giants8058

Level 4
The topic gets muddied because people will say "Emsisoft uses heuristics." You have to qualify what they mean by "Emsisoft uses heuristics."

Emsisoft employs Bitdefender signatures - and the Bitdefender signatures utilize heuristics - but no part of the Emsisoft products proper use heuristics. At least that is how I have understood Fabian's comments about the products over the years. Now whether or not any of that has changed over the years... I don't know. Products can change, but from what I can tell, I don't think Fabian is a fan of heuristics - among a lot of other things.
Saying Fabian can be blunt at times is an understatement haha. He cracks me up at times with some of his posts.

Yeah I hear you. I don't want to start posting parts of the conversation since he was talking to me in confidence , but he said that it is built into the BD engine like you said and is utilized in real time analysis and that it's actually used quite heavily. And at times when the the analysis result isn't conclusive enough, the scanner and File guard query AMNet to verify it's not a FP.
 
Last edited:
5

509322

Saying Fabian can be blunt at times is an understatement haha. He cracks me up at times with some of his posts.
Well... however Fabian's on-line persona comes across, you have to respect a guy who was a highschool drop-out and has made his own way to where he is today. The man is smart and has put in a lot of hard work. At least that is what I remember reading or hearing. Although I can't remember which.

He definitely has a unique perspective because of where he sits.

I think the downside to online posts is that they aren't normal human person-to-person conversations and very apt to be misunderstood.

At the same time Fabian will admit he is not the most patient person, but if people ask he never shies away from educating users.
 
Last edited by a moderator:
  • Like
Reactions: ZeroDay and XhenEd

giants8058

Level 4
Well... however Fabian's on-line persona comes across, you have to respect a guy who was a highschool drop-out and has made his own way to where he is today. The man is smart and has put in a lot of hard work.

He definitely has a unique perspective because of where he sits.

I think the downside to online posts is that they aren't normal human person-to-person conversations and very apt to be misunderstood.

At the same time Fabian will admit he is not the most patient person, but if people ask he never shies away from educating users.
Woah I never knew that about him. He is the epitome of a self made person. That's very impressive.
 
Last edited:
  • Like
Reactions: XhenEd
5

509322

So basicly Avira free is not verry good,
But Avira PRO Actually is thanks to THE cloud ;)
Avira free is a good product. In terms of the scanning and detection, the difference between Avira free and Avira Pro is not statistically significant.
 
  • Like
Reactions: XhenEd

Xsjx

Level 13
Avira free is a good product. In terms of the scanning and detection, the difference between Avira free and Avira Pro is not statistically significant.
THE cloud looks not to be working in free.. And thats Avira Strongest protection layer...
 
  • Like
Reactions: XhenEd

giants8058

Level 4
So basicly Avira free is not one of THE best,
But Avira PRO Actually is thanks to THE cloud ;)
They both use the cloud and I doubt the speculation that it's not fully implemented in the free version. It's stated on their site it utilizes this "groundbreaking technology". Not to mention it's designated in the security alerts when it's used. The cloud picked up the Cerber sample the second time around a couple hours later when I tried it again.
 
  • Like
Reactions: XhenEd
5

509322

Why iT doenst in malware blockers video ?
I don't know. I didn't bother to watch the video. Perhaps there was some non-apparent issue - like networking problems or routing. If the cloud wasn't working as intended, it could be any of a whole range of things that caused it.

Files have to meet certain criteria to be uploaded to the cloud; not every file is uploaded to the cloud.

All I know is that the cloud feature is a part of Avira free and that it works as Avira states.
 
Last edited by a moderator:

Evjl's Rain

Level 43
Verified
Trusted
Content Creator
Malware Hunter
Unless I'm missing it, I don't see where you ran 3409.js. Cloud picks it up now, but it was the Cerber sample it missed earlier.
I ran it in my avira pro review video you can watch it (around 3:15). However, most script didn't run for me. Perhaps, winscribe VPN is the reason why I often have had .js samples not downloading their payloads while they work for other testers

ok now we have the final answer about the efficacy of avira free vs pro

check out these 2 threads
https://malwaretips.com/threads/20-3-2017-17.69781/#post-610601
Video Review - Avira free 2017 - quick test

conclusion:
- Avira pro > avira free. Why? because all of the tested samples were blocked by avira pro cloud in the first post while avira free didn't block them in the video in the second post

they may implement something under the hood so more suspicious files in the pro version will be uploaded to avira cloud. Avira lacks this module (according to them: improved behavior detection) so less files are uploaded to cloud => reduces the effectiveness
 
Last edited by a moderator:

giants8058

Level 4
I ran it in my avira pro review video you can watch it (around 3:15). However, most script didn't run for me. Perhaps, winscribe VPN is the reason why I often have had .js samples not downloading their payloads while they work for other testers

ok now we have the final answer about the efficacy of avira free vs pro

check out these 2 threads
https://malwaretips.com/threads/20-3-2017-17.69781/#post-610601
Video Review - Avira free 2017 - quick test

conclusion:
- Avira pro > avira free. Why? because all of the tested samples were blocked by avira pro cloud in the first post while avira free didn't block them in the video in the second post

they may implement something under the hood so more suspicious files in the pro version will be uploaded to avira cloud. Avira lacks this module (according to them: improved behavior detection) so less files are uploaded to cloud => reduces the effectiveness
As Lockdown stated in the second video thread:
The only way to reliably test for comparison is to test Avira free and Pro side-by-side at the very same time using the very same files. That would take two separate systems and testing performed on each product simultaneously.
This is exactly what would have to been done to compare the cloud capabilities of both. Tests run hours apart can make a difference. As well as other factors as stated above. If after testing in this manner you still get the same results, then I would recommend reaching out to Avira support and bring the case to them and see what they have to say. It is stated on their site that they both use the exact same cloud capabilities but if they don't, then that would be a serious case of false advertising and give users a false sense of security. And I don't see why they would do that since their free user base contributes a lot to the cloud detection of others. Are the heuristics detection levels the same or are they more aggressive in Pro which could trigger more cloud lookups. I don't know since I only have the free version setup on my testing system.
 
Last edited:

Evjl's Rain

Level 43
Verified
Trusted
Content Creator
Malware Hunter
As Lockdown stated in the second video thread:


This is exactly what would have to been done to compare the cloud capabilities of both. Tests run hours apart can make a difference. As well as other factors as stated above. If after testing in this manner you still get the same results, then I would recommend reaching out to Avira support and bring the case to them and see what they have to say. It is stated on their site that they both use the exact same cloud capabilities but if it doesn't then that would be a serious case of false advertising and give users a false sense of security. And I don't see why they would do that since their free user base contributes a lot to the cloud detection of others. Are the heuristics detection levels the same or are they more aggressive in Pro which could trigger more cloud lookups. I don't know since I only have the free version setup on my testing system.
I completely removed avira from my testing VM as even the pro version did not impress me
I'm not able to do that kind of test due to some technical reasons
I don't want to discuss with avira because I'm not their user and I don't care about their products

I just tried by best to answer some controversial topics that users discuss over MT

from 4 tests I have seen: 2 from me, 1 from Malware Blocker and 1 from you. I have the answer myself. I tested avira pro half a day prior to avira free and the free version did not pick up the samples that were blocked straight away by the pro version. Also you posted your result for avira free with the same malware pack at about the same time as my avira pro video and hub test. It blocked the samples that were missed by your avira free result
by the way, I used the same samples that bypassed avira free to test another product and I can confirm that they worked

Avira free failed in 4 tests mentioned above
Avira pro, let's say passed 2 of my tests although 1 or 2 non-ransomware samples bypassed but nothing was encrypted
 

giants8058

Level 4
I completely removed avira from my testing VM as even the pro version did not impress me
I'm not able to do that kind of test due to some technical reasons
I don't want to discuss with avira because I'm not their user and I don't care about their products

I just tried by best to answer some controversial topics that users discuss over MT

from 4 tests I have seen: 2 from me, 1 from Malware Blocker and 1 from you. I have the answer myself. I tested avira pro half a day prior to avira free and the free version did not pick up the samples that were blocked straight away by the pro version. Also you posted your result for avira free with the same malware pack at about the same time as my avira pro video and hub test. It blocked the samples that were missed by your avira free result
by the way, I used the same samples that bypassed avira free to test another product and I can confirm that they worked

Avira free failed in 4 tests mentioned above
Avira pro, let's say passed 2 of my tests although 1 or 2 non-ransomware samples bypassed but nothing was encrypted
Haha, I feel you. I don't care enough to get to the bottom of it either since I don't use their products other than the Chrome Browser Safety extension. It may sound silly, but did you reboot after installing the free version before testing? I came across an issue with a different manufacturer that it showed all components were enabled but one wasn't and needed to be rebooted to actually enable everything behind the scenes.
 

Evjl's Rain

Level 43
Verified
Trusted
Content Creator
Malware Hunter
Haha, I feel you. I don't care enough to get to the bottom of it either since I don't use their products other than the Chrome Browser Safety extension. It may sound silly, but did you reboot after installing the free version before testing? I came across an issue with a different manufacturer that it showed all components were enabled but one wasn't and needed to be rebooted to actually enable everything behind the scenes.
yes of course I did cuz if I didn't reboot, windows firewall feature wouldn't work and the umbrella tray icon wouldn't open so the test wouldn't be valid
I rebooted after the installation

I also use avira browser safety. Avira pro web protection didn't block anything in all of my tests but the chrome extension did block something

Everyone should take my tests as a grain of salt and assumes avira pro is better than free until a pro tester or avira themselves can verify it
 
  • Like
Reactions: Xsjx