Avast Doesn't Block XP Defender malware (ave.exe)
in [Spyware]
|
From: gufus on 3 Apr 2010 15:24 Hello, Dustin! You wrote on Sat, 03 Apr 2010 18:57:10 GMT: DC> You don't need or want the stolen cobbled script of junk Chris panders DC> here. He's already got one sucker (BD), don't become his next one. Ah... -- With best regards, gufus. E-mail: stop.nospam.gbbsg(a)shaw.ca
From: David Kaye on 3 Apr 2010 16:46 "FromTheRafters" <erratic(a)nomail.afraid.org> wrote: > >Were you running as administrator at the time of the "attack"? Running XP Pro with a default user with admin privileges. >It is possible, while browsing to a legitimate site, to get redirected >to a site that launches several browser exploits aimed at executing a >rogue application on your machine. Using OpenDNS as the DNS. Using Windows Firewall and Avast. I checked filedates in various directories and didn't see much other than ave.exe and its entries in the registry. It was actually fairly simple to get rid of, having dealt with it before on customer machines. >(server-side) to avoid detection by your antimalware component. Similar >to the way a virus can be self-polymorphic - a downloaded program file >can take many forms. What's eating me is that the program launched with a window that was clearly detectable in Task Manager as ave.exe, and yet while Avast was running it simply didn't see the program. After rolling back the registry 5 days manually (booting up with BART-PE) I then ran XP in regular mode and scanned with MalwareBytes. MB immediately saw it. (I'm using the freebie MB, so it does no realtime scanning). Avast still didn't see it even after I ran the drive scan option. And I have the latest Avast update.
From: David Kaye on 3 Apr 2010 16:48 "The Real Truth MVP" <trt(a)void.com> wrote: >Avast is an antivirus application not an antimalware application. That said >the latest version is 5 do you have that version, mine detects it. Avast is an anti-malware app. It is extremely good otherwise at detecting problems. To say that it is solely anti-virus indicates that you don't know what a virus is.
From: gufus on 3 Apr 2010 15:56 Hello, David! You wrote on Sat, 03 Apr 2010 20:48:23 GMT: DK> >> Avast is an antivirus application not an antimalware application. That >> said the latest version is 5 do you have that version, mine detects it. DK> DK> Avast is an anti-malware app. It is extremely good otherwise at DK> detecting problems. To say that it is solely anti-virus indicates that DK> you don't know what a virus is. Hehehe... -- With best regards, gufus. E-mail: stop.nospam.gbbsg(a)shaw.ca
From: ~BD~ on 3 Apr 2010 17:04
The Real Truth MVP wrote: > What part of "That said the latest version is 5 do you have that > version, mine detects it." don't you understand? > Avast antivirus software provides complete virus protection for your > computer. The antivirus engine is complemented by an anti-spyware > module. Where on this page does it say Avast Anti-malware as > opposed to Avast Antivirus > http://www.avast.com/security-software-home-office > > > Be nice, TRT! :) David Kaye is (I believe) one of life's 'good guys' and has a vast amount of computer experience. Perhaps he wasn't concentrating and missed your question. Maybe he will confirm that he *is* using Version 5 in due course. Btw, at the link you posted it *does* say about the Free version of Avast! Antivirus and anti-spyware Secures e-mail and chats I had a look at the web site of the other person commenting on your Blog about Malwarebytes. http://gopcfix.com/ John Warnken seems to be quite genuine - maybe you should invite him to this thread?!! -- Dave |