We Need Your Help!

Orion · May 24, 2017

avast behavior shield is late my all files are encrypted by jaff Ransomware

I have reported the problem internally. @elvis and any malware testers please report on Avast forums with the details required as stated by me.

Much appreciated.

Malware Person · May 24, 2017

do you have a backup of your important files? if so, then you should just clean reinstall windows 10

ahity · May 24, 2017

Orion said:
avast behavior shield is late my all files are encrypted by jaff Ransomware

I have reported the problem internally. @elvis and any malware testers please report on Avast forums with the details required as stated by me.

Much appreciated.

/

like @Malware Person said you have back up ?

you mean jaff Ransomware jump out from your VM and infecting host ?

Cohen · May 24, 2017

Correct me if I'm wrong, but from what I understand, Orion tested the ransomware with Shadow Defender enabled, which hopefully means they don't need to restore from a backup. They are asking for help because they're reporting the problem to Avast and need additional information.
@Malware Person @ahity

tryfon · May 24, 2017

Orion said:
avast behavior shield is late my all files are encrypted by jaff Ransomware

I have reported the problem internally. @elvis and any malware testers please report on Avast forums with the details required as stated by me.

Much appreciated.

Those Damn Russian Hackers!

Malware Person · May 24, 2017

tryfon said:
Those Damn Russian Hackers!

lol

Orion · May 25, 2017

There were some testers from MT and Avast forums who tested IDP alone with/without internet connection and some variations in results were found.

This has been spoken to avast Devs and situation is normal.Please remember IDP requires web shield and cloud too it's somewhat dependent on it but not entirely.

Captain Awesome · May 25, 2017

@Orion is this your post on avast forum?

Orion · May 28, 2017

True Indian is Orion

Atlas147 · May 28, 2017

Noticed that IDP takes a while before detecting threats as well. Usually if the threat is time sensitive like ransomware then the computer is done for, but if they are trojans that lie and wait for passwords to be keyed in then IDP might actually be useful.

Also like the post on the forum stated, it is detected by filerep, so if you have all your shield on then the malware probably wouldn't be able to execute.

If it was able to execute because you had some shield off, then it's probably your fault.

Search

We Need Your Help!

Orion

Level 2

Malware Person

Level 4

ahity

Level 1

Cohen

Level 7

tryfon

Level 2

Malware Person

Level 4

Orion

Level 2

Captain Awesome

Level 24

Orion

Level 2

Atlas147

Level 30

Similar threads