- Feb 21, 2017
- 613
So my qeustion is Has anyone experience for Avira vs Ransomware?
Please provide comments and solutions that are helpful to the author of this topic.
But avira claims they have Heuristics zero day:Unless Avira has a signature for the ransomware it's not a good choice at all. You could combine Abira with VoodooShield, or Comodo firewall or any other app that's solid against zero day malware.
I think CruelSister did a Video, or someone did one Avira vs ransomware and it failed hard.But avira claims they have Heuristics zero day:
with Avira blocks 1 million+ ransomware attempts every month, averting damages of over 600€ per attack. We accomplish this via our unique heuristic technology, which stops ransomware before it can do you any harm.
I have seen that too but this is an update wich is like a few weeks old i think ( New Avira 2017 Edition ) and this is )I think CruelSister did a Video, or someone did one Avira vs ransomware and it failed hard.
They are almost certainly referring to static heuristics, I've barely seen Avira protect the system through dynamic mechanisms regardless of any dynamic components they may or may not even have implemented into the product.But avira claims they have Heuristics zero day:
with Avira blocks 1 million+ ransomware attempts every month, averting damages of over 600€ per attack. We accomplish this via our unique heuristic technology, which stops ransomware before it can do you any harm.
I agree, theoretically it would be possible to see the imports, even with obfuscated code but if the code is sophisticated enough it is a problem.However, malware authors can bypass this detection very easily through obfuscation/packing... Therefore, unless they obtain the sample to make a new signature or the malware uses a packer which they are sufficiently able to unpack in real-time, then it won't be detected.
Use dynamic importing:I agree, theoretically it would be possible to see the imports, even with obfuscated code but if the code is sophisticated enough it is a problem.
#include <windows.h>
#include <winternl.h>
#include <iostream>
using namespace std;
typedef NTSTATUS(NTAPI *def_NtTerminateProcess)(HANDLE ProcessHandle, NTSTATUS ExitStatus);
int main()
{
FARPROC targetaddr = GetProcAddress(LoadLibraryA("ntdll.dll"), "NtTerminateProcess");
def_NtTerminateProcess NtHandle = (def_NtTerminateProcess)targetaddr;
// NtHandle(..., ...);
getchar();
return EXIT_STATUS;
}
Ok so can u tell me any program to work with avira for better zero day protection?They are almost certainly referring to static heuristics, I've barely seen Avira protect the system through dynamic mechanisms regardless of any dynamic components they may or may not even have implemented into the product.
Static heuristics is identification before it is executed through the characteristics of the portable executable, or through generic signatures (different to check-sum, it's like detecting patterns of malicious code through the bytes/HEX of the PE).
However, malware authors can bypass this detection very easily through obfuscation/packing... Therefore, unless they obtain the sample to make a new signature or the malware uses a packer which they are sufficiently able to unpack in real-time, then it won't be detected.
I agree with @ZeroDay
Only just seen this, never saw the alert...Ok so can u tell me any program to work with avira for better zero day protection?
the best free antiransomware tool is CheckMAL appcheckOk so can u tell me any program to work with avira for better zero day protection?
Only just seen this, never saw the alert...
You can try using an external anti-ransomware product alongside Avira as long as it's compatible and works well, you'll have to do testing:
Kaspersky Anti-Ransomware Tool for Business
https://www.cybereason.com/tag/anti-ransomware/
Introducing the Malwarebytes Anti-Ransomware Beta - Malwarebytes Labs
Anti Ransomware Tool
the best free antiransomware tool is CheckMAL appcheck
this is the order: appcheck >> kaspersky antiransomware = malwarebytes > cyberreason ransomfree >>>>>>>> bitdefender antiransomware tool.
BD is an absolutely useless tool. it blocked nothing in my test although I picked the samples which they claimed to protect against
@Dani Santos released version 7 recently, don't know anything about Behaviour shield, but you can run alongside Avira with no issues.Hey, how good is Avira in combination with Xvirus for behavior shiekd?
Okay thx but do u have another advice to run alongside Avira ?@Dani Santos released version 7 recently, don't know anything about Behaviour shield, but you can run alongside Avira with no issues.
Update - Xvirus Anti-Malware 7
I can't agree more. Avira is good against malware until has signatures for them (which are really good though) and the cloud doesn't fail. You should use avira combined with VodoooShield free (simple to use and needs no tweaking, but it actually can't be tweaked in the free version) or Comodo firewall (needs tweaking for maximum protection). I like avira on Windows 7 systems. I don't like programs which are focused only on ransomware (mentioned above), because VoodooShield and Comodo are good against all kind of threats, and we can't install one program focused only on every kind of single threatUnless Avira has a signature for the ransomware it's not a good choice at all. You could combine Abira with VoodooShield, or Comodo firewall or any other app that's solid against zero day malware.
I can't agree more. Avira is good against malware until has signatures for them (which are really good though) and the cloud doesn't fail. You should use avira combined with VodoooShield free (simple to use and needs no tweaking, but it actually can't be tweaked in the free version) or Comodo firewall (needs tweaking for maximum protection). I like avira on Windows 7 systems. I don't like programs which are focused only on ransomware (mentioned above), because VoodooShield and Comodo are good against all kind of threats, and we can't install one program focused only on every kind of single threat
In my opinion, you don't even need a paid AV if you use Voodooshield or Comodo. I would use free productsHey! So basicly if i add voodooshield i will be safe with Avira total security?