Author Topic: Thank you Avast for password stealer... now i use MSE  (Read 4872 times)

0 Members and 1 Guest are viewing this topic.

hpguru

  • Guest
Thank you Avast for password stealer... now i use MSE
« on: August 02, 2010, 12:10:06 AM »
I just try MSE today with Full Scan and it found password stealer program!!!





Thank you Avast. Your AV full scan say today nothing found.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89438
  • No support PMs thanks
Re: Thank you Avast for password stealer... now i use MSE
« Reply #1 on: August 02, 2010, 12:21:48 AM »
I hope your happy with MSE until it doesn't detect something as there isn't a single security application that will give 100% protection.

I also hope you get the kind of support that you have got from these forums in the past.

Presumably you have confirmed that detection at VirusTotal.

This detection is in an old backup zip file, which is inert until you extract the file/s in side and try and run any executable at that point the file system shield would scan it. So there was no active password stealer (if the detection is correct) running on your system.

Archive files aren't scanned by default (see image1) for that very reason they are inert, so unless you did a custom scan and opted to scan all packers (image2) avast wouldn't have been scanning, so you would never know if avast would have detected it or not if you hadn't specifically scanned it.
« Last Edit: August 02, 2010, 12:31:47 AM by DavidR »
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.6.6121 (build 24.6.9241.848) UI 1.0.809/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

hpguru

  • Guest
Re: Thank you Avast for password stealer... now i use MSE
« Reply #2 on: August 02, 2010, 12:34:34 AM »
I delete this password stealer... But i surprised with this, but yes i know, that 100% protect is possibly just in nightmare.

I scan again on MSE with full scan and start use a Avast Free maybe. Because in my opinion Avast is better in features.
« Last Edit: August 02, 2010, 12:48:40 AM by hpguru »

hpguru

  • Guest
Re: Thank you Avast for password stealer... now i use MSE
« Reply #3 on: August 02, 2010, 12:39:23 AM »
This .zip is Windows Backup. Vista's backups on every sunday. So, it has been in my computer previously.

Avast must have been without detect it, because otherwise it would not have come to weekly autobackup. But MSE not found anything on Windows C://. Backup D:// has only this stealer on backup .zip...

But I get all the services normally with my passwords and i use most of this services LastPass, so there no need to manually write passwords.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76029
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Thank you Avast for password stealer... now i use MSE
« Reply #4 on: August 02, 2010, 12:40:04 AM »
i know, that 100% protect is possibly just in nightmare.

Huh..???
asyn
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Dch48

  • Guest
Re: Thank you Avast for password stealer... now i use MSE
« Reply #5 on: August 02, 2010, 12:49:57 AM »
This .zip is Windows Backup. Vista's backups on every sunday. So, it has been in my computer previously.

Avast must have been without detect it, because otherwise it would not have come to weekly autobackup. But MSE not found anything on Windows C://. Backup D:// has only this stealer on backup .zip...

But I get all the services normally with my passwords and i use most of this services LastPass, so there no need to manually write passwords.
Is it possible that LastPass is what is being detected by MSE as a "password stealer"?

hpguru

  • Guest
Re: Thank you Avast for password stealer... now i use MSE
« Reply #6 on: August 02, 2010, 12:52:08 AM »
Good question... What say other LastPass users?

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89438
  • No support PMs thanks
Re: Thank you Avast for password stealer... now i use MSE
« Reply #7 on: August 02, 2010, 01:35:11 AM »
Which is why it is best not to rush to judgement and fully investigate before deletion, once the nuclear button has been pressed there is no going back.

I have my doubts if it is lastpass (never used it) as surely that would show up in other such backup zips. You have to read deeper into the path displayed to see where this detection is found in the zip file and that appears to be in a firefox cache. So I don't believe lastpass would be saving stuff within the firefox cache.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.6.6121 (build 24.6.9241.848) UI 1.0.809/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

hpguru

  • Guest
Re: Thank you Avast for password stealer... now i use MSE
« Reply #8 on: August 02, 2010, 01:40:03 AM »
OK. I try MSE full scan again and download Avast Free back next.