Suspicious URL - now off the Avast Block list!

[HyperGeek]

Hello,

Firstly, I kinda ran upto dead-end with my earlier post http://forum.avast.com/index.php?topic=80593.0 (the topic just died as I could not get anyone's attention - so was wondering if there was a tech issue) - I would highly appreciate any response to my queries in it as it would get me some peace of mind!

What I wonder, is that if I scan the domain hxxp://pda.angelbolt.in even today, at Virus Total page and Symantec Norton Safeweb pages, they still find something fishy with the domain/url.

The thing is, the URL hxxp://pda.angelbolt.in/downloads/angel%20PDA.exe (from my original post) however, now seems to be clean as per Virus total.

What I'm really curious to know is when Sirmer replied to my post that the Avast team will stop blocking the whole URL from next VPS - does this mean it's clean?

Secondly, I ran full scans with Avast 6.0 Free (updated) and MBAM 1.51 free (updated) - they found nothing - am running on Win XP Pro SP3 with Avast on full shields on.

I am wondering if there is a safe combo of apps to use - below is what I'm contemplating - any views are appreciated:
- Win XP Pro SP3 (fully updated) - Windows Firewall Enabled
- Avast 6.0 Free (updated with all real-time shields on)
- MBAM 1.51 Free (on demand only and NO real-time shields since its free version)
- SuperAntiSpyware 4.55 Free (on demand only and NO real-time shields since its free version)
- CCleaner
- Google Chrome

- Also, whether there is a need to add exclusions for MBAM and SAS in Avast and vice-versa (since both MBAM & SAS free versions don't come with Real-time protection and are on-dmd only?) I haven't had any issues till date but just want to know if it's required?

Thanks,
HG

[Pondus]

VirsusTotal - angel PDA.exe - 5/42
http://www.virustotal.com/file-scan/report.html?id=fe00e2e12e720f9b2a241f8055d57b28b9edf7e20658ed33c224a49bf29dd33e-1309678742


sigcheck:
publisher....: Angel Broking Ltd, Inc.
copyright....:
product......: Angel PDA 5
description..: Angel PDA 5 Setup
original name: n/a
internal name: n/a
file version.: 5.0.0.5
comments.....: This installation was built with Inno Setup.
signers......: Angel Broking Ltd
 VeriSign Class 3 Code Signing 2009-2 CA
 Class 3 Public Primary Certification Authority
signing date.: 11:07 01/07/2011
verified.....: -






URLVoid report

Report   2011-06-27 18:12:30 (GMT 1)
Website   pda.angelbolt.in
Domain Hash   b6255704bf702690a10f80037f0c14df
IP Address   220.226.206.124 [SCAN]
IP Hostname   -
IP Country    IN (India)
AS Number   18101
AS Name   RELIANCE-COMMUNICATIONS-IN Reliance Communica...
Detections   5 / 23 (22 %)
Status   DANGEROUS
      
Scanning site with:   AMaDa     CLEAN
Scanning site with:   BrowserDefender     DETECTED
Scanning site with:   DNS-BH     CLEAN
Scanning site with:   DShield SDL     CLEAN
Scanning site with:   Google Diagnostic     CLEAN
Scanning site with:   hpHosts     UNRATED
Scanning site with:   joewein.de LLC     CLEAN
Scanning site with:   Malc0de     CLEAN
Scanning site with:   Malware Domain List     CLEAN
Scanning site with:   Malware Patrol     DETECTED
Scanning site with:   MyWOT     DETECTED
Scanning site with:   Norton SafeWeb     DETECTED
Scanning site with:   ParetoLogic URL Clearing House     CLEAN
Scanning site with:   PhishTank     CLEAN
Scanning site with:   SCUMWARE     CLEAN
Scanning site with:   SpamhausDBL     CLEAN
Scanning site with:   SURBL     CLEAN
Scanning site with:   Threat Log     CLEAN
Scanning site with:   Trend Micro Site Safety Center     DETECTED
Scanning site with:   URIBL     CLEAN
Scanning site with:   VSCAN     CLEAN
Scanning site with:   Web Security Guard     UNRATED
Scanning site with:   ZeuS Tracker     CLEAN

[Pondus]

- Also, whether there is a need to add exclusions for MBAM and SAS in Avast and vice-versa (since both MBAM & SAS free versions don't come with Real-time protection and are on-dmd only?) I haven't had any issues till date but just want to know if it's required?

never had any problems with it and i even run MBAM pro and SAS pro at the same time for a while

[HyperGeek]

- Also, whether there is a need to add exclusions for MBAM and SAS in Avast and vice-versa (since both MBAM & SAS free versions don't come with Real-time protection and are on-dmd only?) I haven't had any issues till date but just want to know if it's required?

never had any problems with it and i even run MBAM pro and SAS pro at the same time for a while

Thanks Pondus, if you are having no issues with the pro versions running at the same time (and I presume you use Avast for AV and with no exclusions added in any of these programs), I guess I should be fine with the free versions

Interesting to note VirusTotal and URL Void's findings on the exe as well as the URL I shared... however, since I know its from my broking house, I decided to download the exe to my system and test it with Avast and MBAM - both come out clean...

Also, can you tell me who decides (from the Avast team I mean) to stop blocking a URL when its reported by the user as a possible false positive? Sirmer just mentioned that they will stop blocking the URL (in my old thread) - never could figure out why?

And, any views on Zone Alarm Free Firewall version 9.2 that's out recently? Its reviews are good and unlike its past, developers have done a real good job at making it light and yet powerfully effective. I'm thinking of using Avast Free 6.0 for AV and Zone Alarm Free for firewall in place of the default Windows 7 firewall (windows defender)...

Would you know How compatible is Avast with Windows defender (win 7 ultimate default firewall)?

[Pondus]

Norman analysis

angel_PDA.exe : Clean!

[Pondus]

And, any views on Zone Alarm Free Firewall version 9.2 that's out recently? Its reviews are good and unlike its past, developers have done a real good job at making it light and yet powerfully effective. I'm thinking of using Avast Free 6.0 for AV and Zone Alarm Free for firewall in place of the default Windows 7 firewall (windows defender)...

i dont like it..... my favorite is Outpost free..almost fully automatic
http://filehippo.com/download_outpost_firewall/

Would you know How compatible is Avast with Windows defender (win 7 ultimate default firewall)?

to my knowledge it should work fine...
just dont do a avast! custom scan and select "scan memory" or you will get some strange results

[HyperGeek]

Thanks! I'll surely check out Outpost firewall then... infact I did come across the name on quite a few forums and users talking good stuff about it >> Is there a need to add exclusions for Avast in Outpost or vice-versa?

- Also, can you tell me who decides (from the Avast team I mean) to stop blocking a URL when its reported by the user as a possible false positive? Sirmer just mentioned that they will stop blocking the URL (in my old thread) - never could figure out why?

---->> was wondering if you can throw some light on this?

[DavidR]

I replied to your other topic, so check back to that.

[Pondus]

if you want to run Outpost free with Win7 there is a trick  (win7 not supported)

http://www.sevenforums.com/system-security/10310-how-make-outpost-firewall-free-work-w7.html

[DavidR]

The stand alone outpost free firewall is no longer supported. This forum topic is just over two years old, so won't be the outpost firewall free/suite 7.1.

I ran Outpost Free Suite (7.1) with win7 that version is OK with win7 or it was for me and no need for the hack mentioned in the forum to install in win7 compatibility mode.

[HyperGeek]

Thanks Guys for your responses and views, regards...HG

[DavidR]

You're welcome.