Avira

Discussion in 'other anti-virus software' started by JerryM, Apr 16, 2013.

  1. Stefan Kurtzhals
    Offline

    Stefan Kurtzhals AV Expert

    APC is used for the quick system scan and for certain on-execute events.

    That HIDDENEXT detection is designed to catch those spammed malware samples (fake invoice/bills etc.). They often disguise their .EXE extension with having a 2nd, harmless extension. Like "Amazon invoice 2014-02-24.pdf.exe".

    Very old trick, but still widely used by malware.
  2. phyniks
    Offline

    phyniks Registered Member

    Thanks Stefan....it was very informative
  3. anon
    Offline

    anon Registered Member

    Avira Knowledge Base:

    Avira Version 2014 - Update 3
    Last updated: Monday, February 24, 2014
    Affected products
    • Avira Professional Security [Windows]
    • Avira Free Antivirus [Windows]
    • Avira Antivirus Suite [Windows]
    • Avira Internet Security Suite [Windows]
    • Avira Family Protection Suite [Windows]
    • Avira Ultimate Protection Suite [Windows]

    http://www.avira.com/en/support-for-home-knowledgebase-detail/kbid/1651

    -----------------------

    Update: Avira Antivirus Security - Version 3.1 SP1
    Last updated: Monday, February 24, 2014
    Affected products
    • Avira Free Android Security [Not relevant

    http://www.avira.com/en/support-for-home-knowledgebase-detail/kbid/1652

    .
  4. anon
    Offline

    anon Registered Member

    =
    3. New Features
    • Enhance the User Agent String with the Machine UID
    • User Agent String: enhance it with default browser
    • Track Configuration Center open and close
    • Track Control Center open and close
    • Track if the user clicks the Scan Now button in Control Center

    4. Bug fixes
    100% CPU load caused by MailGuard with some Email servers fixed
    • Outlook 2003 & 2010 IMAP email fetching is blocked by MailGuard fixed
    • On Demand scanner crashes when more than 4 partitions on a single drive fixed
    • On Access scanner is not deleting temporary files during startup fixed
    • Complete logging does not work for on access scanner fixed


    http://www.avira.com/files/support/FAQ_KB/EN/changelogs_avira_version2014_update3_en.pdf

    http://www.avira.com/en/support-for-home-knowledgebase-detail/kbid/1651
  5. redwolfe_98
    Offline

    redwolfe_98 Registered Member

    what is "APC"? does anyone know?
  6. anon
    Offline

    anon Registered Member

    General information

    Avira Version 2014, Update 3 will contain the following changes:

    1. Integration of APC in Avira Free Antivirus
    With the integration of APC (Avira Protection Cloud) in Avira Free Antivirus we will provide
    the same protection to all useres
    . This affects not only the product and the Avira Protection
    Cloud but also „MyAccount“ since the authentication needs to be accomplished as well.

    2. AIRS Redesign
    AIRS (Avira Intelligent Repair System) is a refactoring and improvement of the current repair
    functionality in all Avira Windows products.

    AIRS will change the repair that it corresponds to current technology of malware and we are
    also able to react faster in repair and removal issues to clean up the infected users.

    The first TechPreview gives you the opportunity to already test this new functionality before
    others do. The first version includes all necessary registry functionality. For example with AIRS,
    we are able to delete random generated Registry keys from malware infection which was not
    possible before. Another highlight in AIRS is that we improved the option to change/ delete as
    well as create all security changes in the registry which are not located to the malicious infected
    path, but definitely made by malware.


    http://www.avira.com/files/support/FAQ_KB/EN/changelogs_avira_version2014_update3_en.pdf
  7. true indian
    Offline

    true indian Registered Member

    One question...I am really confused now.

    Is the official avira free currently providing APC or not? :D

    @Stefan Very Interesting concept....can you explain more please.I mean does it check every unknown file to avira cloud or does avira have a whitelist of some sort
    Last edited: Feb 25, 2014
  8. anon
    Offline

    anon Registered Member

  9. aaa839
    Offline

    aaa839 Registered Member

  10. Stefan Kurtzhals
    Offline

    Stefan Kurtzhals AV Expert

    true indian, it has a black and whitelist to avoid uploading and analysing of known files again.
    When an executable is unknown to those lists and the product thinks something about the file is suspicious enough, it will be uploaded and processed by the cloud detection modules.
  11. spywar
    Offline

    spywar Registered Member

    true indian, you could find all infos in the APC official page :rolleyes: ...
  12. RejZoR
    Offline

    RejZoR Polymorphic Sheep

    Same applies to large whitespace sequences like:
    Code:
    amazon_invoice.pdf                                          .exe
    (i hope the forum will render the empty space)

    Where Windows Explorer just doesn't render the actual extension of file because the name is way too long.
  13. zfactor
    Offline

    zfactor Registered Member

    been ripped off more than once and MANY of the keys sold there are fraud. i deal directly with some av companies we sell locally out of my shop and i cant tell you we see fake, stolen, keygen'ed etc etc etc lic's people bring in all the time.

    i would LOVE to grab some avira for 15$ though.
  14. Stefan Kurtzhals
    Offline

    Stefan Kurtzhals AV Expert

    Jup, or underscores "____", layered archives, archives with password (which included in the email) and so on. I added alot of detection rules for these things over the years. Seemingly, despite being very old methods, they still must be effective on users. :(
  15. Witttr
    Offline

    Witttr CEO Avira

    Avira update and request for feedback.

    Hi all,

    reading the forum has provided me some good insight about our company and our technology (of course, some of it causing an emotional roller coaster of feelings...). I would like your feedback and suggestions to make us even better. Let me summarize what we have done, based on the posts found in this thread and in other feedback forums:

    Over the last 6 months we have done the following:
    - removed our splash screen advertisements from free (September 2013)
    - added Avira Protection Cloud (APC) to our paid products real-time scanning (October 2013)
    - rolling-out APC to our free user base (ongoing, will probably take a couple of months before 100% is reached)
    - removed the Ask toolbar (global removal to be complete by the end of Q1)
    - as of November we are back at the top in detection rates (AV Comparatives and AV Test).
    - added a great AV product for Android, based on current test results (August 2013)
    - added a free web portal to connect all of our users devices, with the exception of Mac (January 2014)
    - changed our update structure (xvdf) in beta now (March/April release)
    - offering a new browser safety plug-in, Avira Browser Safety (ABS) (January 2014- Chrome)
    - improved repair (January 2014)
    - continue to improve Avira Answers as a free source of help for our products and the security issues our users face (not yet a forum replacement)
    - continue to offer direct support at no additional cost for anyone, who purchases a license of our products (phone, e-mail, chat, etc..)

    What we have planned in the near future:
    - removing user registration requirements for Online Essentials and the mobile apps (approx. Q2 2014)
    - releasing ABS for firefox (March 2014)
    - continue to focus on detection and repair functionality
    - continue to work on the user interface, improving usability
    - adding Mac support to our online essentials portal
    - adding multi-user support to our online essentials portal

    I would really like to get both your feedback as well as constructive improvement suggestions. I can’t promise that we will incorporate them all, but I will provide you with a response and reason behind our actions.

    Thanks again for your contribution (and in advance for your continued feedback),

    Travis
  16. anon
    Offline

    anon Registered Member

    Re: Avira update and request for feedback.

    Although I was against in some of your decisions (mainly re the ask crapware & Avira Answers, I have written many post here and there in Avira's Forum), I have to thank you because you are listening the Avira users.

    Once again, thank you Mr.CEO.
    Last edited: Feb 27, 2014
  17. zfactor
    Offline

    zfactor Registered Member

    Re: Avira update and request for feedback.

    one thing i would like to stress is DO NOT add all kinds of extra junk like so many others are doing. and please no added social media junk added either. just keep it a great av with the normal filters, no speed up your pc, clean your browser, uninstall programs etc etc. keep it simple. i would like to personally see a new avira firewall but i doubt we will see that. please fix the windows message saying avira is turned off that is SO annoying something that should have been fixed by now i have this problem on a few pc's nothing fixes it. other than those things i love avira i dont even personally care if there is a new gui or not (if you do please do not go nuts with all kinds of confusing icons and crazy colors ... see panda's gui i really dislike that one)

    overall thank you and please keep moving in the right direction!!
  18. DoctorPC
    Offline

    DoctorPC Banned

    Re: Avira update and request for feedback.

    I second this.

    I used Avira for roughly 10 years, then left some time back due to declining detections, and other reasons. I've come back precisely because I crave a 'core AV' without all of the bloat.

    The level of bloat being added to AV's is disgusting, even Webroot suffers from it now. Extra buttons, extra tweaks, extra features, all of it that really amounts to a hill of beans, and more frustration. We don't want widgets, fancy notifications, optimizers, and other nonsense. We've had enough of this in my opinion.

    I ask that you improve performance of the product under Windows 8X. The immense slowdown it causes during system boot is unacceptable, and disabling modules to fix it is quite annoying.

    I'd also ask you focus on dealing with PUPS. These - in my opinion, are becoming a much bigger problem than viruses. Puts can act so much like a trojan that they are in fact - a trojan, and without good awareness of them many clients are suffering. High PUP detection is a must these days.

    I appreciate your direct, and very vocal anti-NSA stance, it's another reason I've gone back to Avira. I won't run any AV that doesn't have a strong, official anti-NSA policy. Period. Won't happen - and many of my clients won't run products that aren't ready to make that declaration. I appreciate your stance on this.

    Keep it simple, unbloated, and fight Uncle Sam, and we'll keep buying it.
  19. Stefan Kurtzhals
    Offline

    Stefan Kurtzhals AV Expert

    The Windows Security Center warning is going to be fixed soon.

    The boot time slow down is under massive investigation for some time. Update 4 will contain alot of improvements (new VDF format, guard optimizations). We are investigating the issue that was mentioned here (Mailguard + Firewall) and are testing changes that help with that.
    Another big speed improvement for boot up is also scheduled for a dev team for the next 2 weeks (code freeze for update 4 afterwards), not sure if they can finish it in time. It is a really *big* change in on-access scanning behaviour.

    Focusing on PUA, alas, I would gladly do that, but it is really a legal issue. :gack: Turn on APPL/ category, I try to add as many as possible to that. Yesterday another new generic rule for a PUA that detects 450K new samples.
  20. anon
    Offline

    anon Registered Member

    @ Stefan Kurtzhals,
    Many thanks for the info.
    -------------
    There is another bug (C:\ProgramData\Avira\AntiVir Desktop\TEMP => multiple "scaninfo.tmp" files in the Avira TEMP folder)
    https://forum.avira.com/wbb/index.php?page=Thread&threadID=158550

    also:
    (Case-ID #99627995) many scaninfo.tmp files in C:\ProgramData\Avira\AntiVir Desktop\TEMP folder) remains
  21. Witttr
    Offline

    Witttr CEO Avira

    The challenge we have, is of course balancing between making money to fund our development, while providing more and more value to our free products (sadly, the market is moving to free and license sales becomes more and more difficult). We will do our best to avoid bloatware and only focus on the "essentials" required to be safe in the internet (marketing pitch, I know; forgive me).

    What we will ensure is that any monetization effort will be configurable and for the most part; opt-in and highly relevant for users (you have to choose to accept, but you will hopefully want to). We will continue to offer a search product (opt-in), where we annotate the results and we will be hosting the service in our own network soon, adding much more value to the experience. Any personal information (PI) we inadvertantly collect, we will not use it for direct targeting (kept away from our marketing team), with the exception of license renewal data and anonymized statistical analysis. We will keep some advertising in the products, but make sure it's relevant and valuable to our users (the only opt-out/locked component of our free product).

    With regards to speed; it is at the top of our agenda. As Stefan says the new vdf infrastructure as well as download speed performance (we are currently moving to a global CDN for both updates and downloads), are at the top of our list and are already a dramatic improvement to our performance. We are aware of some speed hurdles within Windows 8. We have planned for an additional improvement addressing the Windows 8 topics in our update 4.

    Keep the feedback coming.
  22. aaa839
    Offline

    aaa839 Registered Member

    It was great that Mr Witteveen you are going to listen our voice
    I has been used avira for many years(since v7)
    I hope something which plan and said before can still continue

    Generic repair as an optional interactive
    Whole new redesign interface which match Online essential
    Improvement for the On-demand scanning speed(including initialization,unpacking huge archive)
    Put more resource on current support forum
    Redesign detection dialog box
    Protection cloud status page inside the control center
    Protection cloud uploading progress bar and detection status dialog box for ondemand scanner
    Protection Cloud will doing scan in all manual scan profiles
    improvement and add more windows firewall control module
    (such as add control in configuration instead provide a link direct to MMC/Control panel,
    Could possibility to filter outbound connection like Windows FireWall Control)
    or Buy/redevelopment a new Avira firewall
    Improvement stability of Avira system speedup(windows 8.1)
    Native 64bit for whole programe
    New HIPS module for current ProActiv replacement
    Prevent MD5 error when doing update
    fix more bug as fast as possible
    Last edited: Feb 27, 2014
  23. anon
    Offline

    anon Registered Member

  24. Trespasser
    Offline

    Trespasser Registered Member

    Re: Avira update and request for feedback.

    Great to hear. Avira was always my favorite antivirus until the Ask Toolbar thing was introduced. It will be nice to welcome AntiVir back on to my PC once again.

    Thank you.

    Best regards,

    Bob

  25. zfactor
    Offline

    zfactor Registered Member

    Re: Avira update and request for feedback.

    just a few key things i wanted to say in response to your second post:

    just keep in mind that people like myself who do in fact PAY for all my av's and use NO free solutions do not want to see adds being a paid customer, as well as dont want things being added all the time that we dont want or use. your basic non tech savy user will either usually use the free solution or they simply dont care. this is honestly the one reason i do not use avast much (not doing a a to be here) due to the fact they keep adding more and more "junk" imo to the suite. my point is do not forget the paying customers who spend the money to actually purchase your av like so many other companies have over the recent years. because those paying customers can easily find another solution in todays market. if anything needs to be added PLEASE make it part of the custom install so if we do not want it we can choose to not even know it exists (without pop ups like some other companies see avg continually trying to get someone to install those extras)

    thank you for working to make avira better!!