how long before avast! adds detection?

good day!
as the title implies, how long does avast! adds detection?

jotti results: http://virusscan.jotti.org/en/scanresult/11ab957ee91c98d41135252ebff1871c79df4cec
virustotal results : http://www.virustotal.com/analisis/c93fbc17edc534aaea92cdf908385fe062291f4c3d43e425083bd034439a40fb-1254769032

these results for jotti and virustotal are changing / updating almost everyday.
at first I thought it was / maybe a false positive since only few AVs had detected it, but after 2 or 3 days, other AVs added it to their detection…but avast!..I don`t see any change…this is the latest results.
I also submitted the file through email ( virus@avast.com )- yet until now, detection for this file has not yet been added.Also, I did not receive any confirmation from alwil that they had received my e-mail.(will I receive a confirmation?even an automatic generated answer?)
Also, I added this file to the virus chest for 2 days, and I think it will be send automatically to alwil at a certain period of automatic update.

any ideas?
if alwil haven`t receive the file I would be more than happy to re-send it again.

harold

Though the majority of the VT results are for generic detections, which are more prone to FP, it is unlikely they are all wrong or the one that detected by specific signature.

So I would suggest sending it again.

Try this other way though:
You can also add the file to the User Files (File, Add) section of the avast chest (if it isn’t already in the chest) where it can do no harm and send it from there. A copy of the file/s will remain in the original location, so you will need to take further action and can remove/rename that.

Send it from the User Files section of the chest (select the file, right click, email to Alwil Software). It will be uploaded (not actually emailed) to avast when the next avast auto (or manual) update is done.

thanks for the quick response.
actually I already did this->

please see this…->

okay, I had sent the file to alwil again, just now.
by the way this is my procedure in sending suspicious files. please correct me if I am mistaken.
->make a rar file of the sample with a password : “infected” and send it to virust@avast.com

again, thank you for the response.

harold

You’re welcome.

Simply adding it to the chest won’t automatically send it you have to take the actions I mentioned for it to be sent.

Any archive type file and any password is fine provided the password is put in the body of the email so they know what it is. Or as suggested add it to the User Files section of the Chest and send it from there.

VPS 091006-0

still no detection from avast!

jotti: http://virusscan.jotti.org/en/scanresult/0354bcc843097e5f03c898ece07107019dad3aa5
virustotal: http://www.virustotal.com/analisis/c93fbc17edc534aaea92cdf908385fe062291f4c3d43e425083bd034439a40fb-1254860665

should I send the file again to alwil?
or this file is really not a malware?

harold

It is a keygen so it may well contain a bigger payload than you expect… But if you play with fire expect to get burnt

Hi hsobrevilla02,

Backdoor.Bifrose.PG injects itself into other running processes in attempts to hide from the user. It also opens up a port which allows attackers access and control over the infected machine.
Type: TT_Backdoor

One could use DrWebCureIt to remove the malware: http://www.freedrweb.com/download+cureit/

polonus

yes I know it is a keygen, that is why I immediately uploaded it to virustotal and to jotti to check if my AV detects it.

I am using free AV’s only, and had never and will never use a keygen to make a “license” to crack my free AV.

the reason why I am posting here is to ask why avast!, does not add this to its detection although other AV’s are flagging it as a virus.
I had sent the file to alwil 2 times already through e-mail.
Should I send it again?

harold

VPS 091007-0

still no detection…

jotti: http://virusscan.jotti.org/en/scanresult/11dfc12090f9e839539efa289401f0b6df6a021d

virustotal: http://www.virustotal.com/analisis/c93fbc17edc534aaea92cdf908385fe062291f4c3d43e425083bd034439a40fb-1254948084

any update regarding this malware?

harold

VPS 091008-0

thank you alwil for adding this file to your detection!
maybe next time, detections would be added faster, because this detection took several days.
just a suggestion.
anyway, again, thank you

harold