These last few months, I’ve stumbled upon several people affected by the teslacrypt family of ransomware viruses. All of them had Avast on their computers, which didn’t detect it AT ALL.
What is going on? why isn’t avast detecting this INCREDIBLY DANGEROUS virus???
4]
Many people have pup detection disabled in avast.
TeslaCrypt is (amongst other ways) spread through pup’s.
5]
Detection can only be added if avast (and other malware vendors/developers) have a sample of the malware.
Doctors can’t develop a cure for a decease that the don’t know the existents of.
6]
I have to guess here, but those people are using a account with administrator rights for daily use.
That means that if malware gets on the system it has the same rights as the user. NEVER use a account with administrator rights for daily use.
Security on/for a system starts with what the user knows/does, not with software.
Yes, I am for real.
It is not a virus, but ransomware.
A virus is just one of the (many) types of malware.
Some others are : trojan, adware, scareware
avast sure has detected several variants of ransomware.
You can check the vps history what avast is detecting. https://www.avast.com/virus-update-history
Keep in mind that different vendors often have different naming for the same malware.
Saying avast detects the TeslaCrypt encoder as malware isn’t much helpful.
Which exact decoder do you mean ?
all virus are malware, but all malware are not virus. If it does not self-replicate it is not a virus
quote VB100
In a stricter sense 'virus' applies only to self-replicating malware, and even more specifically only to code which infects other files on the local system
What is going on? why isn't avast detecting this INCREDIBLY DANGEROUS virus?
New changed versions are frequently released to avoid detection
Oh, and BTW, Avast flags the tesladecoder tool used to try and decrypt the files as a virus, but not the actual virus. Neat!
It is normal that tools used to clean malware are detected bc of how they behave, happens frequently with all the tools used by this forums malware removal team
Hello, I just have a friend with avast running and up to date (11.1.2245 with data base 160122-0) that have been infected by cryptowall 4.0 to day.
He have a backup done every week on an usb drive, so it should be ok to restore his file.
But now the question is to know if there is a way to have a good protection against this kind of malware ?
Because avast still running on his PC without seing or doing anything against cryptowall 4.0
It seems malwarebytes can see it, I will do a scan with it.
Hope you will be able to work on a protection again this type of malware.
Hello,
samples that we have are already detected. Maybe this is some new variant, which is not covered by any our generic detection. We would like to have such samples to analyze.
Can you send us the malware samples to analyze why it was not detected? Create a ticket on https://support.avast.com/ and attach the samples, please.
quick question. how do you avoid ransomware and prevent it to begin with? is it something hackers install directly to your pc through hacking or is it by clicking bad/infected links?
Imho Avast should implement some specific kind of cryptoware prevention as Bitdefender did in their latest version. Recently I’m seeing too many samples of this kind of malware missed by Avast. It is true you can install something like cryptoprevent, but however Avast should offer better protection by itself.
You seem to forget that the infection or Malware always comes first and protection comes second. It’s always a catch up game.
The first part of staying safe starts with your own ability not to click on every link you see. That may be a bit blunt but, most people are their own worst enemies.
I totally agree with you, but why Avast can’t implement a defence mechanism like cryptoprevent or bitdefender cryptowall immunizer? It shouldn’t be so hard…