go there: http://www.avast.com/virus-update-history
Under 13.12.2012 - 121213-0
2nd line I see a signature named FileRepMalware is added to database.
Wondering what it is ??? ;D
go there: http://www.avast.com/virus-update-history
Under 13.12.2012 - 121213-0
2nd line I see a signature named FileRepMalware is added to database.
Wondering what it is ??? ;D
Hi true indian,
FileRep knows if it’s naughty or nice
The new FileRep feature enables faster threat identification by sorting new, potentially dangerous files from known safe files. With hundreds of millions of executable files already in the cloud-based database, the goal of FileRep is to categorize all files on the web. Sourced from the CommunityIQ sensor network, this data helps avast! decide when questionable files should be placed in the AutoSandbox.
Info here: http://www.avast.com/pr-avast-software-detection-is-faster-when-filerep-knows-all-the-clean-files
polonus
I was searching for FileRepMalware because i got this detection during testing and i found this thread. Here is an image of the detection in action on a real live malware.
http://i14.photobucket.com/albums/a348/rejzor/Antivirus/filerepmal_small_zps9c992132.png
It seems that avast! can now directly flag certain files that only have malicious reputation without placing them in the Auto Sandbox for further evaluation.
Nice! avast! is going the correct way
Yes, that’s true.
It’s not necessarily about reputation though (a reputation alone wouldn’t be enough for a full detection, it has to be backed up by some analysis).
It’s more about using some powerful hardware (the last image here, in particular - pity you can’t see the nice “cooling tower”) to perform a clever analysis of incoming malware samples, and then connecting it to the FileRep infrastructure to distribute the new detections at the maximum possible speed.
@igor,
Are you managing to keep the gamers away ??? ;D Wouldn’t mind a toy like that for Christmas.
Your household power supply probably couldn’t handle it or the electricity bill ?
I guess if I ever get back to Prague, I’ll see if I can watch this super duper computer in action.
had to check ;D
VirusTotal - URLscan
https://www.virustotal.com/url/0c98004dd11db7b227520f52aa4c5c9452a6ff92a11f9895e0b3cf80869ffcc2/analysis/1356277729/
VirusTotal - file scan
https://www.virustotal.com/file/2aa63c059574df96355cea42ae13f4d0e682076ee21ac6e429a75477223511d5/analysis/1356277734/
Well that pretty much confirms the detection by filerep and looks like that has filtered through to be a part of the win32:Malware-gen signature.
Glad to know … This FileRep is going to be very powerfull with the time.