Just tell me what you think
no because avast 4.8 doesn’t detect it. are you saying about the beta?. yes?, then there are already so many threads.
Hi John2009
There is a controversy on this having a trojan: http://forum.cheatengine.org/viewtopic.php?t=24363
Some download sites are suspicious - WOT gives yellow and red flags.
For analysis of what the setup does, see this report: http://www.threatexpert.com/report.aspx?md5=b9fd2b3e8d60181912d0f483ba97c0ad
polonus
thanks sir polonus now I learnt how to find what is the file. thank you.
Hi nmb,
There are various of these analysis sites. Threatexpert, wepawet, anubis:
I give you the links: http://wepawet.iseclab.org/
Wepawet Open Wepawet in New Window
A service by UCSB Computer Security Lab for detecting and analyzing web-based malware. It currently handles Flash, JavaScript and PDF files. To use Wepawet, upload a sample or specify a URL, wait for the resource to be analyzed and review the generated report. Wepawet runs various analyses on the URLs or files that you submit. At the end of the analysis phase, it tells you whether the resource is malicious or benign and provides you with information that helps you understand why it was classified in a way or the other. Wepawet displays various pieces of information that greatly simplify the manual analysis and understanding of the behaviour of malicious samples. For example, it gives access to the unobfuscated malicious code used in an attack. It also collects the URLs accessed by a sample. Wepawet does not just tell you that a resource is malicious, it also shows you the exact vulnerability that are exploited during an attack.
wepawet.iseclab.org/
anubis:
Anubis Open Anubis in New Window
A service for analyzing malware developed by the International Secure Systems Lab. Anubis is a tool for analyzing the behaviour of Windows PE-executables or software programs with special focus on the analysis of malware. Execution results in the generation of a report file that contains detailed data about modifications made the Windows registry or the file system, about interactions with the Windows Service Manager or other processes and of course it logs all generated network traffic. It is an ideal tool for the malware and virus interested person to get a quick understanding of the purpose of an unknown binary. All you have to do is to upload your Windows executable or specify the URL, wait for the resource to be analyzed and then review the analysis report that tells you what it does. Alternatively, submit a suspicious URL and review the report that shows you all the activities of the Internet Explorer process when visiting the URL.
anubis.iseclab.org/
Also check: www.unmaskparasites.com and for a second opinion there: http://www.unmaskparasites.com/security-tools/find-hidden-links/
example: http://www.google.com/safebrowsing/diagnostic?site=ad.nl
polonus
you have given it to me before sir pol. thanks.
Im saying do you think its virus free? And I checked yesterday and wot for it was green.
added unmaskedparasite to my fav for the link website scanner so i can check manually my web with unmasked and mywot ;D
Believe in WOT with a grain of salt as it can be wrong due to user input from anyone … including malware writers and owners of malware sites.
The same is true of SiteAdvisor.
WOT is far from perfect, but for me ahead of site advisor. The main thing is not to slavishly take their word for anything but use it as a guide.
Well i added about 4 site advisors in my fav and unmasked parasite. So i will use those web as if im not sure. But Web Shield of Avast! never failed me and warned me in every site that got hacked. ;D
Hi MrAgent,
These online link scanners can be taken into two categories. Reputation based scanning, as good as those reports that come in, a site could have been hacked 3.6 seconds ago and redirect to malware.
General scanners like scandoo.com, exploit prevention labs’ linkscanner, finjan (slow but good), drweb’s av link scanner (extension/plug-in for various browsers) are realtime scanners, the second category. Some handicaps can be that these scanners like DrWeb’s only scan the main links and not all redirects on a certain page. That is why I prefer the overall protection of NoScript and RequestPolicy extensions inside Firefox or Flock browser, there has not been a script in the past, present of future that has beaten this. RequestPolicy gives you the opportunity to only allow links on the page that are main site and block all others. Some reputation scanners haven’t scanned the majority of sites all, and are as good as their respective databases. Anubis also de-obfuscate found obfuscation on a scanned website. Jutakys Bad Stuff detektor is offline for the moment, there one could scan malscript frames, but unmasked parasites also has a good detection ratio.
Avast webshield technology is one of the best there is. So protect all around, guys and gals,
pol