Avast WEBforum
Other => General Topics => Topic started by: Coolmario88 on October 31, 2010, 07:54:19 AM
-
I Hope this is the place to ask this.. I download a program called WPE pro and i opened it up saw it can target other programs and well i am thinking it may not be safe to use now it has a .dll file called WinSpy.dll that is attached to the program it targets. so anyways how do i report the .dll and the program itself to avast?
-
avast! Contacts
http://www.avast.com/contacts
asyn
-
avast! Contacts
http://www.avast.com/contacts
asyn
Should I Zip the Files?
-
Should I Zip the Files?
Yes.
Also use a password for the archive. (Add PW to your mail)
asyn
-
Should I Zip the Files?
Yes.
Also use a password for the archive. (Add PW to your mail)
asyn
Hotmail told me i can't send a infected file.
Edit: It says the file is a unknown Virus
-
did you password protect the zip.file ?
-
did you password protect the zip.file ?
I Don't know how to in windows 7.
-
if you try to send a file not password protected tru the mail then the spam/virus filter on the outgoing or incoming mailserver will remove/delete the attachment if detected
In your case that will be Trend Micro (Hotmail use TrendMicro) on out/in mailserver, and as you see Trend detect these samples........
and then you have the recivers mailservers if the first did not detect...
by the way avast! 5.0 already detect this if i have tested the same sample
WPE PRO.exe - 38/43
http://www.virustotal.com/file-scan/report.html?id=d5dff0e8eb5d25b4f7fe47c141d23306417db94e50873c9737b7461fda391a64-1288509526
WpeSpy.dll - 35/43
http://www.virustotal.com/file-scan/report.html?id=f0dc0e0813b1c63f9c6e9250558cbb1ff255ce2f077c1fc84f7f8f1efee69f62-1288509534
-
It is easyest if you download and use use 7.zip, then you just right click the file, put in name and password in the box that pop`s up click OK and done
How to
http://www.google.com/search?sourceid=opera-portal&q=how+to+password+protect+zip+files+in+win7&client=opera-portal&channel=portal
-
by the way avast! 5.0 already detect this if i have tested the same sample
WPE PRO.exe - 38/43
http://www.virustotal.com/file-scan/report.html?id=d5dff0e8eb5d25b4f7fe47c141d23306417db94e50873c9737b7461fda391a64-1288509526
WpeSpy.dll - 35/43
http://www.virustotal.com/file-scan/report.html?id=f0dc0e0813b1c63f9c6e9250558cbb1ff255ce2f077c1fc84f7f8f1efee69f62-1288509534
Avast is to date with definitions and it don't dectect it the site i heard about it was cpcheats.info
Edit: The file that is in the zip folder is calls itself wpepro09x
-
from where did you download it ?
-
from where did you download it ?
McAfee Siteadvisor TOOLBAR says the website is unsafe
-
OK you can remove the download link now
That is the same MD5 as on the samples i tested on VT ?
Sample sendt avast! ;)
-
Odd Avast isn't dectecting it for me But I just Turn on windows defender and did a quick scan and it found the files
-
OK you can remove the download link now
That is the same MD5 as on the samples i tested on VT ?
Sample sendt avast! ;)
Thanks i will let Windows Defender safetly remove them :)
-
Woah! i just went to make Sure avast was updated and it wasn't :-\ Than i scanned those files that i put in virus chest and avast dectects it
Edit: if i scan the file itself it don't dectect them but in the virus chest it dectects them
-
Strange thing, opening that zip.file on my avast comp give no avast detection, scanning the file`s no avast! detection ???
MalwarebytesPRO detect both
-
OK avast! have answered my mail ....... fantastic, that is the first time .....Thank You
Hello,
thank you for sending samples. They are already detected in current VPS (101030-0). They are detected as PUP -- so you need to enable reporting PUP detections in avast! 5 settings.
So that should explain it ;)
There should be changes to the VT scanner then, so that it will show when it detect something as PUP
-
OK avast! have answered my mail ....... fantastic, that is the first time .....Thank You
Hello,
thank you for sending samples. They are already detected in current VPS (101030-0). They are detected as PUP -- so you need to enable reporting PUP detections in avast! 5 settings.
So that should explain it ;)
Thanks for the info, Pondus..! :)
asyn
-
from where did you download it ?
McAfee Siteadvisor TOOLBAR says the website is unsafe
I would not recommend McAfee SiteAdvisor TOOLBAR as it is un-reliable:
Wednesday 14 November 2007 - SiteAdvisor Plus: Great program, shame about the support
SiteAdvisor Plus: Great program, shame about the support
http://phishing.mysteryfcm.co.uk/?mode=Articles&date=14-11-2007
I recommend Finjan SecureBrowsing:
http://securebrowsing.finjan.com
-
How do i enable reporting PUP detections in avast! 5 settings ???
-
And also on avast File Shield in expert settings exclustions i see *\firefox\profiles\*sessionstore*.js and i don't have firefox installed on my computer is it safe to delete that? or no
-
And also on avast File Shield in expert settings exclustions i see *\firefox\profiles\*sessionstore*.js and i don't have firefox installed on my computer is it safe to delete that? or no
Well it isn't in mine, so it wasn't entered by default for me, though on my other system I actually entered it manually.
If you have/had firefox and depending on your firefox settings you would have multiple sessionstoreX.js files, which would be constantly updated and that would trigger an avast scan.
If you are no longer using firefox then this exclusion will have zero impact or overhead and won't hurt.
-
So How Do I Get Avast To Dectect The PUP program ???
-
PUPs are detected by default in the File System Shield (FSS) and in the right click scan by ashQuick.exe.
It is only in the Quick and Full System scans where you can't select it, Sensitivity, PUP and suspicious files options are greyed out. If you want the avast on-demand scans to check for PUPS you would need to create a Custom scan and select the option.
Given the FSS covers this if they are run, I see little point in bothering with this on an on-demand scan as they are inert/dormant at the time of the on-demand scan. Should they become active, e.g. run then the FSS would first scan and presumably alert.
-
It is only in the Quick and Full System scans where you can't select it, Sensitivity, PUP and suspicious files options are greyed out. If you want the avast on-demand scans to check for PUPS you would need to create a Custom scan and select the option.
Sorry, you're wrong on that, Dave.
There's a button to turn PUP scanning on/off in the Quick & Full scan detailed view.
I have it enabled for both scans...
asyn
-
Yes, you are correct, I was looking deeper inside the Expert Settings.