Antivir and AV-Comparatives

Hey guys, I have a question about the FREE vs. Premium/paid versions of Antivir. In this thread at the AV-Comparatives forum, the poster states that rootkits are "othermalware" and keyloggers are in "trojans" in their testing. Now, I know the main difference between the 2 versions of Antivir is the paid version has spyware/adware detection. Does that mean the free version will or will not pick up rootkits and keyloggers as in the AV-Comparatives testing. Because Antivir basically cleaned up in the latest testing! Thanks

One other dumb unrelated question: when creating a hyperlink, most message boards first pop-up a box to enter the complete URL, then another box pops up to type in whatever name you want to give the address (like "this" above). However, this board doesn't do the second pop up box. Is that normal? I just reinstalled my system (after hard drive failure) via True image so every little quirk scares me

 

I posted at the Antivir forum and got a response. Looks like the results from AV-Comparatives are the same for the premium and free versions. Antivir is good stuff!

 

Good, and get ready to get even better.

 

hello,

i am not sure that ibk add rootkit into his testdatabase

 

I am sure, that he not........

 

Only dumb question is one not asked

Yes, that is how it is done here and a lot of other sites (excepting AntiVir Forum, where they want discription first).

Look at the text and you will see a 'highlighted area' and do script there.

 

Do you guys know if Antivir detects any rootkits or keyloggers?

 

There's an Avira antirookit beta out. I'm not sure that rootkits are part of the regular AV's scope...keyloggers probably.

 

keyloggers yes there was a thread about it the other day. it was tested against 5 keyloggers and detected them.

 

There are no holes to poke in this product, not intentionally trying to sound like a cheerleader but they are going about it the way you would want. It will be awhile but I still think this product will rise to follow Eset, which is the leader in heuristic ability.

 

Is Antivir's heuristics really that good? In this test, it was middle of the pack. Or maybe I don't know how to read those results.

 

Guess you better take a look at {This Thread}, just last week and it's on page three back already, pretty active board when AV-Comparitive is released

 

I believe Antivir, (like almost all AV's) does detect some rootkits in real-time before they are running, if it has a signature for them (or by heuristics). But if a rootkit is installed and running on your system it will be invisible to AV's then you would need an anti-rootkit, like avira's beta.

Aigle done a test recently:
https://www.wilderssecurity.com/showthread.php?t=143853

Antivir was one of the best out of the scanners Aigle used at detecting and removing the keyloggers in that sample.

Suggers

 

This post explains why comparing the detection with heuristic enabled and disabled is not a proper way to test the heuristics of an Antivirus.

 

the rootkit module will be included in their security suite, along with anti-spam and, ooops, enough for now. And, it will be light on resources, at least we should know soon.

 

firewall

 

the heristics on antivir is great and if you find a fp you can send it to them and they will update it quickly. i would like to point out virus.gr isnt that reliable. i trust av-comparitives.

 

sorry lodore, but something tells me of late, that false positives are still going to be a problem with this product. As I have seen in testing. Going to bail and go back to the best at the top.

 

well ye but they are removing the fp's when they reported.

 

Well, I have had two False Positives since install of Version 7 in February and I keep the Heuristic Detection Level settings on 'High'.

First was a GTek\GTUpdate\AUpdate\Channels\ch4\HTML\html\index.htm found in one Document Folder and it had been renamed upon detection.

The second detection by Version 7 (C:\WINDOWS\SYSTEM32\Apitrap.dll) had also been found in six other locations and none of them were removed or re-named.

Both of the above were resolved by AVIRA shortly after my submission, however prior to my submission of the second, found that it completely froze the WinXP system,
needing to boot in safe and turn the Guard's HEUR down from High to Medium Detection Level to restore operation.

{Click here to see a Thread on that "freeze" in AntiVir Forum}

 

the main thing is they fixed it and its only two fp's on high heristics

 

things are cool lodore, we just had a lot added at one time. This guys dont fool around with creating software, do they.

 

ideal