Hi,
why when I send new threats with virtualbox to avast ,it does not take into account in the next update ? (like rogue,trojan…)
http://nsa26.casimages.com/img/2011/04/21/110421060706344813.png
Hi,
why when I send new threats with virtualbox to avast ,it does not take into account in the next update ? (like rogue,trojan…)
http://nsa26.casimages.com/img/2011/04/21/110421060706344813.png
Using a VM is not real life.
well just a guess ;D >>> it might take Avast a bit of time to analyse your reports and take, or not take them into accounts… the guys have their plans. It’s not like you trigger a button when submitting anything.
There are about 5000 new threats everyday. So you cannot expect that your 1 sample will be added asap. Maybe in a few days or so.
Je suis aussi français Logos
Donc, je préfère écrire en français…
Je vais prendre un exemple :
-Quand j’étais chez Eset (il y a deux mois) les “Zero day virus” que j’avais envoyées étaient prises en compte le jour même( voir quelques heures après les avoir envoyées…)
Donc chez Avast on préféré prendre le temps ? ;D
Merci et bonne journée
ouai j’ai vu (alerte sur ton image), mais mieux vaut continuer à poster en Anglais dans cette section pour que les autres aient au moins une chance de savoir de quoi on parle
It is possible to create a new things like malwarebytes forums :
Newest Rogue Threats http://forums.malwarebytes.org/index.php?showforum=30
Newest Malware Threats http://forums.malwarebytes.org/index.php?showforum=51
[i]"The purpose of this forum is for users to have a fast-track method of submitting current unknown rogue applications to the Malwarebytes database.
To contribute: please first make sure you run the files against a service such as VirusTotal, Jotti, or Virscan and include a report (important). Next, try to upload the files in a ZIP/RAR folder and do not use a password. If you have a source link(s) available please paste this into a text file and put in with suspected rogue file(s) in the zip folder to be uploaded.
We request that contributors within their technical abilities confirm that the suspected rogue application is not already known to the latest Malwarebytes database.
Thank you in advance for your contributions!
If you post samples, ideal would be if it’s posted like this:
Topic Title Field: name of the sample(s)
You can use the Topic description field as well if you have multiple samples.
Content of post:
samplename : MD5 hash - url to Virustotalreport
samplename : MD5 hash - url to Virustotalreport
samplename : MD5 hash - url to Virustotalreport
…
The MD5 hash can be copied/pasted from the Virustotal report.
This way, it’s easier for us and you to find and avoid duplicate samples/postings. That’s also why it is recommended, before you submit a sample, to use the searchfunction in this forum to see if the sample was already posted or not.
Since we also suggest to post the MD5 hash of the sample, you can search on that as well. (This since some samples can have same names, but may be different files).
Extra note:
In the interest of optimizing space/time, both yours and ours, please consolidate groups of samples into packages rather than 1 file per package. For example if you download some files in the morning and this nets 5 samples, zip them all into one package and use only one thread for that."[/i]
http://forums.malwarebytes.org/index.php?showtopic=31070
???
Nydarion, can you please post your computer stats? Go to profile and change your signature to that.
Why not submit the files from the virus chest - it will be a lot faster than sending them by e-mail
-pcclean3453 it is impossible to change my signature in profile (because i’m new ?)
-essexboy I submit the files from the virus chest (like in the pictures)
The Rogue BitDefender is still not detetced today (I send files yesterdy morning )???
http://nsa26.casimages.com/img/2011/04/22/110422111902380945.png
Avast! Antivirus Gratuit 6 (6.0.1091)
Windows Firewall
Clear Cloud DNS
Google Chrome
il te faut 20 postes pour pouvoir changer ta signature
Check after todays update, if it does not detect it then send it again
For your information :
just black list this site : ( rogue anti-virus apps)
hlrfndlr.co.cc/?s=sF02w5rLyzDqtt0cW%2BxIuzEsDxS2BCv8PpNPErBvh61y2GgrHfXhocYgYzU4AFIF0A%3D%3D (!do not open!)
“Another one which is current these days is the upcoming British royal wedding. When searching keywords relating to this event (e.g., “middleton wedding dress idea”) in your search engine, malicious links are among the top results. And the category of malware which sits behind them hardly comes as a surprise – rogue anti-virus apps.”
https://blog.eset.com/wp-content/media_files/scr00-300x182.jpg
https://blog.eset.com/wp-content/media_files/scr031-300x182.jpg
http://blog.eset.com/2011/04/20/i-take-you-xpantispyware-to-be-my
this is my last post on this topic
Oh, I forgot. You have to make 20+ posts to be able to edit.
Hi Nydarion,
There are a couple of answers to your why. I think the old av-detection model is very hard to maintain in detecting online malware threats as the threat landscape is ever-changing, very short-lived, and new malcreations are morphed, obfuscated and “warped” at us in a continuous stream. It is a ongoing battle against the forces of “cyber”-darkness and if you see the scans and for instance what comes from the “co dot cc domain”. This malware flow cannot be stopped in the traditional way, and traditionally one would be three months behind in detection rate.
So we search for particular patterns, ids, hashes, packers, wrappers etc. to flag “suspicious” and all that is reported is going to be taken in account as it no longers goes under the av-radar.
That is one side of the ongoing battle and your contributions in reporting are valuable. The other side is we have to protect also in another way, the responsibility of the user - through layered protection, one resident av solution and a couple of non-resident anti-malware solutions like MBAM, SAS, the protection of the network shield and webshield, web reputation scanning, and in browser protection to close the vulnerability gap further. Also very important to constantly update your OS and third party software (secunia online scan) to be not longer vulnerable to the latest exploits, but there is always a possibility that you could be hit by a new malware after a first testrun, a zero-day, or a specially tagetted attack.
Stay safe and secure online,
polonus