Avira

Discussion in 'other anti-virus software' started by JerryM, Apr 16, 2013.

  1. Forever

    Forever Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    54
    It finds NOTHING if I do that. I wanted to test if the Cloud is working.

    If I do that and the file is, for example, undetected, nothing happens. You could open and infect the system.

    If you send the undetected file or the unknown file into the qurantine and scan the file INTO the qurantine again, the APC catches it.
     
  2. aaa839

    aaa839 Registered Member

    Joined:
    Oct 11, 2012
    Posts:
    253
    Location:
    Hong Kong
    No,that not stupid
    this could quickly review the files is infected or not(in the current APC frameworks Limits)
    before this change,sometime novices users will restore the suspected infected files from the quarantine if the local engine cannot find the virus
    This has been confirm as a change in one of the update(not sure which one)
    Remember APC also have the realtime monitoring but it require you to execute it for the APC popup windows otherwise APC will not happen(It will not monitor your files in realtime until you execute it)
    But there still have some handling fail for the APC takeover control of the files
     
    Last edited: Oct 22, 2014
  3. Forever

    Forever Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    54
    There is no APC window which popups if I run the Malware as I said. So if a "novice" user is not doing that, he can easily be infected by Malware because, as I said, there is no popup.
     
  4. aaa839

    aaa839 Registered Member

    Joined:
    Oct 11, 2012
    Posts:
    253
    Location:
    Hong Kong
    Like i said the problem is the limits of current frameworks of APC
    APC use the handling but if the handle is more than ten second which is limit by Windows Kernel(windows kernel limits which cannot be change)
    Windows Kernel will take over the handling...
    APC current not fast enough by this limits,
    the next update will be major of the APC
    (i don't decide to told what is that)
     
  5. Forever

    Forever Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    54
  6. aaa839

    aaa839 Registered Member

    Joined:
    Oct 11, 2012
    Posts:
    253
    Location:
    Hong Kong
    Until now APC only work on these method
    1.Quick system scan profiles
    2.Execution any files which is real exe or the same type of files which monitoring by Realtime Protection
    3.Perform Files Scan in
    Quarantine
     
  7. Forever

    Forever Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    54
    2.Execution any files which is real exe or the same type of files which monitoring by Realtime Protection

    I did run these files. No popup. Even if I right click scan it. So?
     
  8. aaa839

    aaa839 Registered Member

    Joined:
    Oct 11, 2012
    Posts:
    253
    Location:
    Hong Kong
    the problem is the second method sometime will fail....
    right click scan cannot carry out the APC

    Last stime stefan k. has been find you for future information
    try to reply him personal,maybe he could answer something with you
     
  9. Forever

    Forever Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    54
    This is a huge security problem, wtf.

    Even if I SCAN them on my DESKTOP nothing happens.
     
  10. aaa839

    aaa839 Registered Member

    Joined:
    Oct 11, 2012
    Posts:
    253
    Location:
    Hong Kong
    Rightclick scan no APC
    Last time Stefan k. has been find you for future information
    try to reply him personal,maybe he could answer something with you
     
  11. Forever

    Forever Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    54
    Who is Stefan k.?

    I hope he can explain whats going on ^^
     
  12. zfactor

    zfactor Registered Member

    Joined:
    Mar 10, 2005
    Posts:
    6,103
    Location:
    on my zx10-r
    stephan in on the team who develops avira. my question is during install did you do custom and select "manually submit files to cloud" or did you leave that unchecked?
     
  13. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
  14. Forever

    Forever Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    54
    I installed the oe. I manually checked submit files but never get the popup except when I moved these files into quarantine and scanned them in the quarantine again. Why?

    I hope he sees this and can help us all. This is really odd. Less detection = bad
     
  15. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    6,788
    Installation and uninstallation > Installing Antivirus Pro > Sending suspicious files to the Avira Protection Cloud:

    If you have decided to take part in the Avira Community, you can choose to manually confirm the upload each time a file is to be sent to the Avira Malware Research Center.

    For Antivirus Pro to ask for confirmation each time, enable the option "Confirm manually when sending suspicious files to Avira."
     
  16. zfactor

    zfactor Registered Member

    Joined:
    Mar 10, 2005
    Posts:
    6,103
    Location:
    on my zx10-r
    ill test it here in a bit but im wondering if thats why you have to manually submit the files this way. i may be totally wrong im not at my desk right now i will test in the next few hours to see for sure.
     
  17. Stefan Kurtzhals

    Stefan Kurtzhals AV Expert

    Joined:
    Sep 30, 2003
    Posts:
    702
    Simply just executing a file won't trigger APC.

    The cloud scan triggers except the quarantine were designed to only trigger if there are enough suspicious conditions met.
     
  18. Forever

    Forever Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    54
    And why does it trigger when I upload it into the qurantine? One image shows a "TR", not a APC warning. What is the point in detecting it in the quarantine and not in on the desktop?
     
  19. garrett76

    garrett76 Registered Member

    Joined:
    Mar 18, 2014
    Posts:
    221
    So not all unknown files, just files which meet suspicious conditions are checked in the cloud?
     
  20. Stefan Kurtzhals

    Stefan Kurtzhals AV Expert

    Joined:
    Sep 30, 2003
    Posts:
    702
    First, APC detections don't start with APC/, they have "(Cloud)" added to the regular detection name.
    Second, the APC forced scan for quarantined files is because the conditions that normally trigger a cloud scan are dynamic and we don't want to store all that information in the quarantine.

    Yes, that is the goal - to minimize the checks & uploads to APC while maintaining maximum user protection.
     
  21. Forever

    Forever Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    54
    So what does this mean then. TR/RedCap

    http://imgur.com/a/HvYkv#1

    This file is obviously infected. Anyway, I'd like a feature which enables Avira to scan all unknown files in the cloud. That would increase security by a lot
     
  22. Stefan Kurtzhals

    Stefan Kurtzhals AV Expert

    Joined:
    Sep 30, 2003
    Posts:
    702
    TR/RedCap is a sort of beta detection, we use this name to mark files as malware in APC until the Vlab processed the file fully. The detection name then gets renamed.
     
  23. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    6,788
    TR/RedCap
    TR=> Type: Trojan
     
  24. Forever

    Forever Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    54
    Avira would be great with increased Cloud scan of the whole camputer and the proactive features Qihoo provides :eek:
     
  25. drhu22

    drhu22 Registered Member

    Joined:
    Aug 21, 2010
    Posts:
    517
    I keep getting a program update offer since oct18 when I installed Avira Personal. I havent accepted yet, wondering if it is related to the dreaded Launcher which so far hasnt shown up at all. Should I be seeing it in this version? I did sign up for beta testing... maybe theyre letting me off the hook for that?
    Product version 14.0.7.306 9/24/2014
    Search engine 8.03.24.40 10/22/2014
    Virus definition file 8.11.180.224 10/23/2014
    Control Center 14.00.07.266 9/24/2014
    Config Center 14.00.07.266 9/24/2014
    Luke Filewalker 14.00.07.266 9/24/2014
    Real-Time Protection 14.00.07.220 9/24/2014
    Filter 14.00.06.524 9/24/2014
    Web Protection 14.00.07.306 9/24/2014
    Scheduler 14.00.07.220 9/24/2014
    Updater 14.00.07.266 9/24/2014
    Rootkits Protection 14.00.07.186 9/24/2014
    Local Decider 14.00.07.266 9/24/2014
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.