Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
Avira Free Review
Message
<blockquote data-quote="Evjl&#039;s Rain" data-source="post: 610602" data-attributes="member: 51905"><p>here is the test using the latest samples from the hub. The sample in the second link was included in my video. Not sure if it was running then</p><p></p><p><a href="https://malwaretips.com/threads/20-3-2017-17.69781/#post-610601" target="_blank">https://malwaretips.com/threads/20-3-2017-17.69781/#post-610601</a></p><p></p><p>Containment: VMware Workstation 12.5.2 build-4638234</p><p>Guest/OS: Windows 7 Pro x86 SP1</p><p><strong>Product: Avira Pro 2017</strong>, Default settings</p><p>Static: 6/17</p><p>Dynamic: 8/11</p><p><strong>Total: 14/17</strong></p><p>SUD: 11</p><p><strong><em>Files encrypted:</em></strong> <strong><span style="color: rgb(0, 179, 0)">No</span></strong></p><p>System Final Status: <strong><span style="color: rgb(255, 0, 0)">Infected</span></strong></p><p>[SPOILER="Static"][ATTACH]143652[/ATTACH] [/SPOILER]</p><p>[SPOILER="SUD"][ATTACH]143653[/ATTACH] [/SPOILER]</p><p>[SPOILER="Dynamic"]<strong><span style="color: rgb(255, 128, 0)">8427.js</span></strong> terminated everything after 5 seconds</p><p></p><p>[ATTACH]143646[/ATTACH] [ATTACH]143645[/ATTACH]</p><p><strong><span style="color: rgb(255, 0, 0)">20612.js</span></strong> triggered avira cloud upload. Finally blocked</p><p></p><p>[ATTACH]143647[/ATTACH]</p><p><strong><span style="color: rgb(0, 179, 0)">48843.png.exe</span></strong> blocked by avira cloud</p><p></p><p><span style="color: rgb(0, 179, 0)"><strong>Codice.jpg.exe</strong></span> blocked by cloud</p><p></p><p><strong><span style="color: rgb(255, 128, 0)">gdfers.vbs </span></strong>triggered wscript, copied itself into temp, running for >5 minutes but nothing happened. Created an autorun entry -> rebooted -> same, nothing happened</p><p></p><p>[ATTACH]143650[/ATTACH]</p><p><strong><span style="color: rgb(0, 179, 0)">MK847589.jse</span></strong> blocked by cloud</p><p></p><p>[ATTACH]143654[/ATTACH]</p><p><strong><span style="color: rgb(0, 179, 0)">user.php.exe</span></strong> blocked by cloud</p><p></p><p>[ATTACH]143648[/ATTACH]</p><p><strong><span style="color: rgb(0, 179, 0)">Case_4785_Details.js</span></strong> blocked by cloud</p><p></p><p>[ATTACH]143649[/ATTACH]</p><p><strong><span style="color: rgb(0, 179, 0)">cerber.exe</span></strong> blocked by cloud</p><p></p><p>[ATTACH]143651[/ATTACH]</p><p><strong><span style="color: rgb(0, 179, 0)">notice_6452842UK.js</span></strong> blocked by cloud</p><p></p><p>[ATTACH]143658[/ATTACH]</p><p><strong><span style="color: rgb(0, 179, 0)">yg4peajz.exe</span></strong> blocked by cloud</p><p>[/SPOILER]</p><p>[SPOILER="Second Opinion"]<strong>NOTE: AutoKMS is a false postive</strong></p><p>[ATTACH]143655[/ATTACH] [ATTACH]143656[/ATTACH] [ATTACH]143657[/ATTACH][/SPOILER]</p></blockquote><p></p>
[QUOTE="Evjl's Rain, post: 610602, member: 51905"] here is the test using the latest samples from the hub. The sample in the second link was included in my video. Not sure if it was running then [URL]https://malwaretips.com/threads/20-3-2017-17.69781/#post-610601[/URL] Containment: VMware Workstation 12.5.2 build-4638234 Guest/OS: Windows 7 Pro x86 SP1 [B]Product: Avira Pro 2017[/B], Default settings Static: 6/17 Dynamic: 8/11 [B]Total: 14/17[/B] SUD: 11 [B][I]Files encrypted:[/I][/B] [B][COLOR=rgb(0, 179, 0)]No[/COLOR][/B] System Final Status: [B][COLOR=rgb(255, 0, 0)]Infected[/COLOR][/B] [SPOILER="Static"][ATTACH]143652[/ATTACH] [/SPOILER] [SPOILER="SUD"][ATTACH]143653[/ATTACH] [/SPOILER] [SPOILER="Dynamic"][B][COLOR=rgb(255, 128, 0)]8427.js[/COLOR][/B] terminated everything after 5 seconds [ATTACH]143646[/ATTACH] [ATTACH]143645[/ATTACH] [B][COLOR=rgb(255, 0, 0)]20612.js[/COLOR][/B] triggered avira cloud upload. Finally blocked [ATTACH]143647[/ATTACH] [B][COLOR=rgb(0, 179, 0)]48843.png.exe[/COLOR][/B] blocked by avira cloud [COLOR=rgb(0, 179, 0)][B]Codice.jpg.exe[/B][/COLOR] blocked by cloud [B][COLOR=rgb(255, 128, 0)]gdfers.vbs [/COLOR][/B]triggered wscript, copied itself into temp, running for >5 minutes but nothing happened. Created an autorun entry -> rebooted -> same, nothing happened [ATTACH]143650[/ATTACH] [B][COLOR=rgb(0, 179, 0)]MK847589.jse[/COLOR][/B] blocked by cloud [ATTACH]143654[/ATTACH] [B][COLOR=rgb(0, 179, 0)]user.php.exe[/COLOR][/B] blocked by cloud [ATTACH]143648[/ATTACH] [B][COLOR=rgb(0, 179, 0)]Case_4785_Details.js[/COLOR][/B] blocked by cloud [ATTACH]143649[/ATTACH] [B][COLOR=rgb(0, 179, 0)]cerber.exe[/COLOR][/B] blocked by cloud [ATTACH]143651[/ATTACH] [B][COLOR=rgb(0, 179, 0)]notice_6452842UK.js[/COLOR][/B] blocked by cloud [ATTACH]143658[/ATTACH] [B][COLOR=rgb(0, 179, 0)]yg4peajz.exe[/COLOR][/B] blocked by cloud [/SPOILER] [SPOILER="Second Opinion"][B]NOTE: AutoKMS is a false postive[/B] [ATTACH]143655[/ATTACH] [ATTACH]143656[/ATTACH] [ATTACH]143657[/ATTACH][/SPOILER] [/QUOTE]
Insert quotes…
Verification
Post reply
Top