I have the current version of Avast, updated and running but was infected by the “Windows 7 Home Security 2012” virus. It happened twice and fortunately I had a recent image file and restored my system using that.

Avast did NOT intercept this virus and I would like to know why - Google searches will show numerous cases of infections and offer steps to remove it but why isn’t Avast stopping this damn thing.

Fred

Fred S,

Welcome to the forums.

Avast! is a definition-based antivirus, as are all the other antivirus vendors currently available. All of them need to see a malware based code or executable to provide definitive protection against that specific malware.

If you should ever be unfortunate enough to encounter this rogue program again, you can submit the executable to this website here: http://www.virustotal.com/ where this can be examined by 43 antivirus scanners. I believe Virus Total is used as one of the central databases for suspicious files; most reputable vendors will check here for suspicious or malware files at least once a day.

A scan results page at Virus Total re an innocuous file, advisor.exe, made just now, shows the following results: http://www.virustotal.com/file-scan/report.html?id=2d6bd383131041208ca45302ce0c496e35d714760e6878f3e444eb8b541ab505-1322993188

Antimalware vendors such as Malwarebytes do a better job of removing rogue programs and similar as that is all they do; antivirus vendors must cover a greater myriad of malicious code to protect their consumers.

Malwarebytes is here: http://www.malwarebytes.org/ and is quite effective in what it does.

If you wish, you can consult the sticky posts at the top of this forum for more information on how to post infection logs, what programs to use, and so on. Programs such as OTL and ComboFix are best used only under the guidance of a resident expert here such as Oldman or essexboy. ;D

Avast did NOT intercept this virus and I would like to know why - Google searches will show numerous cases of infections and offer steps to remove it but why isn't Avast stopping this damn thing
No security program have 100% detection.... and the bad guys change the Rogue programs a bit every day to avoid detection

Fake antivirus overwhelming scanners
http://news.techworld.com/security/3203072/fake-antivirus-overwhelming-scanners/

Remove Win 7 Antispyware 2012 and Vista Antivirus 2012 name changing rogue (Uninstall Guide)
http://www.bleepingcomputer.com/virus-removal/remove-win-7-antispyware-2012

It happened twice and fortunately I had a recent image file and restored my system using that.
If this mean you used system restore, and sett it back to an earlier state.....then the malware is still there
Avast! is a definition-based antivirus, as are all the other antivirus vendors currently available.
@mchain so you have not heard about Panda Cloud ;)

@ Pondus,

Yes, I have heard of Panda Cloud, but I do not use it. The basic difference between Panda and other traditional a/v vendors is that:

  • antivirus definitions are downloaded as a database and run on the client’s computer.
  • Panda provides a real-time link to a cloud-based database that utilizes data from all currently connected clients to their server. Hence, the name “cloud” as that database is constantly being evaluated and malware definitions can be distributed to all clients much more quickly than the traditional method. Virus scans using this database must have an active connection to the Internet for the full benefit of Panda Cloud to work as designed.

Fred S may not be aware of such an option; however, Avast! does rate higher in some categories than Panda Cloud.

Fred S.'s ire is understandable, but you are right; to expect any one a/v program to ‘do it all’ is not realistic. No such thing as 100% protection, though some a/v’s come close. No 100% is still no 100%.

Nice link here. Fake antivirus overwhelming scanners
http://news.techworld.com/security/3203072/fake-antivirus-overwhelming-scanners/

Thank you for that.

not a discussion for avast forum, but you can read all about it here

The Insides of Panda Cloud Antivirus
http://news.softpedia.com/news/The-Insides-of-Panda-Cloud-Antivirus-111793.shtml

Arguments against cloud-based antivirus
http://research.pandasecurity.com/arguments-against-cloud-based-antivirus/

Avast! is a definition-based antivirus, as are all the other antivirus vendors currently available. All of them need to see a malware based code or executable to provide definitive protection against that specific malware.

Not really. If there ever was a definition of a signature AV it is Norton. Norton 2012 NIS/AV tests has shown it is virtually bulletproof against rouges. Why because it has finally beefed up it’s Sonar hueristic detection. Norton also has HIPS/IPS protection.

MBAM Professional, the real time version, offers protection against rouges. It retails for $25 and has a lifetime license. You can also find a better price by shopping e-tailers like Newegg. I paid $15 w/free shipping for the version I have. Be forwarned that MBAM Pro will scan your hard drive for bootleg software and the like. I view that as spyware activity but it’s a choice between the greater of two evils.

As previously stated, rouges change their footprints frequently to avoid detection. Only way to catch them is using huertistics or a host intrusion prevention system. Rouges are the No. 1 threat today because the are being created by criminal syndicates for financial extortion purposes.

Don’t get me wrong, I like Avast and it does have a lot to offer. However, if they can’t get a grip on providing adequate rouge protection, it’s future isn’t bright.