Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Does AVIRA really works


  • Please log in to reply
11 replies to this topic

#1 Sheva249

Sheva249

  • Banned Spammer
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:36 PM

Posted 02 January 2010 - 03:19 AM

Hi friends,

I am using the personal edition of the avira antivirus. I am facing a problem that if it scanned drive(both usb or hard) once than it won't find any virus in the next scanning rather it is infected or not. Please tell me that it is safe to using avira or not.

i am eagerly waiting for the help.

thanks
Sheva

Edited by garmanma, 02 January 2010 - 01:52 PM.
Removed commercial text


BC AdBot (Login to Remove)

 


#2 garmanma

garmanma

    Computer Masochist


  • Staff Emeritus
  • 27,809 posts
  • OFFLINE
  •  
  • Location:Cleveland, Ohio
  • Local time:09:06 AM

Posted 02 January 2010 - 01:51 PM

I do not quite understand your question, but Avira is a decent AV
Just remember to keep it updated like all AV's
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#3 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:06 AM

Posted 02 January 2010 - 03:17 PM

If it finds a virus during the first scan, it will ask you to quarantine or remove it. So after the first scan, the same virus should not be showing up in other scans.

#4 Sheva249

Sheva249
  • Topic Starter

  • Banned Spammer
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:36 PM

Posted 04 January 2010 - 04:36 AM

My friend has installed the avira in his PC and he still have virus and more interesting thing that those virus are not being detected by my avira yet other AV are detecting them. That's why i am asking this Q.

Edited by Sheva249, 05 January 2010 - 03:02 AM.


#5 Stang777

Stang777

    Just Hoping To Help


  • Members
  • 1,821 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:06 AM

Posted 04 January 2010 - 04:50 AM

What other antivirus programs are detecting them and what are they detecting?

#6 Papakid

Papakid

    Guru at being a Newbie


  • Malware Response Team
  • 6,550 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:06 AM

Posted 04 January 2010 - 02:49 PM

Also you may not have the real thing installed. There are rogue programs out there pretending to be AntiVir or are similarly named--as well as people making money illicitly by selling the free version. Where did you download from? What is the exact name of the product? Please provide a screenshot of the window you see when you open the program.

Read over these tutorials if you are not sure how to make and post a screenshot:

How to make a screen shot in Windows

How To Capture And Edit A Screen Shot

The second gives instructions on how to use Paint so you don't have to downlaod another program like Irfanview. Just be sure to save your image as .jpg because Paint will automatically save as a bitmap, which makes file sizes too large.

AntiVir
is the antivirus/security product produced by the Avira company based in Germany. If you didn't download it from Avira's website or a reputable download site like download.com, softpedia, filehippo, etc., then you can't trust that you don't have a fake or other type or rogue/fraudulent software.

Because your post doesn't sound at all right to me. AntiVir has one of the highest detection rates out there and the complaint against it is that it has a higher number of false positives than other AV's, rather than failure to detect what others do. You either have a rogue or another agenda in posting.

Please further verify that you have a ligitimate copy of AnitVir by providing a log from your most recent scan. If legit I can also see from the report if you need to change some settings.

1. Double-click the AntiVir icon in the System Tray.
2. Click View/Overview/Reports.
3. Double-click the latest Scan report then click Report file.
4. The report will open in Notepad. Please copy the entire contents of that report and paste it into your next reply to this thread.

The fate of all mankind, I see

Is in the hands of fools

--King Crimson


#7 Sheva249

Sheva249
  • Topic Starter

  • Banned Spammer
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:36 PM

Posted 05 January 2010 - 03:28 AM

Thanks for the reply. I have downloaded it from the homepage of Avira. I think i am still unable to explain my problem. my problem is that If Avira is installed in two PC and one of them is infected then second one will not too detect those virus. those virus has created a file named pouzuda and has icon like recycle bin.

#8 Platypus

Platypus

  • Moderator
  • 13,688 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:11:06 PM

Posted 05 January 2010 - 06:34 AM

If it's pozuda, and it sounds like it from the description here:

http://forum.avast.com/index.php?action=pr...e;topic=51132.0

then it seems like a little known thing (hardly any reference on Google), and at the end of November 09 only 8 out of 41 AVs on Virustotal recognised the obscured malena.exe file it uses:

http://www.virustotal.com/analisis/f7bbaed...eb98-1258811962

So if it's that one, it may not be surprising that Avira could still not know of it.

Top 5 things that never get done:

1.


#9 Stang777

Stang777

    Just Hoping To Help


  • Members
  • 1,821 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:06 AM

Posted 05 January 2010 - 06:51 AM

Platypus, I know this is a little off topic so I hope it is ok that I ask this here, as it is in relation to the link you posted above.

On that page for what antivirus programs recognize it, ZoneAlarm is not listed at all and I find that to be the case on a lot of things like that.

Would you happen to know if, because ZoneAlarm uses the Kaspersky scan engine, it is just considered the same as Kaspersky in these type of things?

#10 Platypus

Platypus

  • Moderator
  • 13,688 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:11:06 PM

Posted 05 January 2010 - 07:06 AM

No, I couldn't say for sure but that makes sense to me.

Top 5 things that never get done:

1.


#11 Stang777

Stang777

    Just Hoping To Help


  • Members
  • 1,821 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:06 AM

Posted 05 January 2010 - 07:15 AM

Thank you for answering my question. It makes sense to me too because it seems kind of silly for them to test the same scan engine more than once just because it is marketed under different names.

#12 Papakid

Papakid

    Guru at being a Newbie


  • Malware Response Team
  • 6,550 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:06 AM

Posted 05 January 2010 - 12:12 PM

OK, so it is a Flash Drive infection, so not only is it not surprising that it isn't being detected because it is relatively new, it's not surprising that AntiVir and others may not fix it. That is why there are specialty tools out there like Flash Drive Disinfector. This Flash Drive infection, like many others, creates a fake Recycle Bin folder and AV engines may err on the side of caution and not delete it because it looks legit. There also is apparently encryption involved and it probably uses other techniques that make it very difficult to remove. Malware is very sophisticated now, so it is advisable that you not fall into the trap of thinking that all you have to do is find the best Antivirus and that will guarantees that that every malware will be found and removed. Besides sophistcated techniques to avoid detection and removal, there are way too many malware out there and variations of the same for any one AV to be able to find and remove them all.

One variation of this malware was pretty much removed by Nod32 in a thread on another forum. But that doesn't necesarily mean Nod32 is a better AV. Say you switch to Nod32 because it can clean up this infection. What happens when you get another kind of infection that AntiVir can clean up and Nod32 can't. You get caught in a vicious circle.

The main point is that you should look first at getting this cleaned up and not at assigning blame for not cleaning it. In my opinion, you shouldn't trust any antivirus engine to clean this up completely. Instead use a forum that will use both automatic and manual tools to clean up and, more importantly, verify that all is clean. This is why these forums were created, so that new and hard to remove malware that antivirus and other scanners couldn't find or clean could be dealt with manually and in a public setting so that others could figure out how to do the same. In the end many malware definitions have been provided to AV vendors because of such forums--BC's is here:
http://www.bleepingcomputer.com/forums/f/22/virus-trojan-spyware-and-malware-removal-logs/

You should also try to submit samples of the files you suspect or know to be malware to Avira so they can update their definitions. To do that please visit the following page:
http://analysis.avira.com/samples/index.php

1. Fill out the appropriate information.
2. By File Type, make sure you have Suspicious File selected. In future if you have a suspected false positive to submit, change this to Suspected False Positive.
3. Disable AntiVir Guard.
4. Browse to the file or enter the file path.
5. Click Send then re-enable Guard when the upload is finished.
6. A preliminary report will appear after the upload is over and an email will be sent. The email basically states you will get results of analysis when it is ready.
7. Usually the next day a results email is sent.

If you are dissatisfied with the result or still have questions specific to AntiVir's handling of this malware, start a new topic in their support forum:
http://forum.avira.com/wbb/index.php?page=Indexf8526059

Because you probably have an infected Flash Drive, to prevent this infection from spreading further, please run Flash_Disinfector. This is a special removal tool designed to remove just these types of infections. However, there are now so many of them that the author is no longer keeping it updated, so don't be surprised if the infection itself is not removed. But this tool will inoculate your system from future infections by disabling autorun and writing dummy autorun.inf folders on each partition. You will have to use My Computer/Windows Explorer to access files on your drives, but now at least such infections won't spread. Run on both affected systems, with any Flash Drives you have inserted.

Instructions for using FD can be found in the following post--I suggest you also read the entire thread for some more information: http://www.bleepingcomputer.com/forums/ind...t&p=1483381

Once that is done, please visit the following thread and follow all relevant instructions:
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

Once you have your logs posted, post back here with a link and we will close this thread while you are in the process of getting cleaned up. If you have any questions, feel free to ask them now and before posting your logs--and please don't post logs in this topic.

The fate of all mankind, I see

Is in the hands of fools

--King Crimson





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users