Author Topic: A question about the different reactions to 2 virus files (Read 4208 times)

Nishui Xiao · « **on:** March 18, 2012, 08:51:23 AM »

I wanna ask a question about the different reactions to 2 files with the filename extension-”dll”.
The two files both can be detected by avast! Scanner , however, the dll1 can also be detected by Real-Time Shields<file system shield(if decompressed from the ZIP) & web shield(if downloaded from the internet)> when the dll2 just can be detected by avast! Scanner. The Heuristic sensitivities of the Scanner and the Shield are set in the same way.I wanna know the reason for the difference）
The two files is as follows，the passwords of the ZIP files are both ”infected ”.
http://115.com/file/e7bn8w93#dll1.zip
http://115.com/file/dp7zvpuw#dll2.zip

Pondus · « **Reply #1 on:** March 18, 2012, 10:42:09 AM »

upload the file(s) to www.virustotal.com and test with 40+ malware scanners
when you have the result, copy the URL in your addressbar and post it here for us to see

Nishui Xiao · « **Reply #2 on:** March 18, 2012, 01:22:48 PM »

Quote from: Pondus on March 18, 2012, 10:42:09 AM

upload the file(s) to www.virustotal.com and test with 40+ malware scanners
when you have the result, copy the URL in your addressbar and post it here for us to see

It seemed that you didn't understand what I wanna know,As a matter of fact,I don't care whether the files are real viruses ,I just wanna know why the Dll2 can only be detected by avast! scanner (it can't be detected by Real-Time Shields).It's confusing and strange,isn't it?

Pondus · « **Reply #3 on:** March 18, 2012, 01:33:11 PM »

Quote

It seemed that you didn't understand what I wanna know

yes i do....
and by posting the info from Virustotal someone may be able to answer the question

The VT scan will not only give detection info but also some file info, and this may help

Nishui Xiao · « **Reply #4 on:** March 18, 2012, 01:47:09 PM »

Quote from: Pondus on March 18, 2012, 01:33:11 PM

Quote
It seemed that you didn't understand what I wanna know
yes i do....
and by posting the info from Virustotal someone may be able to answer the question

The VT scan will not only give detection info but also some file info, and this may help

https://www.virustotal.com/file/dddd8928619ac7b395bf419b869e4612f831097c235bc9af824886c802fbe040/analysis/1332074384/
o(∩_∩)o the report of Dll2~

Pondus · « **Reply #5 on:** March 18, 2012, 02:00:40 PM »

wasn`t it two files ?

and if you now click the "additional information" button at the bottom, you see all the extra info

Nishui Xiao · « **Reply #6 on:** March 18, 2012, 02:09:24 PM »

Quote from: Pondus on March 18, 2012, 02:00:40 PM

wasn`t it two files ?

and if you now click the "additional information" button at the bottom, you see all the extra info

The dll1 can be detected by both avast!scanner &avast! Realtime Shield,so i don't think it necesesarry to post it on……I still disunderstand why the dll2 can be detected by scanner only……
dll1 report：https://www.virustotal.com/file/2efce674947124902085948be30cb542610a211c8068300f82388c9e253f9a8c/analysis/1332075307/

Author Topic: A question about the different reactions to 2 virus files (Read 4208 times)

Nishui Xiao

A question about the different reactions to 2 virus files

Pondus

Re: A question about the different reactions to 2 virus files

Nishui Xiao

Re: A question about the different reactions to 2 virus files

Pondus

Re: A question about the different reactions to 2 virus files

Nishui Xiao

Re: A question about the different reactions to 2 virus files

Pondus

Re: A question about the different reactions to 2 virus files

Nishui Xiao

Re: A question about the different reactions to 2 virus files