our company attacked by a malware named puskesmas-pc (we already have avast in our pc…)
and then we tried to clean up with eset, it works (ESET already knew it as a malware)… then I sent sample to avast but it takes more than a month to analyze it (still unrecognize malware right now when I post this)…
I still use avast in my personal pc at home. and then I sent to comodo yesterday because comodo unrecognized it also. but comodo-team surprised me… they took only less than 24 hours to analyze it… shame on avast-team

I use avast for 10 years (since 2001)… I really disapointed with avast virus team…

please improve or your customers will take another pc-guard

Can you please test on VT and post the VirusTotal link…!?
Thanks…!

;D result from vT
http://www.virustotal.com/file-scan/report.html?id=2150d06ff58f06081f80c99e3f0028ba0448b8e8fb00fe6f0b8cf0834ae4c900-1312650875

you may see comodo result. that because I sent it to them to analyze.

Please resend the sample to: virus(at)avast.com
Thanks for your help,
asyn

I already sent 4 times… :-[ hopeless… >:( Thats why I post it in this forum ;D

Did you compress and password protect it…? If not, please do so.
Or send it from the chest.

offcourse I did, I sent pass protected archieve via email and I sent via Chest also…
I like to improve avast protection thats why I used to submit unknown malwares before, avast-team usually took 2 weeks to analyzed but this time more than a month and still unrecognized. I think avast-team should improve themself compared to Comodo-team :-X

I see. :-
Well, I agree that they should think about a better/easier submission system with shorter response times…
Anyway, thanks for your help.

They have 10 000 of files comming in from automatic systems every day, so i guess this is a question of manpower and priority…what to analyze first

You say it is a month since you sendt it… …The VT scan say First seen: 2011-08-06 17:14:35 ???

nope, PCs in our company attacked on the start of july from friends laptop connected thru wifi.
and fortunately ESET knew it as malware, my partner install ESET and clean them up. and then I sent sample from my home PC a few days later.

@Bodott check your mailbox

yea, I knew tons of submissions from anywhere. (I’m the one who suggest avast) I just feel embarrased to my company . and I want more to my top fave av-app…
thanks for your comments guys…

Ok…

You’re welcome…!

Avira lab

26246890 - PUSKESMAS-PC.eml - 5.69 KB - ARCHIVE 26248069 - pp.exe - 4 KB -CLEAN

The file ‘pp.exe’ has been determined to be ‘CLEAN’.Our analysts did not discover any malicious content.

Norman lab

Hi ********, After extracting the "PUSKESMAS-PC.eml" file, We got one executable file. But the file is not doing any malicious activity. So file "PUSKESMAS-PC.eml" marked as clean.

Thanks for submission.

So i guess that explains why avast! have not added detection

??? I see… but this malware bomb any folder in any drive in your pc connected via lan.
lock down internet access if you were try to block this malware…

what malware…they say it is clean

well…malware analysis must be fun ;D

just to confuse you…and myself : i uploaded this to some of those detecting it as a FP case to see

and this was the response

Kaspersky

Hello,

this is not false alarm. This mail is way of spreading Email-Worm.Win32.Runouce.b.

Comodo

Hi,

This is to inform you that the file you have submitted to us is not a False Positive.

and from Norman again

The file inside email "pp.exe" is not having malicious code. Some heuristic detection are there by some AV companies, But executable file is not harmful. Some are detecting ".eml" file because it is having executable file as an attachment. But executable file is not having any malicious code, So marked as clean.

yea…the mysterious world of malware analysis ???

SO… will U make the code for Avast Database?? ???
because Avast didnt response as a malware till now… ???

and my Malwarebytes didnt too ;D

but trust me its a bomb malware… :

and my Malwarebytes didnt too