Avira: Poor Self Protection

Discussion in 'other anti-virus software' started by sg09, Mar 29, 2011.

Thread Status:
Not open for further replies.
  1. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    Today I was handling an age old PC with XP sp2. It did not have any AV protection at all. After upgrading flash, shockwave and Java, I installed Avira Personal in it. After updating I started a scan. During the scan it detected conficker and started repairing. It did a reboot and guess what after the reboot windows didn't boot untill I selected the last known good configuration. On boot-up I found that the malware destroyed the real-time guard of Avira.....:mad:

    This is not the first time I have found this with Avira. Basically this is why I lost my faith on Avira. But I thought it must have been improved in v10...:gack:
     
  2. johnyjohn

    johnyjohn Registered Member

    Joined:
    Jan 2, 2010
    Posts:
    126
    Hi,

    Did you enable "enhanced process protection" ?
     
  3. Dundertaker

    Dundertaker Registered Member

    Joined:
    Oct 17, 2009
    Posts:
    385
    Location:
    Land of the Mer Lion
    Huho_O ...I disagree there. I tinker with the configuration of Avira and am applying a saved config from a backup file of the AVWIN.ini.

    If it's enabled youll get a pop-up from Avira upon tinkering it. I know that it's "on" by default right...?(correct me on this please..)
     
    Last edited: Mar 29, 2011
  4. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    Was that the default option? If not that's bad ...:doubt: enabling this will do any good now?
     
  5. johnyjohn

    johnyjohn Registered Member

    Joined:
    Jan 2, 2010
    Posts:
    126
    Hi,

    If this option is enabled, all AntiVir processes are protected with advanced options from unwanted termination. Advanced process protection requires considerably more computer resources than simple process protection . That is why the option is disabled as the default setting. To enable this option, you have to restart your computer.
     
  6. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Try its Rescue System (Boot Disc)
     
  7. onigen

    onigen Registered Member

    Joined:
    Oct 26, 2009
    Posts:
    29
    Installing any AV on a seriously infected system won't work.

    You need to use a live cd / portable program.
    Otherwise it's reformat time.
     
    Last edited: Mar 29, 2011
  8. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    I haven't found this a very infected system on first glance. It looked very normal.:eek:
     
  9. nosirrah

    nosirrah Malware Fighter

    Joined:
    Aug 25, 2006
    Posts:
    561
    Location:
    Cummington MA USA
    Install any AV, reboot and select last known good. Your AV will be dead as the last good boot did not have any of those services and drivers installed.

    http://www.microsoft.com/resources/...l/proddocs/en-us/boot_last_good.mspx?mfr=true

    When you choose Last Known Good Configuration, only the information in registry key HKLM\System\CurrentControlSet is restored. Any changes you have made in other registry keys remain.

    HKLM\System\CurrentControlSet <- your services and drivers are installed there so you need to reboot at least once successfully to get them to survive a last known good boot.
     
  10. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    Ohh!! I see...:eek: So, its not Avira's fault...:argh:
     
  11. tk55

    tk55 Registered Member

    Joined:
    Apr 18, 2009
    Posts:
    63
    i don't think avira "personal" free version has this option. i couldn't find it in mine.
     
  12. johnyjohn

    johnyjohn Registered Member

    Joined:
    Jan 2, 2010
    Posts:
    126
    All AntiVir versions has this option under Configuration -> General -> Security -> the option is called in fact "Advanced password protection" instead of "advanced process protection". It was wrongly translated...
     
  13. tk55

    tk55 Registered Member

    Joined:
    Apr 18, 2009
    Posts:
    63
    edit: thanks. finally found it. have to enable expert mode to see it :)
     
    Last edited: Mar 30, 2011
  14. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    So Avira Free has password protection? As in you need to enter a password to disable it or modify settings?
     
  15. johnyjohn

    johnyjohn Registered Member

    Joined:
    Jan 2, 2010
    Posts:
    126
    Hi J_L,

    No, password protection is only for Premium and Premium Security Suite (in General -> Password).
    What I told can be found in General -> Security : the right translation is Advanced process protection and not Advanced password protection.
    These are 2 different things.
     
  16. zfactor

    zfactor Registered Member

    Joined:
    Mar 10, 2005
    Posts:
    6,012
    Location:
    on my zx10-r
    exactly what i was thinking when i read the op's post. if you restored it to a previous config or restore point avira was not there so it will not work right.
     
Loading...
Thread Status:
Not open for further replies.