Author Topic: Samples missed by avast (VirusTotal links only!)  (Read 373109 times)

0 Members and 1 Guest are viewing this topic.


Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86919
  • No support PMs thanks
Re: Samples missed by avast (VirusTotal links only!)
« Reply #301 on: January 27, 2011, 06:41:45 PM »
nice list

But a pretty pointless one as no one goes back and edits their posts when the malware sample is detected.

The links are of no use to avast, only physical samples can be analysed, so just send those to avast.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.9.6034 (build 22.9.7554.734) UI 1.0.728/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

chabbo

  • Guest
Re: Samples missed by avast (VirusTotal links only!)
« Reply #302 on: February 12, 2011, 12:20:48 PM »
one more problem are


i have See real malware on virustotal links but ppl Say its goodware just for lure other ppl,


Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86919
  • No support PMs thanks
Re: Samples missed by avast (VirusTotal links only!)
« Reply #303 on: February 12, 2011, 02:59:32 PM »
Are you really ready believe these anonymous people that you haven't a clue of their experience or intent, trust the weight of independent AV scanners rather anonymous comments.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.9.6034 (build 22.9.7554.734) UI 1.0.728/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security


Offline Marc57

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1944
  • KISS Rules The World!!!
    • KISS Army
You Wanted the Best You Got the Best the Hottest Band in the World KISS!!!

Offline Marc57

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1944
  • KISS Rules The World!!!
    • KISS Army
You Wanted the Best You Got the Best the Hottest Band in the World KISS!!!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33519
  • malware fighter
Re: Samples missed by avast (VirusTotal links only!)
« Reply #307 on: March 20, 2011, 05:29:00 PM »
Good find, Marc57,

Avast also misses out on Palevo alias G bot a bit here: http://amada.abuse.ch/?search=91.217.162.24
Click the virustotal analysis there...and see for yourself

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Left123

  • There Is No Patch For Human Stupidity.
  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 1048
  • Proud Community Member&Helper.
AMD Athlon(tm) X2 Dual-Core Processor 4200+ - 2.20 GHz,3,00 GB RAM -
Browser:Mozilla Firefox +WOT - SoftWare:CCleaner - Windows 7 32 bit
No Anti-Virus

Offline danny96

  • Malware Fighter
  • Advanced Poster
  • **
  • Posts: 668
  • No-malware!
« Last Edit: March 20, 2011, 08:01:02 PM by danny96 »
Real-time protection and Firewall: COMODO Internet Security 12.0.0.6810 -- Additional Protection: Web Of Trust, Ublock, NoScript, Malwarebytes Premium, Avast! Online Security, Hitman Pro -- OS: Windows 10

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67235
Re: Samples missed by avast (VirusTotal links only!)
« Reply #310 on: March 20, 2011, 07:37:07 PM »
danny96, did you submit the sample to avast? See #1 post of the thread.
The best things in life are free.

Offline danny96

  • Malware Fighter
  • Advanced Poster
  • **
  • Posts: 668
  • No-malware!
Re: Samples missed by avast (VirusTotal links only!)
« Reply #311 on: March 20, 2011, 07:39:34 PM »
danny96, did you submit the sample to avast? See #1 post of the thread.
It's not from my PC. Just looking at some trainers on website www.abecedaher.cz...
Real-time protection and Firewall: COMODO Internet Security 12.0.0.6810 -- Additional Protection: Web Of Trust, Ublock, NoScript, Malwarebytes Premium, Avast! Online Security, Hitman Pro -- OS: Windows 10

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76118
  • Urlaub/Vacation
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Samples missed by avast (VirusTotal links only!)
« Reply #312 on: March 20, 2011, 07:39:52 PM »
W8.1 [x64] - Avast PremSec 22.7.7366.BC [UI.713] - Firefox ESR 91.11 [NS/uBO/PB] - Thunderbird 91.11
Avast-Tools: Secure Browser 103.0 - Cleanup 22.2 - SecureLine 5.18 - DriverUpdater 22.2 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline danny96

  • Malware Fighter
  • Advanced Poster
  • **
  • Posts: 668
  • No-malware!
Re: Samples missed by avast (VirusTotal links only!)
« Reply #313 on: March 20, 2011, 07:43:31 PM »
trojan h@tkeysh@@k.dll
http://www.virustotal.com/file-scan/report.html?id=0740e9df2dbb197a3b1a62be505ea2657673a5a4485815d56db7a56b9c874281-1300646150
(had this in computer - very danger)

Well, avast dedects it. Look at your VT link. ;)

LOL sorry. But shouldn't be added detection for Avast! 4.8?
EDIT: Added next link
« Last Edit: March 20, 2011, 07:47:11 PM by danny96 »
Real-time protection and Firewall: COMODO Internet Security 12.0.0.6810 -- Additional Protection: Web Of Trust, Ublock, NoScript, Malwarebytes Premium, Avast! Online Security, Hitman Pro -- OS: Windows 10

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33519
  • malware fighter
Re: Samples missed by avast (VirusTotal links only!)
« Reply #314 on: March 20, 2011, 10:00:40 PM »
What is this TrjKrap.AZ? Not detected here as Win32:Malware-gen by avast: http://www.virustotal.com/url-scan/report.html?id=66c68e7cdb39871cf218bf320f42686b-1288938948
see file analysis: http://www.virustotal.com/file-scan/report.html?id=a5976124178be0ff7c864f3d74d36f372422bcca404d01697e6431f29dff8f9e-1288942583
Found here:
2011-03-20 20:28:31   htxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9   F0E35CDBDBB2B56003EFD859720BDFC7   184.85.147.191   US   TrjKrap.AZ
2011-03-20 20:28:29   htxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=7   F749BF47AB457E7F5670BE0B55C8DFA2   184.85.147.191   US   TrjKrap.AZ
See: htxp://jsunpack.jeek.org/dec/go?report=fbe72914baadd9d253939dad06b0b5ccf98a8e56
Found benign: http://wepawet.iseclab.org/view.php?hash=d2b1b6a4068971379ab528362d3ae0b2&t=1300654385&type=js
But see: http://www.pandasecurity.com/homeusers/security-info/218557/Krap.AZ/
Should be detected by avast as Win32:Malware-gen,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!