How Did Antivirus Miss This?

Mar 1, 2018
How does a (Win 10) PC get slammed by RansomWare while Bitdefender is fully installed and in 'watch mode'? Yes, I asked the developers but have received no response to date.

Although the virus didn't seem to completely execute, it did encrypt/corrupt a lot of files. Including those in OneDrive that were synching to the local HD and backups on external HD's.

Making matters worse, I see the first signs of attack at noon and the last near midnight. The thing was thrashing around on the computer for nearly 12 hours?

I don't open email attachments from unknown sources and I avoid dubious websites, although I thought the antivirus watched for these things too.

Can one activate a virus by only reading the body of an email in a client like Outlook or browser based Gmail?



Mar 3, 2017
The bad guys are constantly evolving malware and ransomware to get past security software. As a result, our Threat Labs and developers are constantly working on technologies that help detect unknown or never-before-seen malware.

Two examples:

CyberCapture - analysis of unknown downloaded files, and isolating them so they can't do damage. They're first analyzed by our AI/machine learning, and if a detection cannot be made, it's sent to our Threat Labs for further analysis. Source:

Behavior Shield - real-time process monitoring to detect malicious activity on the fly. Source:

Where signatures come in is speeding up detections for known threats; an "unknown" threat can go to "known" very quickly with a system of layered protection that starts with pro-active detection.

To answer your initial question, it is possible that if the malware was "dropped" by a malicious process, simply opening the item could have compromised you, but it depends on the exact strain/variety that you were infected by.

On a side note, if it's something you're curious about we have a feature in certain versions of Avast that can "lock" files so nothing can edit or change them without your permission (Ransomware Shield) as an extra layer of assurance.

I hope all of this helps and gives some context for you! Stay safe :)
Mar 1, 2018
Thank you to all for your time and comments. It's been a grueling couple of weeks trying to find and restore files.

I understand that nothing is 100%. But the effects and nature of this attack indicate something closer to 0%. I'm taking Avast for a test drive.

Official Avast Representative... or anyone... whenever I check Spam Boxes there are always a lot of those no-subject emails from someone in my address book, but I know they're not sent by them. They typically contain a URL in the message body:

- To my earlier question, if I do not click on and open that link, can my system still be infected just by looking at and perhaps scrolling through the message?

- Does the fact that it's using addresses either from my address book; or from legitimate emails I've received; or from address books of the people that have sent me emails in the past, indicate where this malware thing exists? is it on the systems of people I know? Is there something on MY system?
Thread starter Similar threads Forum Replies Date
H Antivirus / Security / Privacy 1
B Antivirus / Security / Privacy 7
E Antivirus / Security / Privacy 1
N Antivirus / Security / Privacy 1
Me. Opanak Antivirus / Security / Privacy 1
DCB007 Antivirus / Security / Privacy 4
jeodrech828 Antivirus / Security / Privacy 1
non hacker Antivirus / Security / Privacy 1
V Antivirus / Security / Privacy 4
Colif Antivirus / Security / Privacy 0
SHIRO-XIV Antivirus / Security / Privacy 1
D Antivirus / Security / Privacy 3
S Antivirus / Security / Privacy 14
Paul Wagenseil Antivirus / Security / Privacy 6
Paul Wagenseil Antivirus / Security / Privacy 4
Paul Wagenseil Antivirus / Security / Privacy 19
F Antivirus / Security / Privacy 4
M Antivirus / Security / Privacy 7
J Antivirus / Security / Privacy 6
M Antivirus / Security / Privacy 6