Author Topic: old virus samples are not detected in my vmware system  (Read 6545 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
old virus samples are not detected in my vmware system
« on: December 10, 2015, 04:22:54 AM »
i am in vmware  workstation 11 using windows 7 64 bit

using latest avast version

i noticed the issue after i  was  testing avast  with zoo samples
but  there still not detected when i scan them there is  958  files undetected but i know  there allready detected

but   the main issue is there not detected at scan

i do not know if this is  a vmware issue or what but seems so or avast issue    i installed  some windows updates but issue is still here

please  help me find a fix for this issue
« Last Edit: December 10, 2015, 08:14:14 AM by julevine »

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37614
  • Not a avast user
Re: old virus samples are not detected in my vmware system
« Reply #1 on: December 10, 2015, 08:20:23 AM »
Quote
but i know  there allready detected
Post some virustotal scan links of those samples .... then maybe somone from avast team have a answer?


Offline Milos

  • Avast team
  • Super Poster
  • *
  • Posts: 2297
Re: old virus samples are not detected in my vmware system
« Reply #2 on: December 10, 2015, 10:48:28 AM »
Hello,
because of reducing VPS size, there (avast v9+) were removed old detections which were not seen in our userbase for long time.

Milos

REDACTED

  • Guest
Re: old virus samples are not detected in my vmware system
« Reply #3 on: December 10, 2015, 11:17:34 PM »
i will check  later for sample detection on virustotal and check samples if there  working or not

there so many that i cant do them  all so tomorrow  i will try to make my report
« Last Edit: December 11, 2015, 08:12:32 AM by julevine »

REDACTED

  • Guest
Re: old virus samples are not detected in my vmware system
« Reply #4 on: December 14, 2015, 02:26:16 AM »
i tested some  of the samples and  some ran with out deep screen blocking them and some were blocked from deep screen and some were detected from background  scanner somehow

the weirdest was  1 was detected  then next one was not from deep screen  but sample was in same family just a different variant

it something  that has to do with vmware system  and avast
 

i posted  a ticket to support for help
« Last Edit: December 14, 2015, 02:28:38 AM by julevine »

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31078
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: old virus samples are not detected in my vmware system
« Reply #5 on: December 14, 2015, 10:43:27 AM »
Don't forget that some things are only detected on-access and/or when PUP scanning is enabled.
Have you checked that within the VM ?

REDACTED

  • Guest
Re: old virus samples are not detected in my vmware system
« Reply #6 on: December 17, 2015, 08:35:30 AM »
i had  pup enabled  iv tried everything  same issue
« Last Edit: December 17, 2015, 08:37:01 AM by julevine »

Offline Asyn

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 76032
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: old virus samples are not detected in my vmware system
« Reply #7 on: December 17, 2015, 09:36:21 AM »
See Reply #2.
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

REDACTED

  • Guest
Re: old virus samples are not detected in my vmware system
« Reply #8 on: December 19, 2015, 03:05:26 AM »
i saw reply 2 but does not explain  my problem  it more complicated it some kind  of detection issue
« Last Edit: December 19, 2015, 08:34:37 AM by julevine »

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37614
  • Not a avast user
Re: old virus samples are not detected in my vmware system
« Reply #9 on: December 19, 2015, 12:02:02 PM »
i saw reply 2 but does not explain  my problem  it more complicated it some kind  of detection issue
See reply Nr#1


REDACTED

  • Guest
Re: old virus samples are not detected in my vmware system
« Reply #10 on: December 20, 2015, 04:22:36 AM »
i made a list of the files  md5 hashes

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37614
  • Not a avast user
Re: old virus samples are not detected in my vmware system
« Reply #11 on: December 20, 2015, 04:53:58 AM »
https://www.virustotal.com/en/file/ee8d8b99e959d725f2183934143fb3d680352d548f440f6d25f3b56a1db5ab8f/analysis/
MS-DOS executable, NE for MS Windows 3.x     First submission 2009-06-11 13:59:07 UTC ( 6 years, 6 months ago )   


https://www.virustotal.com/en/file/883d90329559658962f209f3c4548667cd5f60f465c2f734f22805cfbe6a2902/analysis/
File type Text    First submission 2009-02-03 16:40:59 UTC ( 6 years, 10 months ago )

https://www.virustotal.com/en/file/ea1f86ceae4698e6acd45920110e385f7833b799b8e2dbda7aeb9c8c05f405a5/analysis/
First submission 2006-06-14 08:04:04 UTC ( 9 years, 6 months ago )



 
« Last Edit: December 24, 2015, 09:09:19 AM by Pondus »

REDACTED

  • Guest
Re: old virus samples are not detected in my vmware system
« Reply #12 on: December 21, 2015, 08:09:50 AM »
i made you a list  of the  hashes so it would be easier on me
it would take me forever to  rescan all files on virus total

i hope it helped because i can not figure out the problem

my support ticket is /tickets/63917
it been 10 days
« Last Edit: December 22, 2015, 03:53:40 AM by julevine »

Offline HonzaZ

  • Avast team
  • Advanced Poster
  • *
  • Posts: 1038
Re: old virus samples are not detected in my vmware system
« Reply #13 on: December 22, 2015, 08:44:15 PM »
As Milos explained earlier:
because of reducing VPS size, there (avast v9+) were removed old detections which were not seen in our userbase for long time.
That's it :)

REDACTED

  • Guest
Re: old virus samples are not detected in my vmware system
« Reply #14 on: December 24, 2015, 08:25:14 AM »
the thing i do not understand is why  deep screen does not have a generic  detections for there behavior  example  file infection  behavior and other malicious   behavior
« Last Edit: December 25, 2015, 12:20:07 AM by julevine »