Avira Protection Cloud: Cloud-based Antivirus Software
Avira, the company best known for its Free Antivirus program, has just made available a technical preview of Avira Protection Cloud, a new cloud-based antivirus solution that is leveraging the cloud and swarm technologies. It is not clear at this point in time if the technology will make their way into existing Avira products, or if it will be available as a standalone product. In the latter case it would be similar to Panda's Cloud Antivirus offering.
The program creates a list of locations that are frequently targeted by malware including running processes, start-up items and Windows services. It then creates a digital fingerprint of each file and submits the generated hash to the cloud where it is then looked-up and classified as clean, malware or unknown.
Clean files are listed in green in the program window and highlighted as clean in the category column as well. The program uploads unknown files to Avira automatically where they are scanned using the latest version of the company's antivirus engine before the result is returned to the user PC.
Note: There is no option to disable the upload functionality or make the program display an upload prompt instead. Only executable files, e.g. .exe or .dll are uploaded to the cloud though.
Avira Protection Cloud creates a log file in the program directory that you can access to review the program's findings after it has been closed.
The advantages of this method are that the program consumes little system resources and is not as taxing to the PC as conventional antivirus solutions during scans. The cloud also ensures that virus definitions and digital fingerprints are always up to date.
The downsides are that an Internet connection is required to submit the file hashes to the cloud, and that some files may need to be uploaded to the Internet with no option to prevent that from happening. Probably the biggest downside is the dependency on the cloud servers as the program becomes useless if they are down or unreachable.
The antivirus solution runs on all versions of the Windows operating system from Windows XP SP3 on, and requires the Microsoft .NET Framework 4.0 and the Microsoft Visual C++ 2010 Redistributable Package.
Closing Words
It is likely that Avira will improve the technology over time to make the program more comfortable to work with. This should include a much needed option to block automatic uploads. It will be interesting to see if the company integrates the technology in existing security products, or if it will make it available as a standalone product once it leaves the beta phase.
Advertisement
Your article is fine.
However, I would like to see some data about “consumes little system resources”, specifically a test that compares Avira Protection Cloud with Avira’s Free Antivirus program.
From my perspective, Avira Protection Cloud must…
** Run a pass of all “frequently targeted” files (same as its Free Antivirus program)
** Create “a digital fingerprint of each file” (same as its Free Antivirus program)
** Submit “the generated hash to the cloud” (an additional step)
** Upload some files to the Internet (an additional step)
I don’t know how Antivir works for other users, due to knowing hardly anyone who uses it, instead of Avast or even AVG, which seem to be more commonly used for freeware AVs. But I use Antivir and when it begins a scheduled full scan, then the PC becomes basically unusable. I use Cacheman, though only for monitoring the amount of RAM and how much each of the 4 core processors are being used. What seems peculiar is that when Antivir starts the full scan, then there seems to be plenty of RAM and processor capability that’s not being used, but the Windows XP system becomes basically unusable.
This means that I rarely run a full scan, for if the scheduled full scan begins while I’m using XP, then I stop the scan, and then I forget to start it when I won’t be using the PC for several hours. And it does take at least a few hours for the full scan of the two hard drives. One is 250GB, while the other is 1To or TB, and the latter has many video files strictly downloaded and used according to FAIR USE law, but some are a few hundred MB in size.
All video files and downloaded software or application files, of which there’re also many, are on the second drive. I’ld put at least the downloaded software files on my external 500GB hard drive, but it’s USB 2 and the copying or moving of the files is long, so I leave them on a partition of the second hard drive, which has 3 partitions and the first one has very little stored to it.
Whatever the reason, it takes a LONG time, a few hours or more, to do a full scan of the two drives. And I keep Free Antivir updated. Since Antivir seems to still be a little stronger in detecting malware, viruses, whatever, than other freeware AVs, I use it. But since it takes a very long time to scan both drives, I’m very careful about what I download, and I usually am using the PC when the scheduled full scan runs, I stop that and mostly use Antivir on demand. When run on demand, it doesn’t seem to be a problem for using the system while the scan runs. That seems to only be a problem when it’s a scheduled scan that begins to run.
Since Avira Protection Cloud only scans .exe and .dll files, I guess that this would be much faster than Antivir’s full scan. I rarely download .doc or .docx Word files, and seldom download PDF files; and when I download any of those, then it’s always from authoring websites that are and should be reliable or safe. Those usually are from academic/school and government websites. And video files are from well-known websites, such as YouTube, fe, so I think these files are surely safe, as well. And I try to download software installation files from authoring websites, such as avira.com, or reliable third-party download sites, such as majorgeeks.com, f.e. When I create files, then it’s normally with LibreOffice Writer, Jarte, or Notepad++, so this should always be safe.
What do you think about this? Do you have recommendations?
Also, and about firewalls, what do you recommend for an XP user using a 4-core Intel processor, I5, I believe, with 3GB of RAM available for XP, since it can’t see the other 2GB of RAM (having 5GB in total), and 2.5GHz processor speed; Comodo, Online Armor, ZoneAlarm, or Windows 7 firewall? I’m still using XP Firewall and generally have no problems, but Antivir has occasionally caught or detected files being downloaded without me knowing about it, and XP firewall was silent.
Because of that inactivity from the XP firewall, I wonder what real good it serves. It’s like when using Free Antivir, there’s no point in running XP firewall.
What do you mean by “Free Antivirus program”? Are you talking about any free AV program, or Free Antivir from Avira?
Correction: I just went back to your post and realize that by Free Antivirus Program you’re talking about Antivir from Avira. I wouldn’t have questioned, if you had said Antivir, but there’re several free AV programs, so I momentarily became a little confused about what you mean.
I wonder, though. Do all AVs work as you describe about Antivir?
Wherein you say the following, the below-cited, it sounds much like when using Virustotal.com.
Quote: “** Submit “the generated hash to the cloud†(an additional step)
** Upload some files to the Internet (an additional step)”
Whenever we upload files for being scanned at VT, then a hash is determined. It isn’t always successful, for some reason I’m uninformed about. It occasionally doesn’t work, but usually does.
Otoh, I don’t know that VT submits anything to any cloud. It keeps track of scanned files, but I usually have VT rescan files that I upload, anyway, when VT says the file has already been scanned and provides the results from that or those scans. Not knowing enough about all of the technical details, I have VT rescan.
Maybe VT keeps track of that information using a cloud, but I’ve never read of VT using cloud and thought that VT just kept track of this using its own servers.