Hello,
Very weird this report… Any thoughts?
Thanks for your time,
BrBrasil
Hello,
Very weird this report… Any thoughts?
Thanks for your time,
BrBrasil
Download and test it… same results. I tried max heuristics but no changes.
Cracked software, here is the link (for analysis):
hxxp://www.easy-share.com/1905038261/1905038261
-Whole archive
http://www.virustotal.com/analisis/b21f0c82958ca1a329cb861bc96896607c61b0c2d3f77ffbfe49e627a7b1da3b-1273065370
Result: 32/41 (78.05%)
-Suspicious file inside archive (patch.exe)
http://www.virustotal.com/analisis/3d61d8a7c4c5c1f7fafc29f0f819a01dd2a9c99acfc57d6b8e85a3550a92e23b-1273065476
Result: 33/41 (80.49%)
Avast5 has different scanning engine so this happens? But new engine should detect as old one does…
Damn… :-[
This is a shame… Very said… :-[
What’s very sad about this? Missing a false positive? The file is a crack, not a malware.
The first and the third files are not just “cracks”, they are trojans…
And worse, the third is a zlob trojan…
cya
The 3rd is also crack.
Milos
Anyway, the third sample is a malware? Have any kind of malicious activity in the machine where it is executed? Or its just crack?
If its just crack then theres no problem in not detecting this…
Cya!
Simply said, there’s no malware in there. You won’t get any reliable results with AVs because
I’m sure Alvil guys could expand on the above oversimplificated explanation.
Advice:
1/ Don’t use warez at all.
2/ At least don’t use warez from untrusted sources (this includes all the P2P and rapidshare-like junk there). Alas, that will limit your access to warez to about zero since you are unlikely to get an access to any topsite or whatever similar.
3/ If you still “must” use warez, then you should use sandbox first to check what’s going behind the scenes when you run the executable (crack, keygen, whatever)
Edit:
Oh, and I’ve forgotten 4/ This forum is not intended to ask AV devs about whether particular piece of warez is safe to use or infected.
I tried to execute that file in Sandboxie, but there isn’t any malicious activities, at least only execution.
I don’t know what happens when after patching process or executing patched files (indeed, I failed to patch ::))…
Anyway, never touching cracked software or we will be infected someday ;D
Edit:
Yeah, you’re right…
Hello,
Actually I asked if its malware just to check if it was indeed a missed detection.
Its just a weird report that I checked. I never thought that avast 4.8 could detect something that avast 5 couldnt… This post is about it, not about the crack itself.
I dont have this file, I hadnt submitted this file to VT and I dont use P2p or any cracks at all, so no worries.
Thanks for your time,
BrBrasil