Forum friends,

For additional protection rely on the vital protection of the avast shields!

Trying to get a file with malzilla -http://www.diskmania.co.kr/program/fileinfo.asp?filename=download_virusfile.php-sid-30122386.exe Filehash cfcd208495d565ef66e7dff9f98764da
See: http://www.virustotal.com/url-scan/report.html?id=366d07793f0a9debd17cad9f3339dbff-1320076439
Malware for domain=211.115.80.37 mainly not up, closed or dead - unknown_html_RFI_php, Exploit.JS.Pdfka.deo, TR/Dldr.Agent.fyxr.1 (dead)
Funny a scan here was fiven clean: http://vscan.urlvoid.com/analysis/cfcd208495d565ef66e7dff9f98764da/ZmlsZWluZm8tYXNw/
and http://wepawet.iseclab.org/view.php?hash=fe2a588eff177e8e99b01b459c5cf784&t=1320081221&type=js
But avast webshield blocks: js:ScriptPE-inf [Trj]

polonus

The only thing i would like to say is that,it is essential that Avast’s shields be reliable.

Hi Left123,

That is a true word, what you are saying there. But in the light of all the malware mitigation you see online all the time & all of the time (see VirusWatch recent reports and other online resources)full real time protection is not that easy to be realized. For instance is this covered? http://amada.abuse.ch/?search=4533deb3700b3b2ad021debb2bd374f0
Avast should flag this malware as Win32:Dropper-IBW [Drp] or a form of heurist. KRYPTIC dropper
I have to conclude it is not detecting here: http://www.virustotal.com/file-scan/report.html?id=7923348acbbaa9e7afb1c9595958d7aa2f3aad51c52e8884ed066bbe5e6c485c-1320083407
correct - now detected: http://www.virustotal.com/file-scan/report.html?id=7923348acbbaa9e7afb1c9595958d7aa2f3aad51c52e8884ed066bbe5e6c485c-1320597033

polonus