HDD Defragmenter...Avast! Pro 5 Totally ignored It

I get invaded by HDD Defragmenter and Avast! is as quiet as a mouse, and didnt even flinch Why? I though Avast! was a top rated AV, but I just lost confidence in it as a Full system scan didnt even find a trace of this Malware. I think I need to look elsewhere for a more respondant AV as it cant remove what it cant find

 

It's a matter of probabilities, sometimes (usually) they are on your side. This could happen with any antivirus.

 

deal with it, Avast! is overrated, see every Retrospective test here, Avast! is not a top antivirus.

 

I hope to hell you dont run a business with a response like that. If you cant add anything sugestive, I rather you didnt the main reason for the original post was to accertain whether anyone had constructive advice on how to approach the problem

 

Geez! hope you aren't the guy driving the car that runs my dog over...

 

I think you're probably correct. It's a case of working through different anti-malware apps until you find one that does the job. Unless of course you had a backup strategy in place, in which case you can just restore your most recent image. As everyone knows, AVs can't catch everything, so if your primary security is an AV then you need something in place for times like this.

 

~comment removed~

Avast is a top Antivirus, but just like any other top AV like Kaspersky...Norton and the likes there will be times that something can slip through. All Anti virus software suffers from that at times.

 

DVD+R, with you being a forum regular I for one would have expected you to rely on more than Avast! to protect your pc. I've been cleaning up those rogue "Hard drive diagnostic" apps all week.

1) HMP will nuke the rogue - run TDSSkiller afterwards
2) run sandboxed
3) make images
4) if you stick with Avast! supplement it with MBAM Pro
5) run secunia psi and make sure you're updated

 

I switched back to Avira Antivir Premium, still had 6 months to run on subscription,and will renew another 12 months this week, Outpost Pro 7, Lifetime, and as you mentioned Malwarebytes Anti-Malware PRO.

 

Was the program downloaded and installed as you thought it was a safe program, or did it sneak by?

MBAM Pro is worth the cash. 15 and 40 per cent discount here.

Removal:
http://www.bleepingcomputer.com/virus-removal/remove-hdd-defragmenter

 

I think it's a good decision. I also went back to Avira from Avast. I like Avast very much but I don't think it's a match for Avira detectionwise.

 

I'd be surprised if it was a drive-by because the OP runs Outpost which has a HIPS. Can you tell us DVD+R?

 

~comment removed~

As been said by others, focus on backup strategy:
- backup your personal data (synctoy is a nice simple microsoft tool)
- if you feel courageous enough, do a disk image of your system (provided you created a system disk and a data disk)

Then focus on policy. The first, simplest and most efficient one is certainly creating a SUA per user. First it forbids admin modifications, second it eases cleaning when a user-level malware finds its way in a user account: simply log as admin and clean the user account. I should add that installing a software requiring admin priviledges from a SUA is a breeze: right-click install as admin, provde password, and that's it!

To finish, concentrate on threat gates. HDD defragmenter has been installed by a user. This shouldn't have happened provided you use an up-to-date system with a properly configured web browser.

Concerning cleaning, it would be best if you have a cleaning tool already installed (but not by-default running in memory). There are good tools like DrWeb or malware bytes.

Good Luck

 

Out of interest, have you tested the malware against avira, to see if avira catches it ?

 

I was led to beleive it was safe. It had been installed via a Flash drive my nephew had been had been given, he came along with some new music albums he asked if I wanted them. Natuarally he was oblivious as to what happened.

 

I see you have MBAM pro, did you buy this after the event ?
I believe all AV's let these rogues through. A new one seems to spring up every week. As you now have MBAM pro, you probably don't need to do this, but for anyone else, open Avira > configuration > general > threat categories > then tick fraudulent software.

 

Good Morning ! Unfortunately these days ...finances permitting...everyone needs a layered approach in protecting their systems. Having stated the obvious, I have been switching back and forth between Avast Pro and G-Data Anti Virus 2011 the past two weeks...and on my own system which I suspect is always clean...G-Data caught a couple of Viruses and a Trojan that Avast didn't. For the moment I'm sticking with G-Data although the Virtualization and Sandboxing on Avast are the features that give Avast a slight margin in flexability...in providing enhanced technology. G-Data although a massive download, once downloaded and configured properly...is much more responsive and nimble than previous versions. I must admit that Avast Pro missed the Malware...but I'm sure their team is working diligently at improving detection rates for Avast 5.1. Sincerely...Securon

 

Yes, about an hour after

 

too bad but crap happens.

questions from me
* can you recover how it happend?
* if so you can fill the gap?
* if not it could happen any time again?
* malware mutates every day so next time avira may fail?

its not time - it never was - to blame some av-tool

 

Unlucky DVD+R, you have my sympathies. I'm surprised Outpost's HIPS didn't catch it.

 

To minimize the chances of it happening again and for quick recovery if it does happen.

1. Sandboxie (DropRights, Start/Run & Internet Access Restrictions)
2. System Partition Imaging

 

yes, thats me, here some pics from the moment.

just saying, avast isn't enough

 

One of the best tip i want to suggest you is that "You should go with 'Default-Deny' protection. Better you configure your Win 7 Pro with SRP (Software Restriction Policies) according to your taste...

Trust me, you will be 99.9% safe from most of the malware.

Always remember "If it cannot EXECUTE, it cannot INFECT"

 

DVD+R:
A couple questions out of curiosity-
Was the install on your Windows 7 x64 box?
Are you able to see if the .exe for the HDD Defrag program has a digital signature or not?

 

DVD did avira detect it?