Good avast detection for HTML:Allaple-A [Wrm]

[polonus]

Good that we are being protected by avast against this malware found here on this High Risk Page:
http://siteinspector.comodo.com/public/reports/show_log?id=48226
See: http://www.virustotal.com/url-scan/report.html?id=eb3d735f79cf0f8232758729286e9d64-1325284338
See: http://www.virustotal.com/url-scan/report.html?id=eb3d735f79cf0f8232758729286e9d64-1325284338
Site has very low web rep: http://www.webutation.net/go/review/acs207.rev.netart.pl
seen to Trustworthiness
MD5   : 7342932943701f1473f48f761d9612f1
Malware of the Allaple virus family is a highly polymorphic worm that propagates across the Local Area Network.

writes itself to the infected computer in multiple locations, including folders where HTML files are stored. It then modifies the registry to reference a unique CLSID pointing to this file and modifies the HTML (.htm and .html) files to execute this CLSID when the HTML file is executed. These modified HTML files are detected as Virus:HTML/Allaple.A.

Link author of Analysis Quote = Elda Dimakiling of MS /Threat/Encyclopedia

FileType Statistics
FileType:   
100.0% (.HTML) HyperText Markup Language (3000/1/1)

polonus

[Left123]

Good side of Avast 

[polonus]

Hi Left123,

Avast also finds hotbar up now as PUP: http://www.virustotal.com/file-scan/report.html?id=1f44d0f97be72b060f75bb8478fd096dbafc07b0ff3b2eb732a3843b96ed2572-1325289622
See: http://urlquery.net/report.php?id=14119
But we go on trying to look for avast blind spots, do not worry   

polonus

[true indian]

polonus the link to VT file scan is down now...

[polonus]

Hi true indian,

That is VT with recent results at the moment, but avast detects, see the image of result page as attached,

polonus