Avast helpless or useless?

Hello!

Really knowing what I’m doing I downloaded via SeaMonkey two (older) KeyGens for (an older) Program X. No interference of Avast during this. I scanned both directly, declared clean by Avast.
I run one of them. No interference of Avast during this.
An inspection shows some new members in parts of what is called AutoStart; even in scheduled tasks. Note: TEMP is on an other drive.

I launched an other Win XP with the same Avast and scanned the one I abused. 6 hits. 2x EICAR file, 2x an own TXT file which is described as infected since about some 6 or 8 weeks by Avast (even old unused copys/versions of that file on CDs…), and 2 self compiled QBasic EXE-files, harmless for years. (And, forgotten, packed files of PhraseExpress…)
Nothing what might have been extracted and parked on that abused system.

To be curious, I launched the infected OS and did several internal scans; MSCONFIG (by eyes), HJT, SysInternals AutoRuns. Just the last one showed up son friends in scheduled tasks (yepp, all those tools are useless to that fact, there is no comparison before-after, nor any information of a date an element was added).
Trying to use time during scans, I tried to start a magazines DVD by it’s HTML-Interface but IE showed up some ActiveX problems (same DVD before test run without problems). A direct clue something is going on there.
Curious again, I took an other magazines DVD (current edition), described as an SOS-DVD holding a scanner of BitDefender. Booting this, nothing special was found [usage of tool is catastrophic; just got partial scans run…] except the second KeyGen since the 1st one erased itself after running. A file, Avast did not mention! Scanning TEMP especially, nothing was found - but a look via a file manager showed up some 6 or 7 files with time stamp to be added today who looks critical.
I deleted them and reinstalled the abused OS by an image.

In result. Avast let me run into an open knife, even I requested a scan of the dwonloaded files, even I scanned from a sure clean system not getting the infected container file noticed as dangerous.

How to trust Avast? How a layman may deal with this?

Greetings,
Eric

What version and product of Avast are you using?

Of course the last one (non Beta).
Sorry forgetting to mention that.

Eric

Please post the detection pages on virustotal for those keygens. Another way of me saying “pictures or it did not happen” :slight_smile:

Really knowing what I’m saying, keygens are clean but may get “repacked” :wink:

Oh, by the way, send those files to Avast and explain to them what happened. Pposting topics with inflammatory titles might get them read but not taken seriously. Seriously…

  • un milion ;D

I am sure that keygens are harmful to each software company. Is every keygen harmful to users?
So most AVs think keygen as MALWARE (malware to software company).

Why do you use keygen. There are many 'free’ware you can choose.

avast does not detect keygens due to intellectual property.

They could be deleted by two reasons:

  1. They’re really infected.
  2. They are found as false positives (generally due to packaging).

On avast case, most of them are on 1, as there is not a policy to block “suspicious” packaging as other antivirus do.

avast! isn’t useless. It’s actually as very good program. Hopefully, it doesn’t pick up too many more Google philosophies but all in all, one can work with it. Buttons are just so much more than buttons these days. ::slight_smile:

@Eric March: I agree that avast has many false-positive when it comes to un-official products like self-written tweak programs, keygens, crack, proxy etc… and in other hand so many missed samples. But do you know any program which has 0 FPs and 0 Missed samples? Sure no!

That’s why I don’t live based only on one Antivirus in my end (No!, I’m not running more than one real-time protection), but I try to secure my life as much as I can.

For example:
I use 2 On-Demand Scanner: MBAM, Hitman Pro - I’ve set MBAM to scan my computer every night after update when I’m away from that
I use web based scanners: Virus-Total via VirusTotal Uploader - to scan new files
I’ve disabled autorun feature of removable drive as system-wide
I use windows HOSTS to block bad domains and use my AV feature to lock it to prevent Hijack
I use only safe and trusted programs
I use Good browser with good extensions

So with above methods, avast could be enough for you (even that I use an antivirus from where you are, Eric!)

Really knowing what I'm doing
How a layman...
So you don't know what you are doing.
Of course the last one (non Beta).
And on the other system? Different version, different vps, different settings? You talk a lot but not saying anything usefull.

And using keygens? Makes me wonder if you are using a legal version avast!

Please post the detection pages on virustotal for those keygens. Another way of me saying "pictures or it did not happen"
Why? I know about their status - but Avast did not recognize them…
Really knowing what I'm saying, keygens are clean but may get "repacked"
Well, an other scnaner reacted on that (left over) repacked file.
Oh, by the way, send those files to Avast and explain to them what happened. Pposting topics with inflammatory titles might get them read but not taken seriously. Seriously...
I declare my request as a well thougt about one since… but see about laymen below. And how to find out if a shiled works when not testing it?
Why do you use keygen. There are many 'free'ware you can choose.
See lines above; popular and well known to hold an kind of poison.
So most AVs think keygen as MALWARE (malware to software company).
By same intention, I hoped Avast warns me.
They could be deleted by two reasons: […]
Indeed. I stumbled over both possibilities that day.

avast! isn’t useless.
Aha? It left me standing in a self called rain…
Buttons are just so much more than buttons these days.
Not sure what you’re thinking about, but I did not press a wrong or manipulated button.

But do you know any program which has 0 FPs and 0 Missed samples? Sure no!
ACK. But I intend to say, those KeyGens (more: the malware within) were not the very newest ones.

I try to secure my life as much as I can. :slight_smile:

I use 2 On-Demand Scanner: MBAM, Hitman Pro - I’ve set MBAM to scan my computer every night after update when I’m away from that
No comment; if a malware overwhelmed Avast’s shield and started to work, all that is too late.
I use web based scanners: Virus-Total via VirusTotal Uploader - to scan new files
So you do not trast Avast? See below, laymen.
I’ve disabled autorun feature of removable drive as system-wide
As I did too, beginning with W95.
I use windows HOSTS to block bad domains and use my AV feature to lock it to prevent Hijack
Do you know all of them?
I use only safe and trusted programs
Yepp. And I picekd those malware by intettion to get some.
I use Good browser with good extensions
Even if I overrun mine :wink:

Quote
Really knowing what I’m doing

Oh, yes, indeed. Tnink like a burglar to prevent them.

Quote
How a layman…

:frowning: The point is - I am none. But other were and my try to use thos “offers” and feel well when a shield does not react even an additional scan of the download brings up no results.

So you don’t know what you are doing.
What a pity. I would call it a live- test of a shield.

Quote
Of course the last one (non Beta).
And on the other system? Different version, different vps, different settings?

As actual as the used and daily updates version was/is.

You talk a lot but not saying anything usefull.
:frowning: OK, I tell you, even not very directly, a download of malware and a check of it brought up no alert by Avast. So is Avast hepless against those threats?

And using keygens? Makes me wonder if you are using a legal version avast!
That’s massively impolite.
Yo did not understand my intention (have you ever tried to?) to obtain those malware, even it is not important if I use the freeware of Avast (as I do) or not.

Eric

When you have a very nice case of Virut maybe you will revisit that comment

@Eric March Dude that was one big reply and of course I did not read it :slight_smile: I saw you quoted me a lot and I’m flattered,

So, again I’m telling you to stop arguing with people and show us the Virustotal scan results. My point is that I don’t believe what you say since you produce no proof just your words “Really knowing what I’m doing”, yeah, right.

PS: Keep up the good work, you help me increase my post count and thus the size of my electronic… well I can’t say that, kids and nice folks are watching but you know what I’m talking about :wink:

So, again I'm telling you to stop arguing with people and show us the Virustotal scan results. My point is that I don't believe what you say since you produce no proof just your words "Really knowing what I'm doing", yeah, right.
That ist simply impossible, the 1st file erased itself; and even what might have left by that and the 2nd file was erased when I brouhgt back my image to get that OS on work again.

Even If you may know which virus was in that file (remeber a worm, not a trojan), if not every day each KeyGen ›bait‹ is updated, it shelld be older malware I pickd randomly for that test (note; ts software they were made for is years old ans outdated).

The pont is, Avast is blind to (assumed old) threats.

Eric

Dear sir, your testing methodology is quite brilliant. I hope more AV-test entities will pick it up. It’s that good:

  1. The results it delivers enable the “tester” to say whatever they like because they can’t produce any proof because

  2. The samples used, while being more then enough (2 samples?! double-u t f?!) to asses the detection rate of old bugs just disappeared

Now, allow me to laugh at you for this little gem bellow:

When I said:

Oh, by the way, send those files to Avast and explain to them what happened. Posting topics with inflammatory titles might get them read but not taken seriously. Seriously...

you answered:

I declare my request as a well thougt about one since… but see about laymen below. And how to find out if a shiled works when not testing it?

In other words, how am I to know if my car is safe or not? I should run it into a wall of course (with me in it)

Haha, you are a riot! Really, I come home from work, read - some - of your latest post and burst into laughter. Keep it up, the new House MD show does not air until Monday and I really need someone to make me laugh…

no support on the forums for piracy adepts, period. Whether a keygen contains malaware or not I couldn’t care less, whether it’s falsely detected by Avast I couldn’t care less, you want to use commercial software? buy it. And don’t come whining here for FP’s ;D

unicorn pillow petbeaded lanyards
HAHAHA Totally agreed. If you download a pirated piece of software, then it’s your own damn fault if you get a trojan or something. :stuck_out_tongue:

If I may…we see a lot of people try to degrade avast in one form or another. Funny thing is…not one of them has offered any solid proof of their position. And we can add this to the growing list. Avast is proven by several independent labs to be a very solid av. Period. I see you have not offered any proof. So…where’s the beef?