It quite confused me..

Hi guys,

(these malwares have been included in virus def,so the link is removed)

I scanned this file from context menu and avast showed no threat detected
But when i added it to virus chest and scanned it again , virus was found ,see the first screenshot.

No updating during this test…

here’s my context menu scanning settings ,the second screenshot

it quite confused me whether it’s different between scanning from context menu and from virus chest?

PLEASE test the sample attached
there is no sample attached...and you can test by uploading to http://www.virustotal.com/ - http://virusscan.jotti.org/en - http://www.virscan.org/

SoftLotto.2.4.Crack.52106.zip.log is the sample

download it and remove the extension .log cos it is a zip file with password:virus and decompress it you will get the sample…

http://www.virustotal.com/file-scan/report.html?id=f3bf2cffabf433a3c785ba3065eb3793b8bca1362dd209959b982305e15884d3-1312767678

download link…

http://verzend.be/hejzcnjkgu1l/2011-Aug-7-2234.rar.html

password:virus

these are new variants of Renos family that avast dosen’t recognize, try to add them to virus chest and scan them and you will see something interesting …

This has been sent to Avast.

This will tell you about it.

http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?name=TrojanDownloader%3AWin32%2FRenos.PG&threatid=2147644168

Next time send your samples to virus@avast.com in a a password protected zip with the password virus.

Is anyone surprised that a crack file contains malware ???

No. ;D

no one gives me the answer cos you guys try nothing.

these files are actually variants of RENOS family that is disguised as normal crack or software

it’s a pity that after update to 110808-0 these malwares have been recognized by avast…

i came here providing this message ,not for submitting samples but tell you that malwares unrecognized by avast might be detected when scanned in the virus chest

So, which answer do you need…???
Do, as Marc57 said and send the sample to Avast.

Why should we try something when you are using a crack file.

I have no pity whatsoever for when malware has been included in virus definitions.

There is no such thing as a ‘normal’ crack, aside from any legal, moral issues they are high risk. Who are the people who use these cracks complain to should they get infected ???

@DavidR
I guess you may misunderstand the meaning of the post starter.
Without doubt, this is a malware.

But, this malware could only be detected when it was added to the virus chest and scanned. However, if it was scanned from Windows Explorer, AVAST could not find anything.
Have I made it clear now?

That means that may possibly be a bug of AVAST.

you misunderstood the post

Described as anthony , these are malwares and i complained nothing.

i just found a strange thing that before these malwares were included in virus definitions they had been detected when scanned through virus chest. When we add samples to virus chest they can be scanned right? see the screenshot

AND i repeat , this is not a CRACK, it is a virus… you judge a file by its name? lol…

AND i repeat , this is not a CRACK, it is a virus… you judge a file by its name? lol…

There are 13 files in that rar. same size 130kb different name and MD5

all 13 are detected by avast! as Win32:Dropper-gen

http://virusscan.jotti.org/en/scanresult/e6dff3c4747cf0fcd39bdb375e2b3fe13c1dfb8c

I think there is some misunderstanding/language problem here…what he is asking is in post 1 and 2

I scanned this file from context menu and avast showed no threat detected But when i added it to virus chest and scanned it again , virus was found ,see the first screenshot.
it quite confused me whether it's different between scanning from context menu and from virus chest?

I don’t judge a file by its file name, but those seeking out cracks obviously are, as they are looking for a crack to circumvent an application, etc.

So that doesn’t change the fact that cracks real or implied are a high risk activity.

Have you read my replies?

did now ;D