Avira woes

Discussion in 'other anti-virus software' started by ssj100, Apr 15, 2009.

Thread Status:
Not open for further replies.
  1. ssj100

    ssj100 Guest

    Don't get me wrong, but I am trying to keep Avira on my system. I'll also add that I am incredibly picky and critical about software that doesn't function like I want them to. And to all who have read my previous posts, you'll probably also note that I really hate any, and I mean any, system slow down at any level of using a computer.

    Just a quick question about Avira. Has anyone noticed with Avira guard on:
    "For some reason, Avira makes my system "not" idle and thus C:\WINDOWS\Prefetch\Layout.ini seems to take about 5-6 hours (of supposedly idle time) before "updating/defragmenting". No problems with NOD32 or Comodo Antivirus, where it only takes about 10-15 minutes idle time before Layout.ini updates".

    Also, opening Avira GUI is very fast, but not as fast as opening NOD32 GUI or Comodo GUI. Needs improvement. That's right...it's a very competitive field out there Avira!

    Those are the main complaints for now.

    And before I get bashed on this forum, let me say that Avira Free is one of the best AVs out there! Phew.
     
  2. thathagat

    thathagat Guest

    shades of a v/s b v/s c..........but avira takes the about least time...effort and reources to keep a sys clean and kick malware's.......bu....thats the most imp job of an av...imho..
     
  3. thathagat

    thathagat Guest

    well......i am coming from the viewpoint of an ex kis2009 and bitdefender user ... with bitdefender the only thing idle in my sys was bitdefender...and kis has a tool to clear prefetch..but kis 8.056+ was erratic ever now and then it raised its hands saying databases corrupted........so imho i find avira v9 security suite quite light on sys resources...........but that's my personal view.........no idea about cis......i used nodv4 but it deleted firefox and that was it........so see i hv had many woes........too
     
  4. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    I'll just add that as a hobby malware finder/tester that Avira is way up there with detections but there are way way better security options than any AV can provide.

    Sandboxie, Returnil, Defensewall and Shadow Defender would be the best around.
     
  5. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    agree here,antivirus is a thing of the past:)
     
  6. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    Nope, you are a bit wrong here. The real problem with anti-viruses is misusing. AV marketing people promote their solutions as the first line of anti-malware defense as it were before, but, nowadays, the first line are behavioral-based solutions.
     
  7. nomarjr3

    nomarjr3 Registered Member

    Joined:
    Jul 31, 2007
    Posts:
    502
    Frankly, I'm not impressed with Avira Free's BASIC anti-spyware.

    You'll have to pay to get the FULL anti-spyware protection.

    avast! Home has a better spyware detection rate IMHO, comparable to the paid version.
    And that gives you a better sense of security, since spyware is more rampant than viruses these days.
     
  8. dell boy

    dell boy Registered Member

    Joined:
    Apr 13, 2009
    Posts:
    240
    Location:
    uk, england
    may i ask what you are basing this on? avira free and premium run the same engines for scanning, well done for trying to turn this into a A vs B argument but anyway i dont know how you can say avast home has better than avira free when ALL tests prove that avira free does better, has less fps and scans faster.
     
  9. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Avira. Pretty small resource usage. Pretty simple interface. Pretty good price - free. Pretty good detection rates, depending on who or what you believe. A pretty little umbrella icon ... no, just kidding about the icon.

    Antivirus today, like Avira, being so small on resources, can be employed to help find problems that it can deal with. It is not a cure-all end-all tool. It does one thing (Avira) for me, it finds problems that it knows how. I employ other methods to safeguard myself, but definately have found Avira to pipe up from time to time, just as it should.

    You can throw AV away, not use it, and be fine. You can also keep a light one, knowing what it's job is, and still be fine. I prefer to use it because it is no detriment, even if it is not the swiss-army-knife that so many other tools aspire to be.

    I have not seen, on XP, the problem you describe, with the latest freeware version.

    Sul.
     
  10. siberianwolf

    siberianwolf Registered Member

    Joined:
    Feb 15, 2009
    Posts:
    516
    +1 :thumb: :thumb: :thumb:
     
  11. Arup

    Arup Guest

    Much as I like Avast, in every tests done, Avast doesn't come close to Avira's detection, be it spyware or malware and I mean this for free Avira.

    The Avira GUI may not be fancy or fast but heck, as an AV it outdetects all including paid ones and that to me is the only criteria for a AV and nothing else.
     
  12. DOSawaits

    DOSawaits Registered Member

    Joined:
    Dec 11, 2008
    Posts:
    415
    Location:
    Belgium
    Yeah Avira indeed detects quite a lot, especially unharmful exe-compressed files which contain no treat at all. Every compressed executable is being flagged as "infected" by Avira Antivir.:rolleyes:
     
  13. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    "every" ? lol.

    I have seen this happen on some. Far from every though. Want to know where it happens most? Game cracks. So funny, when I go to a LAN party sometimes you can hear all these beeps from different computers, mostly when they have no-cd cracks and stuff. Seems they are ok to use, but antiviruses pick them up as bad. I one time went to one, and they were starting Battlefield1942 (that shows how long ago that was), and you heard all these 'beeeep beeeeep' sounds. It was humorous.

    Avira today is much better about fixing false positives that years ago. Even some upx, which is probably what you are talking about, is flagged as bad, but fixed in a few days. Used to be months.

    Sul.
     
  14. Espresso

    Espresso Registered Member

    Joined:
    Aug 1, 2006
    Posts:
    975
    Are you saying that the windows idle defrag feature doesn't kick in until 5-6 hours? How do you know this?
     
  15. Rain_Train

    Rain_Train Registered Member

    Joined:
    Aug 27, 2008
    Posts:
    139
    Have you tried adding the file into AntiVir's Guard exclusion list? And what OS are you using?

    I'll look into this issue, as well -- I use AntiVir Free. Layout.ini is the file that manages the boot optimize feature of Windows, correct? If so, then this would definitely be a huge issue for me, too. One thing I really hate about Vista is how long it takes to boot up, and the fact that I've spent nearly a month trying to find ways to speed it up :mad: .

    Rant aside, I do have a small question of my own: how many times a day should I update AntiVir? I've created a rule that will update it at my computer startup (If anyone is wondering how to do this, set the update frequency to Daily at time 0:00 h, and check "Repeat job if time has expired".) Is this enough (i.e. once a day)?
     
  16. Stefan Kurtzhals

    Stefan Kurtzhals AV Expert

    Joined:
    Sep 30, 2003
    Posts:
    701
    I will check out if there is a problem with Avira affecting the idle behaviour of XP.

    I never understood why people think those kind of tools can replace an AV. They don't detect malware when it is intruding your system. They are perfect cleanup tools after an infection. But then, how you notice the infection?
    What about malware that directly performs its intended malicious actions such as sending out your credit card information as soon it is launched? Yes, on next reboot the malware is gone. Your data was stolen already anyway. The malware was able to run all the time until the reboot. And how does it help against scareware? The users are tricked into willingly installing those programs. No behaviour blocker or sandboxing will help.

    Also, with the past experience of how malware does evolve and adapt, I think it is only a question of time until the malware authors find a way to break out of the sandboxes and bypass the cleanup on reboot. I wouldn't be surprised if this is already the case. Concidering the insane amount of malware that is out there, no one can test those tools against all of them.

    So, as any other security solution, sandboxing apps / restoring systems is not a bullet proof thing.
     
  17. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    For the toughest in the virtualisation arena (hardware virtualisation). allready true, see https://www.wilderssecurity.com/showthread.php?t=239227

    So for software virtualisation only a matter of time (since this should be easier to evade in theory than hardware virtualisation).

    There is some Wilders Member with a Borg quote "All your base are belong to us" :p

    Stefan's remark not a Scifi story, but a fact of life :eek:
     
    Last edited: Apr 17, 2009
  18. Macstorm

    Macstorm Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    2,531
    Location:
    Sneffels volcano
    Neither do I.
     
  19. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    x3 :thumb:
     
  20. Stefan Kurtzhals

    Stefan Kurtzhals AV Expert

    Joined:
    Sep 30, 2003
    Posts:
    701
    I must have been busy writing one of those insane i-detect-all-packed-samples generics. :oops:

    Speaking of which, can someone explain to me why Themida added an option "anti av-detection"? I mean, Themida claims to be a commercial protector, why they would need anti-AV features? If a company adds features to it's products that their customers demand, I *really* have to wonder what kind of "customers" Orens actually has... The funny thing is - in breaking my Themida detection they actually *rise* the false positive ratio on Themida packed programs. Instead of Themida, I will detect it as an unknown cryptor... Great plan, really! NOT! o_O
     
  21. guest

    guest Guest

    hi Stefan,
    can you finished crypter pack dedection?
    (malwaretestlabs test packs)
     
  22. Stefan Kurtzhals

    Stefan Kurtzhals AV Expert

    Joined:
    Sep 30, 2003
    Posts:
    701
    guest, yes - I am just working on finishing the aeheur module for the release today.
     
  23. Arup

    Arup Guest


    I would rather run Avira+LUA and hardware DEP with SRP, a light and better compatible layer of security which should provide the necessary protection.
     
  24. guest

    guest Guest

    i will be happy, if you can say when you released.
    i sent comodo also, they finished but mostly not generic.
    i packed some other malware, comodo cant dedect them.

    is it hard job?
    is generic malware fingerprint generation hard? or packed files dedection?
     
  25. Lucy

    Lucy Registered Member

    Joined:
    Apr 25, 2006
    Posts:
    401
    Location:
    France
    Stefan, you already talk about different techologies, with different means and objectives.
    DW is policy based, and so you can forbid access to some critical areas or files per policy at kernel level.
    Returnil, that I don't really know, is totally different in the concept (virtualizing modifications and then let the possibility to undo them?) and because of this has nothing to do with protection of sensitive data for example.

    I am an intensive user now of policy restrictions and rules. I have your free version of antivir installed on my computer, except the guard, and use it to check all the programs I download.
    For my credit card, I can't access it from LUA, as I modified the ntfs rules. My images and movies can be stolen, or even destroyed, I have a copy on external disk and these are private stuff, that nobody cares in my opinion.
    If a new generation of malware was to appear, able to break through all of this..., well, I am not ready to sacrifice the risk of false positive, the use of cpu, ... to the hypothetical risk of a super malware.

    Security is a process, not a tool.
     
Loading...
Thread Status:
Not open for further replies.