Tech: Kazy and Zbot variants will be detected generically (we have some samples with a wider context available), other samples will be probably detected with some “regular” detections…
That is correct! 
edit: also with Malware Patrol, http://www.malware.com.br/
What about: Trojan.Win32.Workir.agf
Is avast! detecting it???
http://www.threatexpert.com/report.aspx?md5=93c98cfc407afe3c3b3cd557643a160e
Hi, people.
hxxp://rapidshare.com/files/418820320/MONMVR32.7z
Please add in the virus database.
And
hxxp://rapidshare.com/files/418826287/Trojan-SMS_for_Android_FakePlayer_RUapk.zip
Please modify your post and remove the link to the malware download. The samples should be sent directly to avast and not use the forums as some sudo malware distribution site. These forums are publicly available so you never know who might download it or what use they might put it to. Not to mention if it is an undetected sample then you put avast users at risk.
Send the sample/s to avast as a Undetected Malware:
Open the chest and right click in the Chest and select Add, navigate to where you have the sample and add it to the chest (see image). Once in the chest, right click on the file and select ‘Submit to virus lab…’ complete the form and submit, the file will be uploaded during the next update.
@Maxx
Any chance to ever expect more of aggressive heuristics? Maybe as Ultra High/Aggressive sensitivity option (disabled by default) and with direct uploading of anything detected to your servers and tagged as [AdvHeur]?
Even though some may like very passive avast! response, i’d like to see a more aggressive approach, at least as optional thing. Wouldn’t it be possible to use these aggressive detections to fine tune heuristics for lower levels so everyone can benefit. Casual users with strong but accurate heuristics and those security freaks (us) to have very strong heuristics with few more false positives. But it’s easier to deal with false positive than real threat imo.
Not necessary. Better change http for hxxp in the link. Then avast team has the information of the source of the file in my opinion.
Seems cloud technology… Are they prepared for that? Both on technology and servers side?
Besides this, I fully agree with you 
It is necessary as just changing the http to hxxp won’t stop people downloading it they aren’t stupid and we have no idea what they might do with samples that are undetected by avast.
This forum has to act responsibly when other avast users could be put at risk if some idiot decided to download and distribute these samples for malicious purposes.
I’m totally unconcerned with the link being active to rapidshare, I’m concerned with what people might do with the samples. If you want the virus labs team to get the samples then send them directly.
These stupid people won’t come to an antivirus forum, open a technical thread, catch a link, copy & paste, change the hxxp to http… C’mon, let’s be reasonable…
You have to manually manipulate (download, upload…) the sample and then you is whom would be exposed to get infected.
So you would rather expose other avast users than yourself, great. If you aren’t able to download the suspect samples and send them to avast without exposure (or limiting your risk), perhaps you should stop. Being reasonable is ensuring there is no risk to others by dissemination this undetected malware.
The same stupid people as you call them, come here and spam the forums, why do you not think others might monitor security forums to see how various malware is being detected or better still not detected.
Simple, these forums shouldn’t be uses as sudo malware distribution sites. It has nothing to do with being reasonable but being responsible.
You call them stupid.
Giving them a location to download them certainly isn’t going to stop them, giving them a location just makes it easier for them and not only that they know it isn’t detected by avast, great thinking that.
If you read my quote that you posted you will see I said ‘they aren’t stupid.’
If you can’t see why the avast forums shouldn’t become a sudo malware distribution site then I can’t persuade you, I can only lead you to the water I can’t make you drink it.
@RejZor (and avast team). Another opinion about avast detection in Comodo forums.
https://forums.comodo.com/beta-corner-cis/is-cis-5-ready-for-majority-of-users-ie-average-users-t61342.0.html;msg434054#msg434054
RejZoR: a paranoic mode could be useful for a corporate sphere, but it can bring a huge inconsistency to the situation in-the-wild… when we start to detect/blacklist some packers e.g. then we can reach a nice detection score, but once you detect what’s outside and not what’s inside you’re loosing the information what’s actually under the hood (an additional context)… task #1 is done - user is protected, but what about a situation when the infection has already settled down and this detection can cover only one layer? as you know from the history, we aim rather on accurate detections that make no unnecessary noise, but are pretty generic… some of the new detections (SuspBehav, FileInfector) are also proactive enough…
@Maxx, what about the Comodo user’s opinion about avast?
Isn’t it in the same way (not the same thing) that RejZor is asking?
hard to say, because i would have to register there to be able to view the thread… :-\
It doesn't protect very well again zero day threats. It has weak heuristics, poor behavior blocker, etc... It relies too much on signatures.
RejZoR, I agree with you. I would like to have a(n) ( optional ) more aggressive heuristic approach too.
Greetz, Red.