Hello.
in fact, the forum did not have time to stay, I know I can return very soon.
There was a change in the transmission of samples services, now supports only receives URL or other issues and no longer files.In day 10/06/15 were sent 9 files, only 1 was added detect as Win32: FakeDownload-G [PUP] .
http://i.imgur.com/sP1UEZu.png
A week ago I sent over 11 files that have not yet been detected.
Today lost a link in a where I got a script,my system is not infected.
CSIDL_PROFILE\appdata\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\P9DVZCHH\style[1].js
But I have saved ,this is a new, not part of detections of avast.
https://www.virustotal.com/en/file/8366a7c7e3e3229509497a0f96edfe9a522164078314d601b9d6bce6d96a9f0a/analysis/1435451594/
VirScan has it here, only one example: http://v.virscan.org/Trojan.Script.633135.html
This is a good detection survey: http://www.scumware.org/report/217.76.132.207.html
Read: http://forum.bitdefender.com/index.php?showtopic=42754
My Malware Script Detector v. 2.0 blocks the javascript attack, code: http://ddecode.com/hexdecoder/?results=a8a4824d39d4f7e585b05210b11316b6
See: htxp://linkeddata.informatik.hu-berlin.de/uridbg/index.php?url=http%3A%2F%2Fwww.sierracharra.com%2Fleidsegfre%2Fcl.js%09&useragentheader=&acceptheader=
decoded results manipulation of search results via my start incredibar browser hijacker etc.
Removal of this is not that easy and should be performed under guidance of a qualified removal expert.
Avast should at least detect the encoded javascript for what it is,e.g.: “crap-adware”.
polonus (volunteer website security analyst and website error-hunter)
Hi jefferson sant,
As all are riskware/adware detections, the question is how Avast performs in PUP-mode (not as per default)?
How is MBAM, AdwCleaner and JRT performing on mentioned detections?
polonus
some of it is done through the statistics sending it take to process certain files , avast because the heuristic is weak requires new signatures created to detect PUP.
malwarebytes use generic detections and other technologies in aggressively
http://news.softpedia.com/news/malwarebytes-anti-malware-to-integrate-junkware-removal-tool-485031.shtml
On the last Thursday 09.07.15 was added to Ikarus database as Trojan.Script.Avast already detected style[1].js as JS:ScriptXE-inf [Trj]
https://www.virustotal.com/en/file/8366a7c7e3e3229509497a0f96edfe9a522164078314d601b9d6bce6d96a9f0a/analysis/1436825157/
Thank you very much.