Who says Avast! is poor with new threats?

https://www.virustotal.com/en/file/e34d490ad1e724727bae93c467251ca394c227bd3c6812585ac903ef6492b8aa/analysis/1410328461/

https://www.virustotal.com/en/file/7797baf939209f45ba5f3ba8ac7764ba2c493aae0eb4d0af9cbc8c5b29d976a2/analysis/

https://www.virustotal.com/en/file/0fb512aee133030c193b2eab9aad311c09006a45dd61419f2818be76d756cf70/analysis/

https://www.virustotal.com/en/file/86cfad422997c583388558a099bc204f9986afeb62a0a192f3faf83d2afc1902/analysis/

https://www.virustotal.com/en/file/283b712f27430a188570bf5c302819f0e5a7306424485fa64577009d9d496a35/analysis/

https://www.virustotal.com/en/file/5e5212465ab711aac21d0bbfc8ba842a765779ad1235b7b094194de6a30357fb/analysis/

https://www.virustotal.com/en/file/7178fe13e49dc2a1e57f200329512f26ab0ce6e25b578abbe363e0e241f6a74d/analysis/

https://www.virustotal.com/en/file/23917859eb913397c9f89fdeac77700d70295c8f739334719be61da31b505804/analysis/

https://www.virustotal.com/en/file/ea405ae173a4a3e8cec33aae2d3c2def87e354bc15b9b8996cedd02502fecb59/analysis/

and many more:
https://www.virustotal.com/en/user/true_indian/submissions/

The more I hunt the more I have started to believe in the improvement…By the time the scores reach 15/54 on VT avast is already on it!!! I have had alot of newly reported threats caught by filerep in just 1 hour of sending it! We seem to have catching up on the dreaded VBS malware from USB and even generic/widespread viruses.

Rejzor,Pol,Pondus,steven,spywar and essex this is for you guys to have a look…evo-gen and filerep are carrying avast! generic database much further!!! Our reaction times are much much faster now. ;D

Will take a look when im home but i also noticed this on Malwaretips samples, they got about 50 to 90 percent detection in about 2 hours, only on scan.

Yep,we are improving all the time :slight_smile:

Small error here: https://www.virustotal.com/uk/file/283b712f27430a188570bf5c302819f0e5a7306424485fa64577009d9d496a35/analysis/

Avast does not detect that file.

It blocked by our cloud,check my comment at VT link ;D

Havent seen that :slight_smile:

We had a defination update recently that had only dyna rules,see:
http://www.avast.com/virus-update-history

I Think we are ready or gearing up for beta 2 ;D

Maybe today since its still wednesday.

Also they want to get these created automatically at some point.

Yep! As I said we keep getting better with time.

Hi True Ind and Steven Winderlich,

Here you can clearly establish what the weak spots in what av solution’s specfic malware detection are:
http://worldguide.travel/clean-mx/md5.php?GData=Gen:Variant.Kazy.52675

polonus

Hi Guys,

I found few some more of such samples that avast was great on detecting these hard nuts so I will post 1 of them here:
https://www.virustotal.com/en/file/d3b147dac2bff5fb7a944b4e4d56a08627c6b6ead083677a6828e7a24324fe33/analysis/1410493670/

Its facebook hack.exe :o

The source of this Hack should also be with bad web rep: https://www.mywot.com/en/scorecard/facebook-password-hacker.soft112.com?utm_source=addon&utm_content=popup & http://www.webutations.info/go/review/facebook-password-hacker.soft112.com

Here I get no results: https://www.virustotal.com/nl/url/d222f11803553ec798fc907fb11f81796c8b78e281da439e392a9140b17615d3/analysis/1410511306/ (two trackers there - e.g. facebook tracker

Also consider: http://toolbar.netcraft.com/site_report?url=http://facebook-password-hacker.soft112.com (risk)
About facebook tracking:
http://online.wsj.com/articles/what-you-can-do-about-facebook-tracking-1407263246
Lionk Article By GEOFFREY A. FOWLER.
Privacy-wise Facebooktracking works like the Flagellants in history two steps forward to take another step back.

Damian

Thanks for sharing your personal experience and let keeping both eyes and mouth opened about it :slight_smile:

Then what about this detection?
Is it beyond avast!'s scope?
This is a suspicious page
Result for 2014-09-12 12:01:09 UTC
Website: htxp://down.go.co.kr
Checked URL: htxp://down.go.co.kr/dbgoresetfiles/dbgotoolbarreset_home.exe
Blacklist URL Details:
Blacklisted checked url. Suspected of malicious activity or distributing of malware.
See: https://www.virustotal.com/nl/url/bd090d49869dac95b913a8068c811aebc95c702e41c773fb1b740a83a8193f6e/analysis/
File detection: https://www.virustotal.com/nl/file/e3cc9f0e27f8da93eed7ede5f5ee48b0f1d162043c6b42c7cc782fba41c76acf/analysis/1409119840/

Missing avast!'s detection.

pol

File is detected by Avast :slight_smile:

Hi Lisandro and Pol,

As Steven pointed out,avast! in specific has just more to offer than just being a standalone AV engine on Virustotal.The whole product can detect alot more than what the engine on VT detects. :slight_smile:

I would like to have these cloud features like FileRep and Evo-Gen also on Virustotal.

Just tested some malware in a VM all were analysed by DeepScreen but only 2 were blocked, hopefully this will be better in Avast 2015.

I think avast! definately would not want that to happen.Malware boys keep testing their baddies with AV engine’s so avast would want to keep the logic of these things in their lab away from wrong hands.

+1 :wink:

Yeah mate I know! Evo-gen and filerep detections are better at quick reaction times than proactive check the samples after a 1-2 hours and you will see avast! will alot flag them down.Of course with dyna-gen we will be locked and ready to go. ;D