Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
Avira Free Security 2021
Message
<blockquote data-quote="SeriousHoax" data-source="post: 971130" data-attributes="member: 78686"><p>1) I tested Avira Free against a MBR destroyer. Avira already had an offline signature for it, but for some reason didn't detect the file itself before or after execution. But stopped two exe files that the malware spawned. Malware couldn't write to MBR but still managed to damage the system somehow as the system became unresponsive. Restaring the system didn't fix it either. This was a weird behavior.</p><p></p><p>2) Avira is not so good at malware removal. Looks like it can't delete malware associated scheduled task and registry entries. At least its real time protection can't. Either it doesn't have a correlation engine, or what it has is very weak and basic, like the other two products I'm about to mention below. </p><p></p><p>I tested some AV product's removal ability on an already infected system. I infected the system with a SmokeLoader malware. The malware created an entry in the roaming folder, created a scheduled task and a couple of registry entries associated with it, and was calling home to a malicious domain via explorer.exe.</p><p></p><p>Avira, ESET, F-Secure only detected the infected file in the roaming folder when I tried to access it but didn't remove the scheduled task and registry entries associated with it. ESET and F-Secure (and BD, Avast, K) were able to detect and block the malicious connection made via explorer.exe as both products have system-wide web protection which Avira doesn't (F-Secure can't detect HTTPS connection outside the browser, only HTTP). Since they couldn't delete the malware properly, the malware kept coming back.</p><p>Kaspersky, Microsoft Defender, Avast/AVG, Bitdefender, Norton were able to remove the malware related scheduled task. Microsoft Defender and Kaspersky also removed two additional registry entries connected to the malware. Maybe Avast, Bitdefender and Norton did too, but I forgot to check. Removing the scheduled task was enough to get rid of the malware persistency (I'm not a malware analyst BTW, so I could be wrong about this).</p><p>Avira is light and it's pretty good. Lighter than F-Secure in system impact and ram usage, since it doesn't have anything like DeepGuard. Malware prevention is the key so malware removal isn't prioritized nowadays in home products. But if you use such an AV, then keep a capable seconds opinion scanner like Kaspersky Virus Removal Tool (The best) just in case. Specially if someone else like kids use your PC.</p></blockquote><p></p>
[QUOTE="SeriousHoax, post: 971130, member: 78686"] 1) I tested Avira Free against a MBR destroyer. Avira already had an offline signature for it, but for some reason didn't detect the file itself before or after execution. But stopped two exe files that the malware spawned. Malware couldn't write to MBR but still managed to damage the system somehow as the system became unresponsive. Restaring the system didn't fix it either. This was a weird behavior. 2) Avira is not so good at malware removal. Looks like it can't delete malware associated scheduled task and registry entries. At least its real time protection can't. Either it doesn't have a correlation engine, or what it has is very weak and basic, like the other two products I'm about to mention below. I tested some AV product's removal ability on an already infected system. I infected the system with a SmokeLoader malware. The malware created an entry in the roaming folder, created a scheduled task and a couple of registry entries associated with it, and was calling home to a malicious domain via explorer.exe. Avira, ESET, F-Secure only detected the infected file in the roaming folder when I tried to access it but didn't remove the scheduled task and registry entries associated with it. ESET and F-Secure (and BD, Avast, K) were able to detect and block the malicious connection made via explorer.exe as both products have system-wide web protection which Avira doesn't (F-Secure can't detect HTTPS connection outside the browser, only HTTP). Since they couldn't delete the malware properly, the malware kept coming back. Kaspersky, Microsoft Defender, Avast/AVG, Bitdefender, Norton were able to remove the malware related scheduled task. Microsoft Defender and Kaspersky also removed two additional registry entries connected to the malware. Maybe Avast, Bitdefender and Norton did too, but I forgot to check. Removing the scheduled task was enough to get rid of the malware persistency (I'm not a malware analyst BTW, so I could be wrong about this). Avira is light and it's pretty good. Lighter than F-Secure in system impact and ram usage, since it doesn't have anything like DeepGuard. Malware prevention is the key so malware removal isn't prioritized nowadays in home products. But if you use such an AV, then keep a capable seconds opinion scanner like Kaspersky Virus Removal Tool (The best) just in case. Specially if someone else like kids use your PC. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
