I have been using the free edition of avast for just over a year now and thought it was working pretty well until yesterday. I tried to email a file to someone and it was rejected because there was a Trojan (Tool Win32:LamBot) attached to the file. I thought “How could that be?..I have avast and it’s been installed on this brand new machine since day one with auto updates working.” In fact as I pondered this it auto updated right then.
So I scanned the file with avast and nothing. Scanned the entire folder, nothing. Scanned the entire hard drive, nothing. Scanned my entire system, nothing. After that I went and did an on line scan with…well let’s just say another brand and they found some 30 viruses and Trojans that avast had failed to protect me from.
So what’s the deal? Is it that you only get real protection if you buy the full version? Or is it that avast just can’t get the job done, not to be rude about it, but seriously I can’t go into battle with a paper shield and think it’s made of the finest hardened steel. Hope you understand my point. Sure I know it’s free, but if it’s not going to afford me the same protection as the paid version you should call it “The free but useless version that will only stop a few viruses…maybe” or something like that, because right now I’m not very inclined to purchase the paid version if it’s just a more colorful and costly paper shield.
Avast Free has the same protection against malware as the paid versions.
You should upload the file that you tried to email to http://www.virustotal.com/ and post the resulting URL to the results of that site here. This will indicate which of more than 30 antivirus programs think that it is a virus.
FWIW, there are a lot of phony scanning sites that are nothing but FUD. Without posting the URL you used to scan, there is no way to tell if you visited a reputable site or not.
No, the security level (protection) is not dropped in the free version.
Just that a software is not perfect (you won’t find this product to buy wherever you go…).
Who “rejected” the email? Your friend’s provider? avast in your computer?
Well to start with there isn’t any information that can really help.
If there was an attachment on the email you sent and it was the file you scanned and avast found nothing, it needs confirmation one way or another as currently it is one word against another, so to speak.
You could also check the offending/suspect file at virustotal as suggested and report the findings here the URL in the Address bar of the VT results page.
What supposedly found this infected attachment ?
The detections (virus signatures) are the same in both free/pro versions.
What avast version are you using 4.8 or 5.0 ?
Well I tried to send the file via gmail and it was block and it listed the Trojan in my original post as the reason. I’m afraid I no longer have the file as the other site , Micro Trend House Call (hope the mods don’t mind me saying their name here) deleted it and all the other infected files when I scanned my PC with their free scan. I only deal with the major virus protection companies and know there are sadly alot of shady ones that actually put stuff on your computer instead of removing anything.
I’m not looking to insult or inflame avast makers, I have been using their free version for a while now and I like it and appreciate they make it available, however I really need to know it actually is going to work and not leave me having to bounce around getting scans all over the web just to keep my PC clean. To be honest, I don’t think you should have to have more than one virus scanner. Besides the fact that you can’t install more than 1, you shouldn’t have to go elsewhere to find out whether or not the one you have is functioning properly.
I guess what I’m trying to say is avast should have detected all those files and maybe they need to look at ways to improve it. Like how could it miss anything if it’s updating properly and I scanned the file myself? Maybe something I had interfered with avast’s operation and ability to detect viruses and therefore when it updates it should check functionality at the same time. Maybe it should check outgoing files as well as incoming files. I’m no expert by any means, but perhaps there are some areas that could stand improvement in the program.
The point is we can talk about this till we are blue in the face and we won’t know which is correct, avast didn’t detect it or the other detection was a false positive.
That is why we have suggested uploading to virustotal as that currently has 41 different scanners and that will confirm one way or another and then we can do something about it.
You also have to consider your past experience and not a single issue as no single AV is going to give you 100% detections. So if you are going to jump ship on every missed detection, you aren’t going to stick with an AV for very long.
No antivirus solution is perfect like DavidR said. I don’t suggest using Trend Micro, it has many false positives according to an AV-Comparatives test. (I’m not bashing on Trend Micro just poiting something out.) Next time you should upload to Virustotal and use a better scanner like Malwarebytes to check.
OK then I got a full scan running from housecall as we speak and it’s found 12 more viruses that avast has missed. As soon as the scan is complete I will post the results. So then, do any of you work here at avast?
I ran the housecall on my system and it found nothing. As others have said though, Trend Micro, and Housecall itself, has a track record of giving many false positives. I remember a number of years ago when Housecall wanted to delete the file that told my Norton AV whether it was genuine and needed updating or not. Luckily, I knew enough to Google the file in question and find out what it was before I made the mistake of letting Housecall nuke it.
I recomend you install and run Malwarebytes http://filehippo.com/download_malwarebytes_anti_malware/
after install run update so you are scanning with latest database
run quick scan and click the remove selected button to quarantine anything found
post the scan log here
Ok here are the links to the files House Call found that Avast missed. It found more but as it turns out they were more copies of the same ones so no need to post duplicate links.
quick question for you…
Do you use mIRC? Or any of its’ variants?
I have researched the results.
This amount of contamination is something that I have seen thru irc chat clients.
Basicaly, it goes something like this…
IRC or a variant is allowed thru the scanners…
A script is installed into the irc client, either for music or color or op control, ect…
Unknown to the user, the script opens a door from with-in irc and installs keyloggers and other parasites into the system. Because IRC was allowed, the scanner may not capture the events taking place.
I’m not an expert on reading the results of all these VT samples, esp. ones that you gave us from back in March and earlier in May. The May results are more encouraging at least.
You need something more recent. I suggest what Pondus recommended to you already:
After installing, run update so you are scanning with latest database.
Run Full scan and click the remove selected button to quarantine anything found.
Post your scan log here (cut and paste your log into the forum thread).
All of the people responding in your topic here are avast users like yourself and don’t work for Avast Software, just trying to help other avast users.
Blowfish is a commercial key logger, so does that ring any bells for you (?) as many will flag key loggers of any kind, commercial or otherwise. The biggest problem is intent, who installed it, etc. and that isn’t something that an AV can determine.
It is also associated with encryption, again does that ring any bells ?
What was the location it was found in ?
A little deeper analysis reveals these may be from P2P pirate sites. As evidenced by sample #5 (adobe.photoshop.cs4.-patch.exe) which is an activation crack for photoshop.
I also did a little comparison table to see what the top rated (By AV-Comparatives) scanners found on Virus Total. None of the top 10 clearly indicated a problem.
AV scanner Samp 1 2 3 4 5 6
Gdata No No Yes No No No
Avira No Yes Yes No No No
TrustPoint No No No No No No
PC Tools No No No Yes No Yes
Symantec No No No Yes No Yes
F-Secure No No Yes No No No
ESET No Yes No No Yes No
BitDefender No No Yes No No No
Avast No No No No No No
Kaspersky No Yes Yes No No No
This Guy has been playing on the pirate sites,so he gets what he asked for.
I’ve been noticing the same thing. Clients of mine have been getting infections that go undetected until a full scan is is run. The background scanner is not picking up viruses like it should.
That should only happen if the malware is new and not detected by the signatures in place when the malware is encountered. A later full scan with updated definitions might then pick up something that slipped by. If it’s not new malware then it shouldn’t happen. I haven’t gotten anything yet that has slipped by. This is confirmed by scans with MBAM and SAS.