Malware Hub Report Avira ISS - October 2019 Report

Disclaimer

  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

harlan4096

harlan4096

Super Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Forum Veteran
Apr 28, 2015
9,386
1
84,789
8,389
Avira ISS - October 2019 Report
Due to the small number of samples used in this tests, you should take results with a grain of salt. We encourage you to compare these results with others and take informed decisions on what security products to use.
Click to expand...
__

C: Clean / P: Protected / P - NC: Protected - Not Clean / I: Infected / E: Encrypted

* Dynamic BB Bonus Test (Resident Protection Disabled)
* Partially Blocked
* BSR: Before System Reboot
* ASR: After System Reboot


October
2019		Samples
Pack		Static
Detection		Dynamic
Detection		Total
Detection		System Files
Encrypted		2nd Opinion
Scanners		System
Final Status		Thread
Link
* DEFAULT
SETTINGS:
08/10/2019​
22​
13 / 22​
4 / 9​
17 / 22​
No​
C
P
09/10/2019​
18​
11 / 18​
0 / 7​
11 / 18​
No​
C: WV ZAM3 NPE
I: HMP
BSR: I
ASR: P - NC
10/10/2019​
1​
1 / 1​
0 / 1*
1 / 1
0 / 1*
No​
C
N/A*
C
I*
11/10/2019​
15​
8 / 15​
4 / 7​
12 / 15​
No​
C
P
14/10/2019​
23​
14 / 23​
2 + 1* / 9​
16 + 1* / 23​
Yes (42)
C: NPE ZAM3
I: WV MWB3 EEK
HMP: NC
BSR: E + I
ASR: E + I
14/10/2019​
2​
2 / 2​
N/A​
2 / 2​
No​
C
C
15/10/2019​
1​
1 / 1​
N/A​
1 / 1​
No​
C
C
16/10/2019​
1​
1 / 1​
N/A​
1 / 1​
No​
C
C
16/10/2019​
20​
11 / 20​
4 + 1* / 9​
15 + 1* / 20​
No​
C: ZAM3
I: HMP WV EEK NPE
BSR: I
ASR: I
17//10/2019​
1​
1 / 1​
N/A​
1 / 1​
No​
C
C
17/10/2019​
17​
9 / 17​
1 + 1* / 8​
10 + 1* / 17​
No​
C: ZAM3 HMP
I: WV NPE
BSR: I
ASR: I
19/10/2019​
1​
1 / 1​
N/A​
1 / 1​
No​
C
C
 
Last edited:
  • Like
  • Thanks
  • +Reputation
Reactions: dark_wielder, amir 957, Mercenary and 12 others
Hi guys, after some tests, some comments:

1.- Avira ISS is extremely slow repairing/moving to quarantine the extracted (not running) samples in a folder :sick: Luke Filwalker is a pain :sleep:

2.- They changed/updated the main GUI, but still Settings for Avira Pro are the same old looking as always, also both are slow, don't know if because working inside a VM :unsure: :emoji_thinking:

3.- In every on demand test, Avira ISS only detects exe files... it can't detect other types or files such as jar, scripts or Office documents... on dynamic it can only detects the payload spawned by those, which usually are exe files...

4.- I will not perform Behaviour Bonus Tests with Avira ISS, since it seems disabling Resident Protection will cancel any protection, Avira BB if is there, is not triggered... I performed a few BB Bonus Tests and in all Avira ISS failed irrepressibly, even having the Anti-Ransomware module On...
 
  • Like
  • +Reputation
  • Thanks
Reactions: bayasdev, amir 957, Venustus and 6 others
I have the exact feeling about avira
there is almost no protection against scripts besides signatures
luke filewalker is a pain

there is zero offline behavioral blocker. Everything is on the cloud (similarly to WD, at least WD has a very basic/weak offline BB)
 
  • Like
  • Thanks
Reactions: bayasdev, Venustus, vaccineboy and 7 others

You may also like...