Avira-antiVir newbie

:■■■■ ok.thx

got this error when i was trying to send suspicious file via avira quarantine tab :
sending object failed,
received error message from smtp server
530 5.7.0 must issue STARTTLS command first k21sm12478252waf

anybody got a clue? i’ve sent the file via www.free-av.com btw.
i’ve set the email setting:
expert mode ==>general ==>email, i typed
smtp.gmail.com (smtp server),
ganda.wilianto [ at ] gmail.com (email address)
and so on. but the test email failed, anything wrong?

If your Avira tells you something is suspicious…
quarantine it.

Wait 5 days.

After having updated, browse the file again.

If Avira says it is ok, allow it again.

There’s normally no real need for using the forum at all.

Really not. Believe me?

I WOULD, by the way, REALLY recommend to use the highest heuristics…

If not sure, quarantine instead of deleting.

Avira FREE IS THE BEST. (2 years ago it may have been all about Kaspersky and NOD32)

You don’t need the paid version if you have an AS shield.

But you could AND PROBABLY, if you can afford it, should update to the paid version.
Not for the sake of more security, but for good intention towards cancer children.

Should you? Depends on you and what you can afford. That’s all I have to say about it.

errr, any suggestion for the email setting? i’ve managed to send the file to avira via email (and it’s clean). but i think,sending the file via quarantine tab is easier.

and hoooraayyyy heuristic. maybe it sounds silly, but one of the reasons i use avira-antivir is the heuristic. FP is no problem for me.
hey,anybody can explain in a simple way : what’s the difference between heuristic (avira) & behavioral scanning (like threat fire).

I agree Avira Free is the best of the free antivirus tried it for a week. Like it so much that I upgraded to premium version which has even better detection & disinfection rates than avira free also spyware & superb rootkit detection. They say Avira Premium can give Kaspersky & Nod32 shall we say
[]"A RUN FOR THEIR MONEY"according to the latest test results. But like I said no anti virus is perfect kaspersky & nod32 can detect threats that even Avira Premium missed. (:KWL)

Actually that is all on paper my friend, remember every day a hundred to more than a thousand mallware is being created by people with malicious intent. My point is even those test results are not totally complete due to the fact that it is impossible to have a complete library of mallware. remember
that. Actually I own Avira Premium, I like it very much ( (:CLP). So shall we say 99% percent is what the viruses they found but what about the new & unknown threats they didnt find!!! :THNK. I wouldnt rely that much on test results if I were you. (:WIN)

ya, i still got ST’s HIPS for those unknown malware.

well, i know i can rely on my hammer ;D .

In simplistic terms a heuristic scanner will look within a file structure for similarities with known malware,whereas a behavioural scanner usually executes a file within a sandbox to observe what it does,before allowing or denying it access to the ‘real’ system.

Yes, it can even stop polymorphic viruses & common viruses, But whether it can stop the next generation of mallware called Metamorphic Viruses, that remains to be seen… (:AGY)
Metamorphic Viruses can reprogram itself. Often, it does this by translating its own code into a temporary representation, edit the temporary representation of itself, and then write itself back to normal code again. This procedure is done with the virus itself, and thus also the metamorphic engine itself undergoes changes. This is used by some viruses when they are about to infect new files, and the result is that the “children” will never look like their parents. The computer viruses that use this technique do this in order to avoid the pattern recognition of anti-virus software: the actual algorithm does not change, but everything else might.

Metamorphic code is more effective than polymorphic code. This is because most anti-virus software will try to search for known virus-code even during the execution of the code.

There may be a chance that even HIPS cannot stop metamorphic viruses. (:WIN)

:■■■■ thx andyman35.

(:AGY)curse metamorphic viruses, i’ll buy more hammer ;D

By the way I’ve just noticed that Defense+ can block AntiVir’s famous ad. Just define avnotify.exe as “Isolated Application” and lo, you’ll never see the ad again. I had tried with Spyware Terminator’s HIPS and it did prevent the ad from popping up, but then apparently avnotify.exe executed a “loopback” and a Windows error popup appeared. Defense+ can block this “loopback” unlike ST, and so you will see neither the ad nor any error message.

i’ve tried to blocked avnotify with ST’s HIPS, but then everytime i update my Avira, i got ST HIPS pop up ;D
so i don’t block it anymore.beside, it’s pretty cool, you know, halloween theme, jamesbond (licence to kill malware :smiley: )

Yes yes I never cared about the ad either. I was just pointing how Defense+ is way more powerful (and intelligent) than the very basic one in ST.

Interesting to see that even PG old version 3.410 (late 2006, last official version, not the one “they, whoever they are now” have on their site at the moment, but the version I posted here at the board some weeks ago) is easily able to block the avnotify.exe without any problems (I did a test install right now…) while ST’s HIPS seems to cause problems, as some of you say. Never used ST’s HIPS, so really can’t tell. Obviously ST is a fine proggie for other reasons, but it’s HIPS is certainly not (yet?) first class.

Maybe in a year or so?


i think ST HIPS is just a plain anti-exe. ask you to allow/block unknown executable files.

By the way, defining avnotify.exe as “isolated app” is not the right thing it seems. That lets it be called but then blocks any access, leaving the process floating cluelessly around the task tree (which is funny to watch nonetheless).

Don’t know what you think but CFP 3’s interface is somewhat messy for me at times. What you should do is, in the computer security policy, edit the “all applications” group, click on “access rights”, click the “modify…” button next to the “run as executable” permission, and switch to “blocked applications”. Here’s where you should put any program that you want to prevent from running completely. :wink:

Well, I prefer to combine HIPS and Firewall as separate apps.

Don’t know why. Or, do I?


Was that a rhetorical question? (:LGH)

Well, I can understand MorphOS REBOL, I prefer the same. That is maybe the reason I have some doubts about CFP 3 :-\

Greetz, Red.

Hi andyman

Quote: Was that a rhetorical question?

I really don’t know. Or, do I?