http://www.virustotal.com/analisis/1bc37518e080723b39a21d295a1f8042a0679c452287648ebce1b43bb6c03617-1255719368
submit this to avast several time still not detected.
the source of this file is in hxxp://www.antivirus-deluxe.com/avast/
http://www.virustotal.com/analisis/1bc37518e080723b39a21d295a1f8042a0679c452287648ebce1b43bb6c03617-1255719368
submit this to avast several time still not detected.
the source of this file is in hxxp://www.antivirus-deluxe.com/avast/
Hi harman123,
ThreatExpert analysis: http://www.threatexpert.com/report.aspx?md5=f740de8052f0e8e89624414066ce4ed3
polonus
hi Polonus,
also found in this site too =>hxxp://www.antivirus-deluxe.com/avg/ and hxxp://www.adwareprofessional.com/
both site contain same file.
Avast 5.0.167 detects this as Win32:Trojan-gen ;D
avast 4.8 no warning whatsoever :-[
Are you using the latest virus definitions? The last one is vps 091015-0.
yes
If you sent the virus sample to Alwill there’s a good chance that is going to be detected in the next vps update
already sent using compress zip file to virus@avast.com
i also have another sample
http://www.virustotal.com/analisis/49407fa162c65df6eefa36a8e89c45b16945ea84463e78842c02306e34315426-1255725378
this file is found in =>hxxp://bar.baidu.com/sobar/promotion.html
avast not detected :-[
Good on you for sending these in.
VPS is now up to vps 091016-0 which might include the detection.
Make sure your avast is now up-to-date and check the detection again.
avast still not detecting antivruspro as of today
http://virusscan.jotti.org/en/scanresult/f1b08658d0fb6972359bd73588abe25cac30d0ab
http://virusscan.jotti.org/en/scanresult/0e501211ec93d9fd6a904734253ac490ccd0f0ad
not detected by avast
3 days already still not detected. :o
Hi harman123,
Mal/Emogen-P is a malicious program for the Windows platform. This malcode bugger registers itself as a system service and collects certain essential information from the system. It is also a keylogger. What this means is that it runs continually and watches keystrokes and anything else that it finds useful and uses it for the creators devious purposes.
Detection for members of Mal/Emogen-P malware is behavior based. It is extremely important that users report detections of Mal/Emogen-P to avast and send a sample for analysis.
Now also read this here: http://www.pc1news.com/news/1003/remove-the-svchust-exe-file.html
Another variant: http://www.threatexpert.com/report.aspx?md5=f0b2de1086f03079f463b6b2254f3d03
polonus
I’d already sent the sample to alwil and microsoft but they took forever to add these samples.
maybe I’m a little pushy but I want to help out as much as I can.
There is another site which most Chinese users know as hxxp://download.tech.qq.com/
in this site there are several potential unwanted programs and adware/spyware disguise programs.
lol ;D
well I’ve tried thier product support Live chat… you have to read this:
Welcome to our site ! How can I be of assistance today?
you: hey…my antivirus software blocks my installation
Sam: Sorry for the inconvenience,
Sam: Can you please let me know, which company/software you are looking for?
you: what do you mean?
you: don’t you serve one company only?
Sam: Yes we do
Sam: Our product name is AntiVirus Professional. Did you purchase our software (AntiVirus Professional)?
you: no. I am speaking about adware professional
Sam: I am transferring you to Adware Professional support guy. just a moment please.
Please wait while you’re being switched (transferred) to ‘Nicholas’.
You are now chatting with ‘Nicholas’
Nicholas: Hello,
Nicholas: How can I help you?
you: hello… tried installing the software, but my AV detected it as malware
Nicholas: Can you kindly let me know the name and email address you used when ordering our software?
you: didnt order it, just downloaded it for trialing it.
Nicholas: ok.
Nicholas: Adware Professional is not a scam, is not a virus, and is in no way harmful to your PC.
Nicholas:
Nicholas: We have an excellent product that we stand behind 100%, and it’s backed by our excellent support team that is here and happy to assist you with any troubles you might experience.
Nicholas: Our site obviously has nothing to do with the infection on your computer.
Nicholas: We sell an anti-spyware product, we don’t infect people with anything, nor do we advertise our product using anything like you mentioned .Our site is heavily involved in anti-spyware legislation, and is one of the most widely used anti-spyware products on the market today.
Nicholas: So, please be not worried about the issue you concern just go ahead and install our software.
Nicholas: The free version of Adware Professional is for the free PC scan and is available at :
Nicholas: hxxp://www.adwareprofessional.com/download.html
Nicholas: But, Only scanning of your system is for free. To remove infected items, you have to purchase our product.
Nicholas:
Nicholas: We offer a free scan to show customers what we are able to detect and remove, and then should the customer wish, they can purchase our software.
Nicholas: To purchase our product, can you kindly try at:
Nicholas: hxxp://www.adwareprofessional.com/purchase
Nicholas: (It is available here for a sum of $27.00which is a yearly subscription amount with a 60 Days Money Back Guarantee).
you: hmm…so what should i do with my AntiVirus?
Nicholas: Please disable it first
Nicholas: After that try to download our software.
Nicholas: Using the above given links
you: obviously it won’t work with your software…the moment i’ll activate it, the files will be deleted.
you: can’t you solve this problem with the antivirus company?
Nicholas: Several companies have raised issues with the fact that (the name of the product i mentioned) will, in many cases, identify legitimate programs as malicious purely as an anti-competitive measure. We are in the process of working with (the name of the product i mentioned) to have this error repaired on their end.
Nicholas: So, please be not worried about the issue you concern.
you: ok. thank you.
Nicholas: Thank you very much for chatting with us today. We hope the rest of your day is an excellent one.
Nicholas: Please Feel free to come back, for any further assistance !
Wot a scam :
I simply don’t get it. They have opened a support center for a fake software? wow, they are getting smarter and smarter. They almost convinced me.
If you search avast or avg on google, on top of google sponsor , it say avast antivirus, but when you click on it, it link their site selling their product and trick user installing it.
hxxp://www.adwareprofessional.com
http://virusscan.jotti.org/en/scanresult/1c80f8cdcb500c2d877040e1050a77940799e9aa
finally
adware professional is detect by avast ;D
but baidu sobar not detected by avast
baidu toolbar are found in hxxp://bar.baidu.com/sobar/promotion.html