My computer was infected with “Security Suite” malware. Avast did not detect it.
How do I know what Avast will catch and what it won’t?
How many and what type of programs do I need to run to be totally (as much as possible) safe?
“As much as possible” being keyword. Lurk around here and other security forums, have a look at some of the fancier signatures, they often represent good combinations of security programs that should not conflict.
Here, of course, you will see a lot of Avast! users, with Avast! in the signature, telling you to use Avast!, myself included.
For a more objective view, with more varied combinations to look at, try checking out signatures here>>http://www.wilderssecurity.com/
MalwareBytes Anti-Malware (MBAM) is a good compliment to avast!
Its one time licence fee is well worth the price for malicious Website Blocking plus prevention of the likes of “Security Suite”.
Use a browser that prompts for, or doesn’t allow third party or untrusted scripts to run. The easy one to use is the NoScript add-on for Firefox. IE can be configured to achieve a similar result.
[edit] just to add, these rogue AV’s are modified and released very frequently, I don’t know of any AV’s that will detect all of them, every time. Avast would normally be expected to stop a lot of versions of them, but they are updated so frequently that it’s a bit of a mission. All you have to do to get one is visit a hacked website without having scripts blocked in your browser. A third party firewall might prevent the trojan installer file from fetching all its payload, but won’t stop the initial malicious download.