Avira AntiVir 9 released!

Discussion in 'other anti-virus software' started by Cutting_Edgetech, Mar 17, 2009.

Thread Status:
Not open for further replies.
  1. Arup

    Arup Guest

    Couldn't agree more.
     
  2. PaulBB

    PaulBB Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    722
    Try Avira RegistryCleaner 7.0.0.8, worked for me.
     
  3. IceCube1010

    IceCube1010 Registered Member

    Joined:
    Apr 26, 2008
    Posts:
    963
    Location:
    Earth
    Running great here but I am getting this detection:

    NOT signed -> 'C:\WINDOWS\explorer.exe'
    [DETECTION] Contains HEUR/Modified.SystemFile suspicious code

    I'm using WinXP pro sp3 with the vista brico pack. I have Heuristics (high) and Integrity checking of system files. Could the bricopack make this happen?

    Ice
     
  4. boonie

    boonie Registered Member

    Joined:
    Aug 5, 2007
    Posts:
    238
    I have the same XP service pack and the same Brico pack (small world) and have received the same warning. I know Brico does modify a number of system files, including Explorer.
     
  5. boonie

    boonie Registered Member

    Joined:
    Aug 5, 2007
    Posts:
    238
    That's not good. Anyone else seeing this?

    I've run a complete system scan from Overview, and a scan of my system drive from Local Protection. In both cases I checked, and then unchecked Integrity Checking and Rootkit Scan. Options were correctly executed in each case.

    Received the same 2 false positives in each scan.

    Deactivating any of the Guards now causes umbrella to close.

    Although Avira does not put a shortcut in the Start menu, running Setup.exe from the Avira folder will allow you to uninstall using Avira uninstaller.

    Backed up profile with FD-ISR and gave it a try.


    Ran Setup.exe to uninstall. Rebooted.

    No folders left afterwards.

    Found 5 reg keys remaining:

    My Computer\HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ANTIVIRSCHEDULERSERVICE\0000

    My Computer\HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_ANTIVIRSCHEDULERSERVICE\0000

    My Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ANTIVIRSCHEDULERSERVICE\0000

    My Computer\HKEY_USERS\S-1-5-21-1547161642-1645522239-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Avira

    My Computer\HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Avira
     
  6. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    3,344
    Location:
    Europe, UE citizen
    I too: XP SP3, BricoPack and same alert.
     
  7. IceCube1010

    IceCube1010 Registered Member

    Joined:
    Apr 26, 2008
    Posts:
    963
    Location:
    Earth
    I believe the Brico packs modify some of the system files to make our pc's look good. FP. Since the Heuristics detected this, Avira dosen't need to be concerned with it.

    Ice
     
  8. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    3,344
    Location:
    Europe, UE citizen

    Thanks, I'll try it. ;) But I wait for read if it could be a version bug. I'm bored to uninstall, install, restore a previous disk image...
     
  9. boonie

    boonie Registered Member

    Joined:
    Aug 5, 2007
    Posts:
    238
    Almost 100 files. If you go to :

    C:\WINDOWS\BricoPacks\SysFiles

    you can find the backups of them.
     
  10. rookieman

    rookieman Registered Member

    Joined:
    Mar 26, 2006
    Posts:
    411
    The Premium upgraded on my Vista fine.I installed the freebie on one of my son's computers and that went fine as well.But when it came time for me to install it on another computer things went awfully wrong.I shut off the realtime protect from the tray and tried to uninstall using add & remove and it wouldn't uninstall!It also keep a file in c: program files and wouldn't let me delete it either.I had to run their registry cleaner to get rid of the mess I made.Did I do something wrong with this last uninstall?
     
  11. Mongol

    Mongol Registered Member

    Joined:
    Jul 24, 2004
    Posts:
    1,581
    Location:
    Houston, TX
    Running buttery smooth here along with Prevx Edge...:thumb: :D
     
  12. Leo2005

    Leo2005 Registered Member

    Joined:
    May 31, 2007
    Posts:
    179
    Location:
    Braunschweig (Germany)
    well this is no heuristik detection. this detections checks for microsoft signature. and if modified the file is alerted. disabling integrity check of systemfiles could help, if you're scanning with a other scan profile then the system scan.
     
  13. RejZoR

    RejZoR Lurker

    Joined:
    May 31, 2004
    Posts:
    6,426
    I see no reason to monitor XP visual styles files, because to be honest, huge majority of users are using hacked version so they can use other themes.
     
  14. IceCube1010

    IceCube1010 Registered Member

    Joined:
    Apr 26, 2008
    Posts:
    963
    Location:
    Earth
    The only reason I thought this might be Heuristic detection is from the info:
    NOT signed -> 'C:\WINDOWS\explorer.exe'
    [DETECTION] Contains HEUR/Modified.SystemFile suspicious code

    Ice
     
  15. Ocky

    Ocky Registered Member

    Joined:
    May 6, 2006
    Posts:
    2,713
    Location:
    George, S.Africa
    The discrepancies mentioned only occur when a (full) system scan is run from Overview section.o_O When run from local protection all the configs set
    are reflected correctly in the report (and were scanned accordingly).

    The 'orphaned' reg entries found will depend on the reg scanner used.
    Will check again tomorrow after booting.
     
  16. Leo2005

    Leo2005 Registered Member

    Joined:
    May 31, 2007
    Posts:
    179
    Location:
    Braunschweig (Germany)
    i know. this could be a security reason. cause heuristik detection cannot be deleted. this detection does cause a lot "false positives" cause it alerts even "harmless" changes of the system files.
     
  17. Macstorm

    Macstorm Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    2,642
    Location:
    Sneffels volcano
    Webguard module works blazingly fast :thumb:

    So far the only website that i had to add to exclusions in order to work properly was one from my local bank :cool:
     
  18. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,623
    Location:
    USA
    I see a lot of positive comments on this product, but am put off by the fact that they require you to register with them to even test it as a trial. If you give them this info do they start spamming you?
     
  19. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,752
    Location:
    Toronto Canada
    I haven't heard of them doing that. If you want to talk about spam try anything Panda.
     
  20. Stefan Kurtzhals

    Stefan Kurtzhals AV Expert

    Joined:
    Sep 30, 2003
    Posts:
    702
    Users who knowingly modified their system files should not enable the option to detect modified OS files. However, quite alot of malware use this method to avoid creating autorun registry entries, like patching the AppInit string in USER32.DLL and so on. So if you disable the detection, you will loose protection.
     
  21. progress

    progress Guest

    So this sort of malware is starting without autorun entries? :ninja: Wow, I didn't know this ...
     
  22. Stefan Kurtzhals

    Stefan Kurtzhals AV Expert

    Joined:
    Sep 30, 2003
    Posts:
    702
    Yes, this is being used for some time already. The malware does modify OS files that are launched everytime Windows boots. So there is no need for creating suspicious reg keys.

    To make things even worse, those files are usually modified only in a very few bytes so it is easy to get false positives if you don't pay close attention when adding detection.
     
  23. IceCube1010

    IceCube1010 Registered Member

    Joined:
    Apr 26, 2008
    Posts:
    963
    Location:
    Earth
    That is why I said Avira need not be concerned with the Heuristic FP for the file a stated above. This is a good thing that Avira flags this. The Brico pack makes XP look really nice but at the expense of the FP. Avira has done a fine job here and continues to Amaze me.

    Ice
     
  24. Carver

    Carver Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    1,910
    Location:
    USA
    I downloaded Avira this afternoon and installed it, I wanted to see what had been added to the configuration options. I clicked configuration a screen appeared but it was blank. I put the curcer over it I got a hourglass figure, it took a good minute for the hourglass to go away. I then to check my email with mailwasher, it reported my pop server was not acting appropriately. I changed the Heuristices from high to med to low all to no efect so I simply told Mailguard not to scan my mail. But other than that it runs great, I notice they tookout the email address to send the infected files..it is about time, it never ever worked right.
     
  25. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    After seeing all the positive reviews of Avira 9 i decided to upgrade from V 8.2, and i have had no problems at all so far. Version 9 seems to be running smooth like silk. Thank you Avira for a great product! I also have to say that after uninstalling Version 8.2 i went to clean out all the registry traces left behind as i always do before upgrading any software. I was amazed to find that the uninstaller didn't leave any traces behind for me to remove from the registry. Wow! That's a first!
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.