rogue FAKE av not detected by avast
hxxp://macrovirus.com/
rogue FAKE av not detected by avast
hxxp://macrovirus.com/
Hello harman123,
can you send the setup file to virus@avast.com ? or you already did that?
thanks for helping avast improve detection.
nmb
already sent to avast and microsoft ;D
already sent to avast and microsoftdon't forget MalwareBytes.......... ;)
I think mbam detects it.
nmb
So does hpHosts:
http://hosts-file.net/?s=macrovirus.com&view=matches
Hi harman123,
Norton Safe Web detects this threat:
Virus
Threats found: 1
Name of threat: 19446
Location: hXtp://download.macrovirus.com/setup.exe
Google has not detected it yet, but DrWeb av link checkers alertsit as
infected with Trojan.Fakealert.5101 (see attached scan log)
polonus
still not detected by avast
http://virusscan.jotti.org/en/scanresult/6d7c36d81075f743966685ce5c2cc3246799cdec
still not detected by avast
I think you got a previous version of avast!, please update.
The current version is 4.8.1356.
HI Harman,
Based on this website analyzed :
http://www.mywot.com/en/scorecard/macrovirus.com
And you also could use Remove Fake AV tool which i just got referenced from nmb (avast evangelist)
Hi,
it is detected in version 5 as PUP.
Milos
Then what will be the conclusion??
In virustotal 8 out of 40 detected it!
8 detected it and 32 not detected it!
Is it a false positive then?
No, if as has been said in version 5.0 this will be detected as a PUP (potentially unwanted program), something which could be installed by the user for a purpose, it could also be installed without their knowledge (unwanted in this case). So it is down to the user who know if it is installed for a purpose or unwanted.
So since this functionality isn’t available in 4.8 my guess is it isn’t reported as infected.
Fake alerts are a bit of an anomaly in that they are;t malicious in the same way as malware as all they do is display messages, like many other programs. The message is intended to scare the user into taking an action that could well leave them properly infected. So whilst it isn’t malicious its intent is and deciding the intent is difficult when you use conventional signatures for detection. So most of these are detected by generic signature or heuristic methods.