why does avira always do so bad in other tests

Don't trust in tests... Get malwares and scan it in your computer with Avira and other AVs... You'll see that Avira is a TOP AV if not the first in the ranking. Avira detects about 100% of all malware (old and new). It's better than Kaspersky, F-Secure, NOD32 and all other in the moment. The valorization o signatures allied to the best heuristic created is Avira and it's detection. The result is the best until now. I like FS and Kaspersky too but they need to improve heuristic to get Avira.

 

there is no "Best." Just Good and Better.

 

Avira's heuristics... sigh.

But then again, people will be happy as long as their AV whacks something, irregardless of what it whacks. It sometimes annoys me to see Eset and Kaspersky investing time and money and effort into developing advanced emulation heuristics, when it turns out that people are perfectly happy with something that whacks packers and uses pretty crude rules for its heuristics, but I guess that's the way it is.

 

thank you

 

Avira bad?

Have a look here for yourselves www.av-comparatives.org

 

Avira is not bad, it is one of the tops. But peoples are different. So just want detection, some cleaning, some both. You really need to try any product before buying.

 

Well, i always find the same with ye ol' Avira: high detection rates and overall lightness, but on the other hand quirks like trouble updating, and sometimes weird behavior and lots of FPs. So, every user has do decide if it's good enough for him/her.
And i noticed one more thing-the high FP rate is present only if the heuristics is set to high, almost inexistent if it's back to medium. So, my general advice would be to use HIGH settings only for on demand scan, if one encounters something fishy during on-demand scan, it can be put in quarantine and sent to avira's team to decide if it's indeed a FP or a real malware. Even without the highest heuristics possible, it will still protect just fine, since it has a HUGE number of signatures (many generic as well), and the more agressive setting can be used to double-check the system once in a while, and to manually scan files downloaded from dubious sites etc.
And yes, i don't think that those tests which show so low detection rates for avira are fully correct and impartial.
Cheers

 

Take a disk/partition image before installing an AV.

 

Stefan Kurtzhals has said that Avira is working on an emulator and generic signatures

 

You must know what Avira's generic signature means.For example:TR/Crypt.XXX.Gen.And you also must know its heuristic means.For example:HEUR/Exploit.HTML,HEUR/Crypted,If you know them,you will understand why Avira has "the best detection rate".

 

According to AV-Comparatives, Avira does not do so well with false alarms. It has been said its heuristics are programmed to flag files using unusual run time compression routines, regardless of the content.

 

But it works and is rated top along with NOD32, question may come down to how much you are willing to spend.
Avira Premium Suite is £26.95 for 1 year, but only credit cards (no debit cards).
NOD32 suite tbc (Wiki says £29 plus VAT), but I can pay with Solo (debit card).

So not much in it then.

 

I hardly ever get FP on my Avira for the last year I have been runnin it and I have real time and scanner set on high.

 

It's not heuristics set to high that produces Avira's legendary FPs. Its the extended threat category with Application and SPR (especially SPR) checked.

 

Those aren't set by default are they

 

I believe Avira is pretty ok. And indeed there is no best. A piece of software is only good when it works good on YOUR PC. GData has won millions of prizes but it just won't run well on my PC. Is it the best than? I don't think so

 

Indeed, I frequently collect malware from hacked sites and do my own little tests. Quite a few occations where there is sample which is able to infect other executables, and run together with host file to download trojans onto your pc. Avira always flag such infected exe as TR/DL trojandownloaders.....I compared the VT log of the trojan dropper and infected exe, obviously the dropper everyone had it in the downloader/dropper category, but infected file, Avira was the only vendor flagged as trojan rather than a Win32 virus.

The best part was when I submitted through their webpage using 'false positive' category, I got a automated responds, followed by another email which told me it's already detected. True, then I replied with detail description of how this was a legitimated exe which was infected with a virus, I needed to clean/repair such files rather than everything on my pc. But I never got any reply, I hope my email was lost somewhere during transmission, and this is not the attitude of the Vendor towards a user or certain types of malware.

PS， looked at the email from avira again, the sender's address is noreply@.... In the second email there's nowhere it said do not reply to this email, only in the automated responds which showed unidentified sender and do not reply to this email, So I have to guess....Guess I need to try my luck with support@ with the tracking number, wish me luck.

 

When we talk about AVs, rather than opinions it would be interesting to have facts. Most of us have never or rarely been infected, and therefore it makes it difficult to assess how good a particular AV is performing in different systems.

I had Nod32 for 2 years, and it caught an enormous amount of malware, not because of my surfing habits but in my job my computer is exposed to a lot of threats. I also ALWAYS run my system in virtual (shadowed) mode. Lately I've decided to run without ANY AVs, as I'm more and more convinced that AVs with the right combination of security applications are not necessary(if you know what you are doing).

I have however installed Avira Premium on my son's computer (there was a great 6 months offer to try it, and my son is very young and reckless) detecting a lot of stuff. At first I thought perhaps the detection was full of FPs, but after submitting the samples to Virus Total it was clear that Avira was by far better than any other AV. Now, whether Avira will keep this momentum in the near future, it remains to be seen. Tests have shown that one period KAV might be on top, the next Nod32, and so on. This lack of consistency from AVs companies is the main reason I'm trying to build my security without them.

Avira, from my experience is number one at the moment, but for how long?

 

The were set by default until the September upgrade at which time Avira set them to off by default. I like to use them because Avira keeps saying that we must not use any other anti-malware and I agree with that in so far as most anti-malware now is written for Vista and that forces it to run as a service all the time on XP thus causing potential conflict. If I turn off those two extended threat categories, I seldom see a FP. There is also the hassle that Avira makes it for one to add the FP's to exclusions. I really hope that in the next big upgrade that Avira will have fixed this situation. Plus, there is no way presently to turn on Application and SPR just for the on demand scanner. That is what I would like to be able to do.

 

Thanx Mele. I just recently re-installed AntiVir but haven't had much time to check differences from last summer. I've been busy with setting-up the latest "flavor-of-the-day" app. No FP in 3 weeks of Avira and they definitely improved the update-issues. *****

 

Proof of my point at post 67. This is the Latest Virus info from Avira http://www.avira.com/en/threats/section/details/id_vir/4008/tr_dldr.agent.bky.html
Every other vendor categorized it as worm or win32 virus, do a search on fujack and you will se it's a very popular Chinese file infector with trojan download capability. Avira will probably flag your infected exe file as trojan and delete (repair always grey out, tested on multiple fujack variants which avira flag as trojans), but most of other vendor will let you repair the file and clean the viral code. Why is it so difficult for avira to categorize malware into proper categories Must be the problem with their automated virus sample process systems.... BTW I sent email to support@avira.com on 5th Nov to query about this mis-categrazation, but no reply untill today. Makes you wonder, doesn't it?

 

No offense, but most may say that. But I only know of 2 that will actually do it correctly.

 

This also has nothing to do with how AntiVir does in the comparatives...

 

yup, but at least those ones are putting the malware into the correct category and trying to disinfect those file, and that's the point I was trying to make. From my personal experience, Dr.web is very good in disinfecting exe files infected by fujack and viking, unfourtunately the other one also from Russia started with "K" is not very good in doing so, most of the time the exe is either deleted although detected as win32.xxx, or it's disinfected incorrectly and will no longer work afterwards.

 

I am just responding to those replies regarding the difference between avira's detection rates and cleaning rate.