping Sandboxie in with disk shadowing programs. Unlike programs like Shadow Defender, Sandboxie can block access to passwords and personal files. It can also block sandboxed programs from network access so it can provide considerable protection from info stealers, some of them which can't be detected by AV such as Avira. I still scan new executables with Avira and KAV but I always run them in Sandboxie before I trust them." }-

I honestly don't know all the ins and outs of Sandboxie, and what your are saying shows this application being quite remarkable. I trialled it twice once with my XP machine and once with my Vista machine and it didn't seem to work properly. The reason I did not insist/investigate was that I'm more attracted to something that will shadow my C: completely, which I think is not possible to do with Sandboxie. I also think that a good firewall will block access to most applications trying to phone home.

The original point was that any sandbox/virtual application can be defeated (including Sanboxie, from memory it had several updates against vulnerabilities which were quickly dealt with by its dynamic developer), and therefore the trick is to have a combination of applications that by complementing each other, can address any contingency without overloading your machine. Avira, Sandboxie, Shadow Defender on their own won't be as effective as when run together.

-{ Quote: "Assuming you mean the Avira scanner, which file is scanned when the scanner gets stuck?" }-

I dont know it just says C...392993023 like that but it's at 37%

When you put the mouse over the file name, you should get a balloon tooltip displaying the full filename and path.

Sandbox software good for checking out pest from embedded software like compress archives and such like that. So nothing will drop out when you install them on your system and cause issues like a trojan horse would. If you system is a new image and hasn't be on the net or domain then using such programs only without the AV, SPY, FW will be okay for now.. One slip-up and bang your starting from scratch.

Avira I have that on one desktop and wireless laptop. It's okay nothing to write home about though. Some false positive hits. It does have some sort of HIPS but scanning takes forever. It told me I had 5 unknowns it could repair big mistake. I had to re-install those apps. PC Tools Spyware Doctor with Antivirus Intelli-Guard and Threat Fire HIPs better.

LOL! PC Tools AS and Antivirus Intelli-Guard are not even in contention in top tier AVs and they can't even be remotely compared to Avira, Eset, KAV, Avast, Norton et al.

-{ Quote: "LOL! PC Tools AS and Antivirus Intelli-Guard are not even in contention in top tier AVs and they can't even be remotely compared to Avira, Eset, KAV, Avast, Norton et al." }-

I saw that. Pretty funny quote.

Ice

-{ Quote: "LOL! PC Tools AS and Antivirus Intelli-Guard are not even in contention in top tier AVs and they can't even be remotely compared to Avira, Eset, KAV, Avast, Norton et al." }-

How you figure that one... I've tested Avira, Avast, ESET and can't get the KAV stuff to work no matter what, Norton and I go back to the days where DOS/Win3.1 and NAV1/2 was the norm. I had stopped using Norton Suite back in 2003 I believe. I not going to knock software AVs but I can tell you one thing PC Tools even though they're not as huge as everyone else sure does do the job..

Everyone software design and features are going to work differently, so you like yours because its protecting, I find the PC Tools does the job for me. It can even be run on Enterprise Server, I choose that server OS because the features are better than standard Server plus it is what I use on domain and the client sites where NAV Corp Edition is used as some still use McAfee VS or Trend Office Scan that would blow away most of what you have mention. I just want good solid protection that doesn't hang, hose, drag, let unwelcome guest come on in an etc..

Do you really think that the other sites that test various suites are just talking nonsense and your test is the scientific objective way of assessing an anti virus. So I guess a noob should consult you instead of av-comparatives and others.

-{ Quote: "When you put the mouse over the file name, you should get a balloon tooltip displaying the full filename and path." }-

ok i shall try again

ok here is link, with file path gets stuck on , i am going to turn of system restore try that. (resolved) Restore fixed it i turned it off then on.....:argh: :argh:

http://i41.tinypic.com/ztww8l.jpg

-{ Quote: "Do you really think that the other sites that test various suites are just talking nonsense and your test is the scientific objective way of assessing an anti virus. So I guess a noob should consult you instead of av-comparatives and others." }-

Other sites use controlled Office Model QA Testings.. Sure what they do might not work at home or other business. Sure you could use Admin Server AV and then run Client Agents on all the network systems you have and do it that way.

PC Tools like most here have there up and downs. Not all going to 100% protection though. Avira has some issues I ran the free and yesterday ran the full suite with the firewall an etc.. It was no better then running the Free both did the same thing. False positive, it never crashed like PrevX 3.0 did on me badly yesterday that couldn't run kept on saying it couldn't call home to check on dbase. So that was removed. Avira kept on telling me I had some thing in the root of C yes but that wasn't a trojan, or pest that was one of my own programs. Just kept on bugging me about it. Ignore this bla, bla didn't work. The scanner on Free and Top End Security Suite was dead slow even under Safe Mode both found the same stuff and none were any threat. It's firewall is weak and blocked the internet compared to the PC Tools Firewall Plus 3.0.1.14 with code injection feature not the a problem it connects to the internet after the reboot. PC Tools NIS 2009 well might be good for those who really only use the internet for research and surfing.. Power users should stay away from it..

CMD Scanners did a better job found threats in the registry and removed them. VIPRE Free did a better job as did A-Squared Free they found the pest and the alerted me about them VIPRE removed it auto the A-Squared gave me the option to do it on my own.

ThreatFire on level 5 is 100% better than PrevX . TF found stuff that PrevX failed to do. I am sure if the pest ID was in PrevX it would have found the same. What they need to do all these companies is get a real Business Analyst do a lot of research and network between here and amoung themselves to learn what's out there as a threat. Otherwise a lot of them are just not going to catch everything. Share from a command daily dbase.

:D Thank you for that wake up call! I was about to download Avira for the sake of my computer but now I feel like switching to NOD. And AV's really are the thing of the past. When overclocking gets famous I'll overclock mah old and rusty Pentium 4 so I can get a security suite! ;D

-{ Quote: ":D Thank you for that wake up call! I was about to download Avira for the sake of my computer but now I feel like switching to NOD. And AV's really are the thing of the past. When overclocking gets famous I'll overclock mah old and rusty Pentium 4 so I can get a security suite! ;D" }-

No problem I was using NOD32 for years but now it's ESET mode much different. I was going to wait until version 5 or 6 as 2 and 3 I had issues with it. Right now I need to find another AV to use. I don't want one that going to use too much resources or hog, hang or really doesn't protect and let every pest to come on in! I am trying to keep them out..

The Avira scanner is among the fastest out there and I have tested others that I will not name except to say that they are among top notch AVs. When the multi core option is enabled in Avira scanner, it can scan my terabyte drives faster than any other. As for FPs, I and others who run Avira in this forum will tell you that even on Avira with its highest heuristic settings, we hardly get any FPs.

About other testing sites, your assertion being that their testing may not be conducive to home av assessment parallels to among the wildest statements I have come across and directly insinuates that folks like IBK don't really know their jobs. :)

-{ Quote: "The Avira scanner is among the fastest out there and I have tested others that I will not name except to say that they are among top notch AVs. When the multi core option is enabled in Avira scanner, it can scan my terabyte drives faster than any other. As for FPs, I and others who run Avira in this forum will tell you that even on Avira with its highest heuristic settings, we hardly get any FPs.

About other testing sites, your assertion being that their testing may not be conducive to home av assessment parallels to among the wildest statements I have come across and directly insinuates that folks like IBK don't really know their jobs. :)" }-

You have to remember that a lot of criticism of Avira is because others are asserting a lot of nonsense in many cases as a ruse to simply promote the AV they are using.

Avira's scanner is the fastest (by far) I have ever used, and I get zero FPs with maxed-out heuristics.

-{ Quote: "You have to remember that a lot of criticism of Avira is because others are asserting a lot of nonsense in many cases as a ruse to simply promote the AV they are using.

Avira's scanner is the fastest (by far) I have ever used, and I get zero FPs with maxed-out heuristics." }-


Yep and in this case I fell for it hook line and sinker it seems.

-{ Quote: "For me, Avira is not the fastest scanner by far, but it is one of the fastest for sure. Its scanning speed is about the same as NOD32 version 3.0 and 4.0, as well as the Antivirus component of CIS.

Keep it up! Hope it continues to improve!" }-

Not to start a fight thread but Avira scanner is much faster and better then NOD32.
only to my little scan-test:)

Avira was faster in 2001 than it's is in 2009. But who knows what you all running on your systems. Everyone going to see it fast. Compare to all that's out there F-Prot AV 3x. was the quickies. To me F-Prot AV and NOD32 3x at the same type of speed. Game is much different 9 years ago for Avira.

I use it because:

1. it is free
2. it has a great detection rate, for free
3. it is reasonably fast, for free
4. it is simple, for free
5. it does one thing only, and for free
6. it uses little resources apart from starting or updating, even when it is for free
7. it updates pretty reliably, even when it is free
8. did I mention, it is free ?

Or, as Mel Gibson said in Braveheart,
FREEDOM!

Sul.

-{ Quote: "I use it because:

1. it is free
2. it has a great detection rate, for free
3. it is reasonably fast, for free
4. it is simple, for free
5. it does one thing only, and for free
6. it uses little resources apart from starting or updating, even when it is for free
7. it updates pretty reliably, even when it is free
8. did I mention, it is free ?

Or, as Mel Gibson said in Braveheart,
FREEDOM!

Sul." }-

Yes a lot of them are now free as well.. This above what you use has been around for years now and it's still free.

-{ Quote: "Avira was faster in 2001 than it's is in 2009. But who knows what you all running on your systems. Everyone going to see it fast. Compare to all that's out there F-Prot AV 3x. was the quickies. To me F-Prot AV and NOD32 3x at the same type of speed. Game is much different 9 years ago for Avira." }-

I still remember running Avira version 6 :argh:

yep, and it was faster then the current one.

For those with multi core CPUs and I am sure that now represents quite a few here, turn on the muti core option in Avira and then see the speed improve, thats how you can judge its speed.In terms of scanning speed vis a vis OS, in my experience, XPx64 with indexing turned off yields the fastest benchmark.

-{ Quote: "Yes a lot of them are now free as well.. This above what you use has been around for years now and it's still free." }-
lol, yes, you mean the old Luke Filewalker ?? That was funny.

Sul.

ok at the moment avira seems the best, consistent scan results at the top, very fast (with the optimized scan ticked) and according to av comparitives its got quite an edge on all other freebies atm. i am all for trying new stuff and always like to have the better one, i heard avast 5.0 is going for some pretty good new technique for finding malware, i cant actually find the post with features but it definately looks a goer so i MAY be changing soon but we will see. Also if avg would like to win me over they perhaps should improve something because the av-comparitives results are getting lower each year.

AVIRA is good, no doubt in that. Especially since they don't even use any advanced methods of emulation or something. And they detect s**tload of stuff with heuristics. What's even more impressive is the time they needed from mediocre AntiVir 6 up to current version 9.
AntiVir 6 was crappy for me, with version 7 they intorduced new heuristics and in just 1 year they launched themself to the top and still holding it strong.

If you look at others, they had a more gradual progress that was technically just as effective, but took much longer.

I remember trying Avira out many times. At that time AVG was becoming popular, but I always thought AVG was lame because it told you it found something, but was never very intuitive about what to do. I used f-prot a lot back then. Avira was not as good then as it is now on tests, but even then it was pretty slim. And that was hard to do over f-prot. I still think, out of the box, it is the slimest AV with best performance right now.

Sul.

-{ Quote: "Avira was faster in 2001 than it's is in 2009." }-

Of course. It was missing lots of unpacking back then which it can do now. Which results in scanning 5-10 times more files than before. You can't expect to have the same scan speed as before for this, right? Just alone adding support for NSIS and CHM brings down you scan speed alot.

Comodo is just light because they got almost zero unpacking. The insane high number of signatures they got also indicates they have almost zero generic detection abilities.

Just look at the virus section of definitions. 5 digit variants of Virut?
This alone tells me that there is something seriously wrong with the engine if they have to add signature for each and every different sample they get.
Thats just bad. Especially when it comes to polymorphic malware, where you simply need engine advanced enough to detect it properly.
Because adding samples for them never really ends.

-{ Quote: "Yep, Comodo AV is very average for now, but they are improving it big time. It will probably take months though. I suspect CIS version 4 will have the new and much improved AV component that has been promised. Unfortunately, performance may take a slight hit. I hope not." }-

Months? I'd seriously be thinking about changing antivirus program if its lackin that bad :thumbd: Too much malware to be messing around with a weak software.

ROFL :argh:

-{ Quote: "Yep, Comodo AV is very average for now, but they are improving it big time. It will probably take months though." }-

How do you know they are improving it? How exactly they are improving it? The huge number of static detections, especially for polymorphic malware (infectors like Sality, Virut) or server-side polymorphic ones like Waledac) clearly shows that they don't have either/both the tech nor skilled people to do it properly. You know, making a good AV is a bit more than just getting access to the VirusTotal samples and adding unique fingerprints for every single sample.

-{ Quote: "Not to start a fight thread but Avira scanner is much faster and better then NOD32.
only to my little scan-test:)" }-

On a fast system (and mine is very fast) Avira's scanner is much faster than NOD32.

-{ Quote: "How do you know they are improving it? How exactly they are improving it? The huge number of static detections, especially for polymorphic malware (infectors like Sality, Virut) or server-side polymorphic ones like Waledac) clearly shows that they don't have either/both the tech nor skilled people to do it properly. You know, making a good AV is a bit more than just getting access to the VirusTotal samples and adding unique fingerprints for every single sample." }-

Some of these people are simply promoters of the AV they are using. Most of them don't know if there are improvements and many AV firms in my view cannot do the job properly.

Scanning speed for NOD32 and Avira are about the same on my system.
Av-comparatives also showed NOD32 and Avira scanning throughput to be about the same.

-{ Quote: "Back on topic, any luck with regards to system idle timing and the effect of Avira on the following file: C:\WINDOWS\Prefetch\Layout.ini ?" }-

That is put on low prio for investigating because it causes no serious problems (Avira works, the defragging works, but it triggers delayed). They are working on getting the EU2 ready for release which should iron out most of the major known bugs of AV9. Maybe the schedule after that allows investigating the idle problem.

-{ Quote: "Yes, on-demand full system scanning speeds are about the same for NOD32, Avira and Comodo antivirus on my system (differences are within 1 minute of each other). I have a relatively old Intel Core 2 duo E6600 processor though (with 2Gb RAM), so perhaps Avira scans faster with quad-core chips etc." }-


Only with version 9 the multi core option has been given, when that is ticked, scanning throughput is the fastest as compared to others, I have seen all my 8 cores used and same with a i7.

I have both Avira and NOD32 running (different systems of course) and found using single core that they are about the same speed... I tend to limit my programs to a single core so I can use the other core for all sorts of junk...

I have tried AVG, but found it to be much slower and didn't find quite as much... and I won't talk about Norton... used it for years...

I also tried Comodo, but got rid of it pretty quickly... I also ran Macafee for a little over a year, but found it was slow as well as not finding everything...

Alas, those are the only anti-virus programs that I have used to date...

Regards -
-Bob

-{ Quote: "Wow, it seems like I am the only one who is obssessed over this "idle" problem that Avira has. It took over 5 hours of supposedly "idle" time for layout.ini to update today (and it took over 6 hours yesterday). From recent experience, with NOD32 or Comodo AV installed, it should only take about 15 minutes!

Also the updating process is still taking about 58 seconds (I suspect this is only a problem with the free version).

Time for a change once more!" }-

Not sure what your issue is,but updating is fast on my computer with Avira along with other people that I know who run it as well.

-{ Quote: "Try a manual update. It takes about 58 seconds before it even starts to check the server for me. I've only noticed it in the last few days. Are you running Avira free or premium?" }-


Free

Are you THAT bored in life that 58-seconds is gonna make or break you? Come on for real dude.

We suspect it is the polling of the Windows security center API that causes the idle problem. No word on a fix yet. :-\