Author Topic: Samples missed by avast (VirusTotal links only!)  (Read 413641 times)

0 Members and 2 Guests are viewing this topic.



Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33885
  • malware fighter
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

razoreqx

  • Guest
Re: Samples missed by avast (VirusTotal links only!)
« Reply #558 on: December 21, 2011, 05:50:09 PM »


Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33885
  • malware fighter
Re: Samples missed by avast (VirusTotal links only!)
« Reply #560 on: December 21, 2011, 09:19:56 PM »
Hi razoreqx,

This is what I get back  from abad iFrame detektor scan:

Check took 6.06 seconds

(Level: 0) Url checked:
-http://we-care.com
Zeroiframes detected on this site: 0
No ad codes identified

(Level: 1) Url checked: (script source)
-http://www.we-care.com/templates/ac_runactivecontent.js
Blank page / could not connect
No ad codes identified

(Level: 1) Url checked: (script source)
-http://www.we-care.com/templates/wc.js
Blank page / could not connect
No ad codes identified

(Level: 1) Url checked: (script source)
-http://www.we-care.com/templates/fat.js
Blank page / could not connect
No ad codes identified

(Level: 1) Url checked: (script source)
-http://we-care.com//scripts/jquery.js
Blank page / could not connect
No ad codes identified

(Level: 1) Url checked: (script source)
-http://tag.didit.com/js/tman_iframe.js
Zeroiframes detected on this site: 1
No ad codes identified

(Level: 2) Url checked: (iframe source)
-http://tag.didit.com/js/+d+
Blank page / could not connect
No ad codes identified

(Level: 2) Url checked: (script source)
-http://tag.didit.com/js/+scriptstr;jscall+=&tmlogit=0;if(tmparam.tmcampid||tmparam.levrev||tmparam.levresdes)window.tmcbrequired=1;jscall+=&tmtag=js
Blank page / could not connect
No ad codes identified

(Level: 1) Url checked: (script source)
-http://www.google-analytics.com/urchin.js
Zeroiframes detected on this site: 0
No ad codes identified

see (embed) -cdn.we-care.com/Content/SWF/titles.swf?tvalue=Responsible+Shopping+and+the+We-Care.com+Community&tcolor=0xFF6600

All there will redirect eventually to appnexus.com an ad retargeter with not such a very good web rep:
http://www.mywot.com/en/scorecard/appnexus.com
http://www.webutation.net/go/review/appnexus.com

polonus
« Last Edit: December 21, 2011, 09:35:25 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33885
  • malware fighter
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37491
  • Not a avast user

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33885
  • malware fighter
Re: Samples missed by avast (VirusTotal links only!)
« Reply #563 on: December 22, 2011, 12:36:40 AM »
Hi Pondus,

You are right status: offline. But avast did not have had it, if it had been up and alive,

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37491
  • Not a avast user
Re: Samples missed by avast (VirusTotal links only!)
« Reply #564 on: December 22, 2011, 12:41:13 AM »
sooner or later they recive it from VT

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67197
Re: Samples missed by avast (VirusTotal links only!)
« Reply #565 on: December 22, 2011, 01:54:05 AM »
What? CNET is messing firewall rules? Is it posible? Am I reading correctly?
The best things in life are free.

razoreqx

  • Guest
Re: Samples missed by avast (VirusTotal links only!)
« Reply #566 on: December 22, 2011, 02:42:12 AM »
What? CNET is messing firewall rules? Is it posible? Am I reading correctly?

User desktop firewalll... Not parameter fw...  the details are in the sandbox output


Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33885
  • malware fighter
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67197
Re: Samples missed by avast (VirusTotal links only!)
« Reply #569 on: December 24, 2011, 12:50:50 AM »
Polonus: we'll never thank you enough for helping improving deteccion. Merry Christmas.
The best things in life are free.