Author Topic: Avast not detecting Ucash Ransom Trojan  (Read 7906 times)

0 Members and 1 Guest are viewing this topic.

Offline Aventador

  • Poster
  • *
  • Posts: 622
Re: Avast not detecting Ucash Ransom Trojan
« Reply #15 on: July 24, 2013, 06:17:08 PM »
I stand corrected. Avast Internet Security does have a sandbox like browser protection like Sandboxie. But unless his father was running his browser under Avast's Sandbox it cannot protect him.

http://www.avast.com/en-us/internet-security

"Surf and socialize without worry
Sandbox lets you surf the web and run even risky programs virtually, outside your PC. And our Web, IM, and P2P shields ensure your safety on social networks (e.g. Facebook or Twitter) and online dating sites, IM chats (e.g. Skype or ICQ), or peer-to-peer file-sharing sites."

There are two different sandboxes in Avast IS. once which analyzes programs and the other to fully virtualize your browser. But this FBI Ransomeware isn't something you download and install. It comes when a user clicks on a malicious link. Then when you reboot your toast.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37109
Re: Avast not detecting Ucash Ransom Trojan
« Reply #16 on: July 24, 2013, 06:24:09 PM »
Quote
But this FBI Ransomeware isn't something you download and install. I
it also comes as attachment in fake mails from DHL / UPS / FedX.....

Offline Aventador

  • Poster
  • *
  • Posts: 622
Re: Avast not detecting Ucash Ransom Trojan
« Reply #17 on: July 24, 2013, 06:31:50 PM »
Quote
But this FBI Ransomeware isn't something you download and install. I
it also comes as attachment in fake mails from DHL / UPS / FedX.....

Exactly. Thats why I asked him to ask his father what he was doing. Every customer I have seen with this came via an email link. First lesson in safe surfing "Never open up emails from people you do not know. Never click on any random link either". Thats why WOT is great browser addon.

Offline A. User

  • Sr. Member
  • ****
  • Posts: 394
Re: Avast not detecting Ucash Ransom Trojan
« Reply #18 on: July 24, 2013, 06:50:27 PM »
There are two different sandboxes in Avast IS. once which analyzes programs and the other to fully virtualize your browser. But this FBI Ransomeware isn't something you download and install. It comes when a user clicks on a malicious link. Then when you reboot your toast.

You are correct

Offline Aventador

  • Poster
  • *
  • Posts: 622
Re: Avast not detecting Ucash Ransom Trojan
« Reply #19 on: July 24, 2013, 06:52:32 PM »
Lets not "hijack" LasseThid thread. Hopefully we can help him protect his father from further malware infections.

Offline A. User

  • Sr. Member
  • ****
  • Posts: 394
Re: Avast not detecting Ucash Ransom Trojan
« Reply #20 on: July 24, 2013, 06:53:31 PM »
Just to say- when i close my browser(Google Chrome of course) sandboxie deletes automatically all files(by deleting the sandbox and creating a new one immediately) and if there are any files it asks me which of them to restore. ;)

Offline Aventador

  • Poster
  • *
  • Posts: 622
Re: Avast not detecting Ucash Ransom Trojan
« Reply #21 on: July 24, 2013, 06:57:24 PM »
Just to say- when i close my browser(Google Chrome of course) sandboxie deletes automatically all files(by deleting the sandbox and creating a new one immediately) and if there are any files it asks me which of them to restore. ;)

Sandboxie in that case would have stopped this ransomware. Anything that happens in the sandbox does not effect the pc. Sandboxie has a great explanation of this.

http://www.sandboxie.com/