Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: REDACTED on July 19, 2015, 10:44:08 PM
-
I experienced Crypt0L0cker and even if thanks to a full backup I didn't had any damage. I then made some test on a test pc and I found Avast Free is the only AV that does not intercept this ransomware that could create so many damages. Bitdefender, Kaspesky, Nod32, AVG, Avira they all intercept Crypt0L0cker, Avast no.
Avast used to be my favorite and as I am a supporting tech I've installed it on about 100 pc and untill now I was so pleased so happy now I'm not more and I'm gonna unistall Avast everywhere.
That's a big big fail!
-
avast does recognize several versions of CryptoLocker.
avast also detects things that others don't.
-
New versions of cryptolocker are released evry week
-
Make the link not clickable.
We do not want visitors of this webboard opening malicious websites.
Prove that avast does detect it:
https://www.avast.com/virus-update-history
-
Make the link not clickable.
We do not want visitors of this webboard opening malicious websites.
Prove that avast does detect it:
https://www.avast.com/virus-update-history
Have a try with that link on a PC with the latest AVAST update and you won't tell this. I've been testing all day long. Avast fail that's it and as I've the proof you cannot convince me.
-
as i said above new versions comes out regulary and no security program have 100% detection
report it here https://support.avast.com > avast virus lab
edit your post above and change http to hxxp ... this will make the link unclickable
-
I removed the live link to Cryptolocker malware.
It was taking too long for the Mods to make the link non clickable.
Better safe than sorry. :)
-
I cannot understand how can you go with statement like this: you have a new version of Crypt0L0cker every week and multiple of them and so who cares if Avast can't catch them all!
You're out of what it's supposed an Antivirus does: protect for whatever can damage you.
Crypt0L0cker can do big big damages and if you are good with that risk I'm not.
I experienced through a complete set of test using a PC that I have installed for the purpose.
I created a cloning image to restore back whenever Crypt0L0cker won over the Antivirus.
I found Avast, Avira and Panda failed. Bitdefender, Symantec, Nod32, AVG don't.
Tell me why should I go with Avast if it doesn't block a so harmful ransomware. I should be crazy.
Until you experience the same problem, but at that time it would be to late, you can keep pushing for Avast.
If I were an Avast friend I would try to understand why it failed and I would fix it and for sure I will not say you have a new version of Crypt0L0cker every week and multiple of them and so who cares.
I will wait the news Avast fixed it, until that time I changed my Antivirus with one working on that problem.
-
Actually, many cryptolockers born as "undetected" by any vendor. If you are a virus wirter, you want your sample undetected by any vendor. So we need prevention here. Avast has some features to prevent 0-day threats. Deepscreen, Hardened Mode and nowadays HIPS.
They can also fail. So what will happen ? You will probably infected with cryptolocker and you will lost your files.
I suggest you that do not trust any antivirus and do not be a supporter of any antivirus. Use softwares that build on more prevention not detection. You can maybe use anti-executables or you can use sandbox technology (also available in avast paid versions)
These are will save you. I think you are a techie guy and you know which file looks malicious or not.
Please use your common sense before running any file on your PC.
and remember that "Every virus born as undetected, we need prevention not detection"
Sincerely,
yigido
-
I cannot understand how can you go with statement like this: you have a new version of Crypt0L0cker every week and multiple of them and so who cares if Avast can't catch them all!
did anyone above say we dont care?
i gave you a link above where to report undetected samples
-
The OP seems to be focused on just this one malware sample, but is forgetting about other things.
As I have said, avast does detect things that others don't and visa versa.
Being safe to this malware sample and using a other av means you will be vulnerable to other malware that avast protect you against.
-
The OP seems to be focused on just this one malware sample, but is forgetting about other things.
As I have said, avast does detect things that others don't and visa versa.
Being safe to this malware sample and using a other av means you will be vulnerable to other malware that avast protect you against.
It is detection. On some cases Avast can detect, on other many samples "A" antivirus can detect. So this history will never end.
There is no 100% detection exist. Protection is not equal to detection.
This user needs prevention against unknown threat. You guys give him a "Virus submission form" to submit his undetected sample. Why?
If he already know its a threat, why he needs Avast or any other Antivirus then? If he can decide which is malware or which is safe. He is a security product himself ;) Why he needs Avast?
The user wants to ask something different in my huble opinion.
-
You guys give him a "Virus submission form" to submit his undetected sample. Why?
i am an avast user just like you .... what else should i give him?
for protection there is a tool CryptoPrevent https://www.foolishit.com/cryptoprevent-malware-prevention/
it also needs updates, meaning it does not detect/protect 100%
-
You guys give him a "Virus submission form" to submit his undetected sample. Why?
i am an avast user just like you .... what else should i give him?
for protection there is a tool CryptoPrevent https://www.foolishit.com/cryptoprevent-malware-prevention/
This is Avast's job, to collect samples. I am a user too and believe me I send many samples to vendors in every day ;)
at these words, my goal was not bad. Please do not misundertsand me.
-
for protection there is a tool CryptoPrevent https://www.foolishit.com/cryptoprevent-malware-prevention/
I strongly advise you to installed CryptoPrevent above this quote post by Pondus, because they work great together with Avast, MBAM & MCShield ;)
-
This is Avast's job, to collect samples.
and this is what all AV labs do 24/7
try detecting all this https://www.av-test.org/en/statistics/malware/ they try but it is not possible
-
My suggestion is "Enable Hardened Mode : Aggressive"
Hardened Mode: Aggressive
This mode behaves a bit differently. It actually relies on analysis on a very small scale and mostly relies on a huge whitelist database located in avast! Cloud. If file is located within the cloud and flagged as safe, it will allow to run it. If it's not found or marked as bad, it will block it. So, at least based on my experience, Aggressive Mode is actually much more secure and also a lot less intrusive. Only time that it will cause problems is with some very rare old software or very very new software that isn't used by thousands of users.
a cryptolocker cannot be in Avast whitelist so this feature will block the execution of sample and you will be protected. ;)
-
This is Avast's job, to collect samples.
and this is what all AV labs do 24/7
try detecting all this https://www.av-test.org/en/statistics/malware/ they try but it is not possible
This is why I say that "Detection always multiple steps behind the new malwares" so we need prevention here :)
-
"Every virus born as undetected, we need prevention not detection"
That's it.
Every Antivirus is not anymore a pure Antivirus it's much more and even if I understand that a AV can fail where another succeed I want some reliable solution not only in detection but even in prevention and even if that was the first time in years Avast failed for me that was shocking because it was something I cannot tolerate it fails on.
I'm a tech and the problem didn't happen directly to me. I'm enough aware to avoid myself this kind of threat - a pdf file does not have an exe extension - but for my mother what matter is the logo.
A cryptolocker start a massive cripting activity, I cannot understand an AV that does not suspect anything and prevents it. I need to stop Avast so many times because of my administrative scripts when I test them and I have to tolerate a cryptolocker activity not prevented: it's simple absurd!
-
As a Tech, you should also be aware that there is no 100% in anything in life. Certainly not in protecting your system from attacks.
If such a product existed, we would all be using it and the bad guys would be out of business and so would you as a Tech. :)
-
You guys give him a "Virus submission form" to submit his undetected sample. Why?
i am an avast user just like you .... what else should i give him?
for protection there is a tool CryptoPrevent https://www.foolishit.com/cryptoprevent-malware-prevention/
it also needs updates, meaning it does not detect/protect 100%
Installing this security software (CryptoPrevent) is absolutely a proactive step to staying clean of Cryptolocker.
Yes, and while it does need 'Updates' this software specializes specifically and intensely (only) on the Cryptolocker variants while Anti Virus software does not!
edit: As has been mentioned, nothing is 100% effective, 100% of the time.
"Layered Security Profile" is the ticket. ;)
-
"Every virus born as undetected, we need prevention not detection"
That's it.
Every Antivirus is not anymore a pure Antivirus it's much more and even if I understand that a AV can fail where another succeed I want some reliable solution not only in detection but even in prevention and even if that was the first time in years Avast failed for me that was shocking because it was something I cannot tolerate it fails on.
I'm a tech and the problem didn't happen directly to me. I'm enough aware to avoid myself this kind of threat - a pdf file does not have an exe extension - but for my mother what matter is the logo.
A cryptolocker start a massive cripting activity, I cannot understand an AV that does not suspect anything and prevents it. I need to stop Avast so many times because of my administrative scripts when I test them and I have to tolerate a cryptolocker activity not prevented: it's simple absurd!
If you want a strict solution against malicious I have 99,99% protection against all malwares.
Avast Free Antivirus + Comodo Firewall (Proactive Security Configuration) = 99,99% Protection. This is what I use.
You can ask me more about in PM. Comodo Firewall can automatically sandbox unknown threats.
Please read about containment (sandbox) : https://blog.comodo.com/containment/cryptolocker-meets-comodo-containment-technology/
-
I may not be using Comodo's firewall but still consider my systems as protected as possible.
I don't think that it's the comodo firewall that makes the difference. :)
-
I may not be using Comodo's firewall but still consider my systems as protected as possible.
I don't think that it's the comodo firewall that makes the difference. :)
Comodo's default deny will sandbox what Avats missed, so it might be a usefull piece of software for novice users to protect themselves from Crypto like malwares.
For any users who know something about security and computers. Avast Free will provide enough protection :)
I agreed to you.
-
CryptoPrevent (https://www.foolishit.com/cryptoprevent-malware-prevention/) is what I suggest to all users to enhance their layered protection scheme and lessen
their chance of running into Crypto Locker. :) .
You also seem to forget that Avast also has a Sandboxing feature. :)
-
CryptoPrevent (https://www.foolishit.com/cryptoprevent-malware-prevention/) is what I suggest to all users to enhance their layered protection scheme and lessen
their chance of running into Crypto Locker. :) .
You also seem to forget that Avast also has a Sandboxing feature. :)
Yes but it is a paid feature and it is not automatic sandbox (but deepscreen)
-
Avast fixed it!
Now either the link it's blocked.
-
My suggestion is "Enable Hardened Mode : Aggressive"
Works!
-
If you want a strict solution against malicious I have 99,99% protection against all malwares.
Avast Free Antivirus + Comodo Firewall (Proactive Security Configuration) = 99,99% Protection. This is what I use.
You can ask me more about in PM. Comodo Firewall can automatically sandbox unknown threats.
Please read about containment (sandbox) : https://blog.comodo.com/containment/cryptolocker-meets-comodo-containment-technology/
Works!
-
I will wait the news Avast fixed it, until that time I changed my Antivirus with one working on that problem.
I hope your new AV detect
Cryptowall 3.0
https://www.virustotal.com/en/file/c4f501bcdfc7a41639ab919a9ab00a8a37e07e0400767f923d99ebd7f483dfe7/analysis/1437484318/
https://www.virustotal.com/en/file/f9a5ae2c26d45392c56d7c05308fc445ae75685fdc1015a5f145de9fcc6eaeba/analysis/1437484344/
-
Well that makes it a total of 3 so far that have suggested CryptoPrevent (https://www.foolishit.com/cryptoprevent-malware-prevention/ (https://www.foolishit.com/cryptoprevent-malware-prevention/)) to Yigido in the last few posts. ;D ::)
-
Well that makes it a total of 3 so far that have suggested CryptoPrevent (https://www.foolishit.com/cryptoprevent-malware-prevention/ (https://www.foolishit.com/cryptoprevent-malware-prevention/)) to Yigido in the last few posts. ;D ::)
I think he's only interested in pushing Comodo's firewall. :)
-
Well that makes it a total of 3 so far that have suggested CryptoPrevent (https://www.foolishit.com/cryptoprevent-malware-prevention/ (https://www.foolishit.com/cryptoprevent-malware-prevention/)) to Yigido in the last few posts. ;D ::)
I think he's only interested in pushing Comodo's firewall. :)
Looks like it.
Also CryptoPrevent is free, you just have to go into the software and manual update once a day (or whatever)!
For "automatic" updates there is a very small cost to license to Premium Edition.
-
I will wait the news Avast fixed it, until that time I changed my Antivirus with one working on that problem.
I hope your new AV detect
Yes as I've access for my work to enterprise licenses I used (abused indeed!) for a while one for my mother but now that I know that enabling Hardened Mode : Aggressive works fine I will go back to Avast as I do not want to use something I do not need anymore. I didn't used Hardened Mode before because I didn't find it necessary but now I'm gonna use that much more.
-
Well that makes it a total of 3 so far that have suggested CryptoPrevent (https://www.foolishit.com/cryptoprevent-malware-prevention/ (https://www.foolishit.com/cryptoprevent-malware-prevention/)) to Yigido in the last few posts. ;D ::)
I think he's only interested in pushing Comodo's firewall. :)
I don't think so!
I tried it and it works but I won't go with it only because it's not understandable for simple users and I don't need it for myself.
-
Well that makes it a total of 3 so far that have suggested CryptoPrevent (https://www.foolishit.com/cryptoprevent-malware-prevention/ (https://www.foolishit.com/cryptoprevent-malware-prevention/)) to Yigido in the last few posts. ;D ::)
I think he's only interested in pushing Comodo's firewall. :)
Does it solve the problem? Answer is "Yes"
This will provide solution to user needs? Answer is "Yes"
Then why you are behaving like this?
-
Well that makes it a total of 3 so far that have suggested CryptoPrevent (https://www.foolishit.com/cryptoprevent-malware-prevention/ (https://www.foolishit.com/cryptoprevent-malware-prevention/)) to Yigido in the last few posts. ;D ::)
I think he's only interested in pushing Comodo's firewall. :)
Does it solve the problem? Answer is "Yes"
This will provide solution to user needs? Answer is "Yes"
Then why you are behaving like this?
Partly because this the Avast Support Forum. :)
-
Partly because this the Avast Support Forum. :)
OT:- And welcome to the computer world and that's life ;)
-
Partly because this the Avast Support Forum. :)
This is Avast Forum right? You can suggest Cryptoprevent, but when I suggest Comodo Firewall. You are behaving like this.
This is a bit strange. Anyway whatever you like and I do not want to extend more.
Have fun! Stay safe..
-
Partly because this the Avast Support Forum. :)
This is Avast Forum right? You can suggest Cryptoprevent, but when I suggest Comodo Firewall. You are behaving like this.
This is a bit strange. Anyway whatever you like and I do not want to extend more.
Have fun! Stay safe..
Avast already has a Firewall. Avast doesn't have a CryptoLocker. :)
You stay safe as well.