Why Avira should add web scanning to their AV product.

I am having issues with this, the more I think. I can understand to "some" degree their marketing stratagy but, web scanning is a key component that directly works in conjuntion with the their AV component to find malware. Holding it back from the AV is taking away from what the specific AV product was created for.

With suites, antispam, firewalls and hips, all of this are added modules with specific functions but arent really as directly related to the AV as web scannng is. So it seems just from a AVs standpoint, they are saying you have to buy the suite to be more secure from malware, then you will be with just the AV product. It just doesnt seem right to me.

 

If the web-scanning was part of the a/v, I would shut it off, and then feel that I paid too much for what I use. I do understand your point though, buying the a/v would make you feel "short-changed", and maybe just the free-a/v users should do without the added module....

 

Yes Avira should have web scanning. Unlike 19monty64 I would certainly enable the feature if available.

 

What to me is "directly related" is on demand scanning of downloaded files. That is ALL that is needed in an AV. I don't use the Guard (although I may install it just to see what is new with it) and certainly would have no use for a redundant web page scanner which is probably the silliest thing any AV vendor ever dreamed up. I left NOD32 when they came out with their stupid web scanner. I wasn't about to pay for that dumb thing that drastically slowed my internet speed and was totally pointless. Even a Real Time monitor is pretty much pointless for me because if I did happen to get a nasty from a web page (unlikely on Firefox) I would catch it with the on demand scan I always do immediately after downloading anything or ProcessGuard would stop it from executing. So, I am glad that Avira did not include it in the Personal Premium version. Stuff like that should only be in Suites for those who have a thing for Suites and who don't mind paying the price for all that stuff.

 

Scanning is scanning, firewall is a firewall, and anti-spam is an anti-spam. You cannot separate components of each like Avira did. If one paid for an Antivirus, one paid for the scanning part, and that should include all forms of scanning. Bottom line: Yes, Avira should include the HTTP scanner in their premium product, and it should be an optional feature which can be easily disabled if needed.

 

Slightly O/T but does Avira Antivir Premium's ability to remove viruses match it's excellent detection rates? If so I may switch from KAV 7 as I've been finding it a bit slow when browsing.

The 30 day evaluation version of Avira I'm using is super-fast.

....But after reading some of the comments on this thread I'm now back with Kaspersky.

 

their cleaning ability doesnt even come close to Kasperskys. I would think Nod would have the edge there. HTTP scanning is fast with Nod and you get great detection and cleaning.

 

Now if I understand what you are saying is that unless Avira includes HTTP scanning in their Antivirus your downloads and web browsing won't be scanned?? You know better than that, any file that is accessed, sent, downloaded or what ever is scanned by Avira. Why would I need it to add a line to the GUI telling me that it scans all HTTP traffic when I already know it does.


bigc

 

it's a difference between http scanner and on-access file scanning. The http scanner creates a special "sandboxed" folder containing the Cache and all the files transmited during a browsing session and if it finds no threat there it lets the files go into the real Cache and other folders. There is a difference if the file is scanned like this or in the "normal" way like all AVs with no http scanning do it.

 

I thought they included http scanning in the premium version too, but it's only in the suite so I will not be buying any Avira products until they get their act straight.

 

You know?
When you reach a webpage with an exploit that will run directly in the memory of your browser (because of some kind of buffer overflow, for example), it doesn't have to be saved on disk... so there won't be any file to be accessed or scanned (oh, maybe there will be - your private files that will be sent out from your computer by the malware... but I doubt the antivirus would detect those files as infected ).

 

Having never ever seen anything like this, I'm beginning to doubt how far this is true.

 

Im glad Avira finally got to including a HTTP scanner though I wish they included it into the premium version too.

And Im not switching, but at least I now have an alternative to NOD32 and KAV if I ever need it.

 

But what you are not understanding is that Avira scans anything accessed or tries to access. If a file of some sort can access my comp it will be "seen" if not by avira then by any of several other antimalware apps I have running not to mention it is a lot harder for something to run anything in Vista including malware trying to phone home. Still don't need HTTP scanning. And My browser "Opera" is a bit hard to exploit.

 

Anything accessed... yes. Anything making the access... I'm not sure if I believe this (and even if it did, it would most probably be file-wise, so useless here).

Again - you speak of files. Yes, for a file you might be right - but not for a piece of code running in the process of your browser, there's no file here. Remember the Slammer worm? It spread as one network packet - and it stayed in memory the whole time, never got written to disk. (I know Slammer didn't attack web browsers, I'm just trying to explain the point.)

"Hard" doesn't mean impossible; besides, "less attacks for Opera" might also be caused by "less interest in Opera".
Anyway, I'm not trying to question your security setup; I just don't fully agree with the general "HTTP scanner is completely useless" attitude - I believe in some cases (maybe theoretical today, but possibly real tomorrow) it might help.

 

I guess in the end it really doesnt matter. you are protected either way. Just thought I would ask. Anyway, I will take Sandboxie as a add on any day over web scanning.