Author Topic: Samples missed by avast (VirusTotal links only!)  (Read 369756 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33667
  • malware fighter
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!


true indian

  • Guest
« Last Edit: January 16, 2013, 04:53:39 PM by true indian »


spywar

  • Guest
Re: Samples missed by avast (VirusTotal links only!)
« Reply #934 on: March 03, 2013, 12:57:49 AM »
Why this thread is still open ?  :o
I don't think any analyst come everyday to check here best thing that works well is e mail submission chest or support/report virus to virus lab (in V8).

Offline !Donovan

  • Web Analyst
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2219
    • The WAR Against Malware
Re: Samples missed by avast (VirusTotal links only!)
« Reply #935 on: March 03, 2013, 06:10:07 AM »
https://www.virustotal.com/en/file/6013992376f054510ed02d6fff88c32275e152b3d32da05a92d5574562055176/analysis/1362258046/

Why would someone even think about downloading a .rar.zip when the installer can be downloaded from the official site? Makes no sense imo.
For those interested: http://www.jetbrains.com/phpstorm/

As for this topic, I'd assume it's useless. As shown in the above example, you would have no way of knowing where the user downloaded the offending content and rather it's legit or not. Such information can determine the difference between false positive and potential malware.
Familiarize Yourself! | Educate Yourself! | Beautify Yourself! | Scan Yourself!
"People who say it cannot be done should not interrupt those who are doing it."

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86803
  • No support PMs thanks
Re: Samples missed by avast (VirusTotal links only!)
« Reply #936 on: March 03, 2013, 02:15:06 PM »
I have said for ages this topic is a waste of time.

Most people post, but don't follow up: A. avast need the sample sent directly and more so B. when the signature is added then the post should be modified to reflect that it is now included.

On point B seeing that in this topic is rarer than rocking horse droppings.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.5.6015 (build 22.5.7263.730) UI 1.0.711/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline SpeedyPC

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3357
  • Avast shall conquer the whole world
Re: Samples missed by avast (VirusTotal links only!)
« Reply #937 on: March 03, 2013, 02:40:17 PM »
On point B seeing that in this topic is rarer than rocking horse droppings.

True and who is going to clean it up after rocking horse droppings ::).....................Not me I'm out and I would rather light a match ;D ;)
ASUS G75VX-T4153H | Avast Premium v22.6.6025 | Avast SecureLine VPN | Avast Secure Browser | Avast Driver Updater | Avast BreachGuard | W8.1 64bit | Firefox 64bit | Thunderbird 64bit | MBAM Premium | Adguard Premium | CryptoPrevent Premium | CCleaner Portable | MCShield | Macrium Reflect | 7-Zip

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37191
Re: Samples missed by avast (VirusTotal links only!)
« Reply #938 on: March 03, 2013, 02:45:10 PM »
Quote
On point B seeing that in this topic is rarer than rocking horse droppings.
you can buy that  ;)    .... only 6.50    http://thebigrockinghorse.com.au/?p=1305

 ;D

spywar

  • Guest
Re: Samples missed by avast (VirusTotal links only!)
« Reply #939 on: March 03, 2013, 02:47:14 PM »
I have said for ages this topic is a waste of time.

Most people post, but don't follow up: A. avast need the sample sent directly and more so B. when the signature is added then the post should be modified to reflect that it is now included.

On point B seeing that in this topic is rarer than rocking horse droppings.
No one is able to lock it ? ..

Offline SpeedyPC

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3357
  • Avast shall conquer the whole world
Re: Samples missed by avast (VirusTotal links only!)
« Reply #940 on: March 03, 2013, 02:49:26 PM »
Quote
On point B seeing that in this topic is rarer than rocking horse droppings.
you can buy that  ;)    .... only 6.50    http://thebigrockinghorse.com.au/?p=1305

 ;D

ROFLMAO ;D ;D ;D ;D Looks Rock Solid there ;)
ASUS G75VX-T4153H | Avast Premium v22.6.6025 | Avast SecureLine VPN | Avast Secure Browser | Avast Driver Updater | Avast BreachGuard | W8.1 64bit | Firefox 64bit | Thunderbird 64bit | MBAM Premium | Adguard Premium | CryptoPrevent Premium | CCleaner Portable | MCShield | Macrium Reflect | 7-Zip


true indian

  • Guest
Re: Samples missed by avast (VirusTotal links only!)
« Reply #942 on: March 05, 2013, 01:44:56 PM »

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33667
  • malware fighter
Re: Samples missed by avast (VirusTotal links only!)
« Reply #943 on: March 05, 2013, 03:35:21 PM »
The filename rabr.exe was last seen on 3.4.2013, and it is considered as unsafe.
Threat name
   Malware
Filename
   [System32Root]\rabr.exe
Filesize
   Unknown
Last seen
   3.4.2013
Status
   Known as unsafe.

This file can perform following behavior.

- File is created as process on the disk.

- This process can create, delete or modify files on the disk,

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!