Author Topic: Strange Virus Signature!?  (Read 10065 times)

0 Members and 1 Guest are viewing this topic.

true indian

  • Guest
Strange Virus Signature!?
« on: December 13, 2012, 05:15:03 PM »
go there: http://www.avast.com/virus-update-history

Under 13.12.2012 - 121213-0
 
2nd line I see a signature named FileRepMalware is added to database.

Wondering what it is  ???  ;D

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33895
  • malware fighter
Re: Strange Virus Signature!?
« Reply #1 on: December 13, 2012, 05:30:55 PM »
Hi true indian,

FileRep knows if it’s naughty or nice
The new FileRep feature enables faster threat identification by sorting new, potentially dangerous files from known safe files. With hundreds of millions of executable files already in the cloud-based database, the goal of FileRep is to categorize all files on the web. Sourced from the CommunityIQ sensor network, this data helps avast! decide when questionable files should be placed in the AutoSandbox.
Info here: http://www.avast.com/pr-avast-software-detection-is-faster-when-filerep-knows-all-the-clean-files

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline RejZoR

  • Polymorphic Sheep
  • Serious Graphoman
  • *****
  • Posts: 9406
  • We are supersheep, resistance is futile!
    • RejZoR's Flock of Sheep
Re: Strange Virus Signature!?
« Reply #2 on: December 23, 2012, 10:16:19 AM »
I was searching for FileRepMalware because i got this detection during testing and i found this thread. Here is an image of the detection in action on a real live malware.



It seems that avast! can now directly flag certain files that only have malicious reputation without placing them in the Auto Sandbox for further evaluation.
Visit my webpage Angry Sheep Blog

true indian

  • Guest
Re: Strange Virus Signature!?
« Reply #3 on: December 23, 2012, 11:41:07 AM »
Nice! avast! is going the correct way  ;)

Offline igor

  • Avast team
  • Serious Graphoman
  • *
  • Posts: 11849
    • AVAST Software
Re: Strange Virus Signature!?
« Reply #4 on: December 23, 2012, 01:14:31 PM »
It seems that avast! can now directly flag certain files that only have malicious reputation without placing them in the Auto Sandbox for further evaluation.

Yes, that's true.
It's not necessarily about reputation though (a reputation alone wouldn't be enough for a full detection, it has to be backed up by some analysis).
It's more about using some powerful hardware (the last image here, in particular - pity you can't see the nice "cooling tower") to perform a clever analysis of incoming malware samples, and then connecting it to the FileRep infrastructure to distribute the new detections at the maximum possible speed.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Strange Virus Signature!?
« Reply #5 on: December 23, 2012, 01:22:02 PM »
1. I was searching for FileRepMalware because i got this detection during testing and i found this thread. Here is an image of the detection in action on a real live malware.

2. It seems that avast! can now directly flag certain files that only have malicious reputation without placing them in the Auto Sandbox for further evaluation.

1. RejZoR, thanks for the screenshot.
2. That's great.
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48550
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Strange Virus Signature!?
« Reply #6 on: December 23, 2012, 03:35:27 PM »
@igor,
Are you managing to keep the gamers away ???  ;D  Wouldn't mind a toy like that for Christmas. :)
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89023
  • No support PMs thanks
Re: Strange Virus Signature!?
« Reply #7 on: December 23, 2012, 04:36:34 PM »
@igor,
Are you managing to keep the gamers away ???  ;D  Wouldn't mind a toy like that for Christmas. :)

Your household power supply probably couldn't handle it or the electricity bill ?
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.3.6108 (build 24.3.8975.762) UI 1.0.801/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48550
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Strange Virus Signature!?
« Reply #8 on: December 23, 2012, 04:42:51 PM »
@igor,
Are you managing to keep the gamers away ??? ;D  Wouldn't mind a toy like that for Christmas. :)

Your household power supply probably couldn't handle it or the electricity bill ?
I guess if I ever get back to Prague, I'll see if I can watch this super duper computer in action. :)
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet


Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89023
  • No support PMs thanks
Re: Strange Virus Signature!?
« Reply #10 on: December 23, 2012, 06:07:29 PM »
Well that pretty much confirms the detection by filerep and looks like that has filtered through to be a part of the win32:Malware-gen signature.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.3.6108 (build 24.3.8975.762) UI 1.0.801/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

spywar

  • Guest
Re: Strange Virus Signature!?
« Reply #11 on: December 26, 2012, 09:44:35 AM »
Glad to know .. This FileRep is going to be very powerfull with the time.