If you are talking about Avast for windows - As far as I’m aware the Mail Shield doesn’t detect spam.
Whilst the Avast plug-in/add-on for MS Outlook can look for Spam and the user can mark it as spam. I don’t use MS Outlook so I can’t speak from personal experience.
The VT results aren’t conclusive 2 detections but one is a bit iffy anyway. Plus the VT results are looking at a site, not an email.
The message comes from an webmail, I do not have MS Outlook.The above text tells and site something that i myself maybe could not classify as phishing or Scam.Website content is legitimate, but the one that was injected a window of a Java update and I do not see this shown after 12.02.2019.
Diagnosing solutions and problems
We detected that you are using an old version 42 released in April 2017, Oracle has disabled the default way browsers support plugins.
Start the update
What we have this file jre-8u205-bin-win-x86.cmd when accessing the option update.
This is certainly strange, it may be that avast doesn’t like the redirect. Or something to do with JAVA, I have long since abandoned JAVA as it is such a huge target for malware attack.
Do you actually have JAVA installed and more importantly do you actually use it ?
Websites have pretty much stopped using it, but some programs are JAVA based or require it. I don’t know if it is a legitimate call to update the JAVA Runtime Environment (JRE), or if this is what avast is concerned with.
the test was on a machine that had Java recent installed , but the plugin was disabled in the browser, message was a distraction to try,intention of the coup that nothing connects one thing with another,but of course it was not an application legitim and after the execution of the file cmd ,malware created, the file name placed according to the user’s account name in PC.
@ jefferson sant
It could still be trying to get out even with the browser plugin disabled, given that at first it was reporting it was out of date.
The of the VT, most generic/heuristic and many have the same malware name (more of an indication they are using the same virus database), lowering the effective number of detections. Yet Avast isn’t detecting it but is possibly blocking attempts to connect to a site that avast considers suspect.
I would certainly suggest uninstalling JAVA and not just disabling the browser add-on.
I have no idea if this is Mirai bot related or not or if it uses JAVA to reach out.
The general recommendation is, if you don’t have a specific reason to have JAVA installed I would certainly uninstall it (essential requirement in a program or a site that requires JAVA (I would be looking for a replacement program or site).
The samples not crashed and run,same what there no detection,for lack of mode unauthorized on behavior shield would prevent the changes from being made and capture information such as the machine name or other actions malicious.