First of all, this topic is not directly to get help about a virus, because I’m not personally having any trouble with it. It’s about avast not protecting against a specific kind of virus, so lack of functionality. That’s why I’m posting it here. Excuse me if I’m wrong.
Why is it that computers, supposed to be protected, with Avast Free, can still be easily infected with any variant of the Ukash virus? I don’t find this good publicity for Avast… Many of my friends had trouble with the virus, but they all had Avast… So why install an anti-virus software when it doesn’t do what it should. It’s not that it’s a new virus or so… Or am I wrong?
It's about avast not protecting against a specific kind of virus, so lack of functionality.
This is not entirely correct statement. Saying that it doesn’t protect against a specific kind of malware would be only if you intentionally don’t provide protection against it. But i do know that avast! like any other anti-malware product does protect against ransomware malware.
But like anything else, nothing is 100% so even avast! can miss such stuff. New technologies like Evo-Gen, Auto Sandbox and FileRep do help but they yet again aren’t 100%.
Actually that isn’t true either. There are things that as an user you just cannot see or predict. You need a scan engine that basically disassembles the program, analyzes it and gives a verdict. File infectors are very tricky for example.
Yes you are correct RejZoR,but most of the users say 94% of them when they do something with their computer,atleast this is the condition here in india,they dont know what they click on.If there is a file named a12e2.exe or action replay.exe they just double click it and then boom infected!!
Btw,the 1 sample of the file infector I passed on to pondus for MCShield long time ago was actually ramnit and it wasnt a legit looking file but a randomly named file that one of my clients used to infect their machine.
There are several methods to get UKASH from your comp, like being described here: http://malwaretips.com/blogs/remove-ukash-virus/
MBAM also seems to do a good job on it. I always asked avast users to additionally install SAS and/or MBAM to close the vulnerability window a bit further.
One resident av solution is not enough, needs some non-residential assistence as an addition.
For instance ZeroVulnerabilityLabs Exploit Shield 0.8.1 also protects here…it blocked 5 exploit attempts for me…