Author Topic: Samples missed by avast (VirusTotal links only!)  (Read 414185 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Samples missed by avast (VirusTotal links only!)
« Reply #810 on: June 05, 2012, 11:04:04 PM »
See: htxp://vscan.urlvoid.com/analysis/e88bca0faa4901001e23d338727d9327/aW5kZXg=/
See: htxp://sitecheck.sucuri.net/results/www.wandelhalle-hamburg.de

reported to virus AT avast dot com,

polonus

Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Andrey,pro

  • Avast Überevangelist
  • Ultra Poster
  • *****
  • Posts: 5012
  • Things happen

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Samples missed by avast (VirusTotal links only!)
« Reply #812 on: June 06, 2012, 02:42:10 PM »
Hacktool or backdoor not detected by avast: htxp://zulu.zscaler.com/submission/show/61e0aaa070b0a7ac40098af1a3a433f0-1338986102
and VT results: htxps://www.virustotal.com/file/80725340b7830288dfe4969eb070a542516a040efc2c1e6473b6051d086f46ab/analysis/
reported to virus AT avast dot com,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!


true indian

  • Guest
Re: Samples missed by avast (VirusTotal links only!)
« Reply #814 on: June 08, 2012, 08:51:02 AM »
« Last Edit: June 09, 2012, 09:14:03 AM by true indian »

true indian

  • Guest
Re: Samples missed by avast (VirusTotal links only!)
« Reply #815 on: June 08, 2012, 09:48:55 AM »
Mal/FBJack-A   
detection missed...contains obfuscated Iframe..new Facebook HTML malware/spam..redirects to faked Jason Bieber video

https://www.virustotal.com/file/57726a46a0debac32dec0a06d1fa9df2b79566f2f8a2ef8754a66775e86f939c/analysis/1339141426/

reported to avast!
« Last Edit: June 08, 2012, 09:55:03 AM by true indian »

MDRockstar

  • Guest

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Samples missed by avast (VirusTotal links only!)
« Reply #817 on: June 09, 2012, 04:16:55 PM »
Hi MDRockstar,

This because the suspicious file ltastd.exe is flagged as riskware. It might be opened by avast to be run first in sandbox for evaluation,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Re: Samples missed by avast (VirusTotal links only!)
« Reply #818 on: June 09, 2012, 04:29:52 PM »
Not many of the larger AVs are detecting it either. Many that are are using heuristics and are calling it PUP or riskware.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Samples missed by avast (VirusTotal links only!)
« Reply #819 on: June 09, 2012, 04:50:45 PM »
Hi DavidR,

Thank you for confirming the PUP status. The poster probably sent it because of this report: http://systemexplorer.net/db/ltastd.exe.html

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Andrey,pro

  • Avast Überevangelist
  • Ultra Poster
  • *****
  • Posts: 5012
  • Things happen

Offline Left123

  • There Is No Patch For Human Stupidity.
  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 1048
  • Proud Community Member&Helper.
Re: Samples missed by avast (VirusTotal links only!)
« Reply #821 on: June 11, 2012, 08:51:42 PM »
This topic shall be closed,samples can be sent directly to AvastLab.If you want to increase your post count,think of something smarter.No offense but it's the true.
AMD Athlon(tm) X2 Dual-Core Processor 4200+ - 2.20 GHz,3,00 GB RAM -
Browser:Mozilla Firefox +WOT - SoftWare:CCleaner - Windows 7 32 bit
No Anti-Virus

Offline JuninhoSlo

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 849

true indian

  • Guest
Re: Samples missed by avast (VirusTotal links only!)
« Reply #823 on: September 03, 2012, 05:06:33 PM »
Was cleaning a computer infected with win8 security system and found that avast does not detect this rootkit that comes bundled along with this rogue.

https://www.virustotal.com/file/3945861e049199662423a539e96b0c49a904501e9aef02faa4da678633cbcc37/analysis/

Reported to avast!
« Last Edit: September 04, 2012, 06:39:37 PM by true indian »

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Samples missed by avast (VirusTotal links only!)
« Reply #824 on: September 03, 2012, 08:00:04 PM »
Hi true indian,

Subject had already been mentioned extensively  in an earlier thread here: http://forum.avast.com/index.php?topic=104668.0
Why did not you react there?

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!