- Apr 13, 2013
- 3,224
Avira Internet Security vs Ransomware
- Thread starter cruelsister
- Start date
It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
Almost too predictable. Not a whole lot of people doing it right in the ransomware game. A lot of companies seem more interested in throwing money away at bloated statistics.
+1
Took me only one random zero day Locky script out of a quite current pack from the HUB to waste Avira Pro (tested 1-1,5 weeks ago). Avira has quite good detections, but it takes them quite long to add signatures for SUDed files (from 2 to 6 hours i had everything).
I really like their detailed reports on submitted files, however, as they clearly advertise Anti-Ransom capabilities in their paid versions, they should really step up their game.
Back to topic: Thank you for another great vid @cruelsister, though I knew what would happen, I really enjoyed the clocklike Sunday vid of yours
P.S. Which ransomware was the 2nd one, looking like a installer? I did not see a wallpaper making it able to identify.
- Nov 19, 2014
- 2,350
Almost correct. They care about ransomware because it's a threat that scares users so it can be used for advertisement. Now why their product sucks at stopping them it's because they are stuck in 2002 with their precious signatures.
- Jan 29, 2015
- 96
Thank you @cruelsister for another impressive video. Compared to the "testers" a result as expected. Your tests are the one to rely on. You should give them a score
- Aug 2, 2015
- 4,286
I feel better and better every day about moving away from sig based protection.
Thanks CrUeL-SiS
Thanks CrUeL-SiS
Sorry, I know Avira is a respectable and reputable security company, but they have joke products and it's been this way for a long time now. I agree with @XIII and @SHvFl (by the way I almost died laughing while reading the part about their "precious" signatures).
They need to step up their game and focus more on the dynamic aspects of malicious software protection, as opposed to keeping their focus directly on static detection methods - such as signature-based detection through checksum signatures - which are getting more and more obsolete everyday through the usage of zero-day packing techniques and even .NET obfuscation methods.
It seems they have an outdated engine and an outdated GUI - by "outdated" I am referring to it not being modern - since modern protection engines these days include really good dynamic heuristics, sandboxing, BB/HIPS protection mechanisms...
I know some people may not like what I am about to say, but I find it lazy and completely ridiculous that they have fallen behind with all the money they make... Many people use Avira, they surely have enough to invest in development of more sophisticated behavioural components. In fact, they don't even need to necessarily invest money, they can just do their own research on malware analysis and apply some basic concepts they should already know to develop at least a basic HIPS engine.
Hopefully Avira see this and take these points on-board, they are wasting too much time focusing on their signatures and their speed-up optimisation software/software launcher (they need to completely ditch the optimisation software and the launcher since it wastes their resources and is starting to ruin their image a bit IMO), when they could be spending more time on what really matters these days.
They need to step up their game and focus more on the dynamic aspects of malicious software protection, as opposed to keeping their focus directly on static detection methods - such as signature-based detection through checksum signatures - which are getting more and more obsolete everyday through the usage of zero-day packing techniques and even .NET obfuscation methods.
It seems they have an outdated engine and an outdated GUI - by "outdated" I am referring to it not being modern - since modern protection engines these days include really good dynamic heuristics, sandboxing, BB/HIPS protection mechanisms...
I know some people may not like what I am about to say, but I find it lazy and completely ridiculous that they have fallen behind with all the money they make... Many people use Avira, they surely have enough to invest in development of more sophisticated behavioural components. In fact, they don't even need to necessarily invest money, they can just do their own research on malware analysis and apply some basic concepts they should already know to develop at least a basic HIPS engine.
Hopefully Avira see this and take these points on-board, they are wasting too much time focusing on their signatures and their speed-up optimisation software/software launcher (they need to completely ditch the optimisation software and the launcher since it wastes their resources and is starting to ruin their image a bit IMO), when they could be spending more time on what really matters these days.
Hello and thanks for a great video,though i thought Avira would make it
for cruelsister, only 360 and comodo may pass against ransomware tests due to comodo autosandbox and 360 semi-HIPSHello and thanks for a great video,though i thought Avira would make it
the rest, she would be able to find a flaw
- Aug 22, 2013
- 884
She is able to find the flaw because the FLAW exists ( which is there to see for every one's eye) and not because she is so adamant to find the flaw.for cruelsister, only 360 and comodo may pass against ransomware tests due to comodo autosandbox and 360 semi-HIPS
the rest, she would be able to find a flaw
I mean the malware samples
360 HIPS is very very sensitive against ransomwares but not as sensive against normal malwares
comodo is unpredictable, ransomwares may bypass
I didn't mean she does not want to find a flaw for those 2 but 360 and comodo did well with her samples
many other AVs don't use default-deny which means it's easier to find ransomware samples that can bypass the products
Last edited:
- Feb 27, 2016
- 118
Qihoo 360 is the antivirus that has done better in these video-tests.
- Jan 17, 2014
- 627
Hello @cruelsister
Next time, please you could show the Avira Protection Cloud (APC) enabled, is an important module currently in Avira, so the request.
Thanks for the video, great as always.
Next time, please you could show the Avira Protection Cloud (APC) enabled, is an important module currently in Avira, so the request.
Thanks for the video, great as always.
- Apr 13, 2013
- 3,224
Felipe- The Cloud is enabled by default. Although it made no difference in the test, the term does sound impressive!
Similar threads
