- Apr 28, 2015
- 9,397
- 1
- 84,816
- 8,389
Check it with KSN and will probably get it is in already in UnTrusted status, that means that if you try to execute, its execution will be blocked immediately, or with Heur detection on execution.
When VirusTotal reports "Draw"
- Thread starter Parkinsond
- Start date
- Status
- Apr 28, 2015
- 9,397
- 1
- 84,816
- 8,389
All firms miss at some point a malicious exe 
none is 100%...
none is 100%...
Thought of trying it to test system watcher, but I do not use VM.
Agree, but I will give AVG one more chance.All firms miss at some point a malicious exe
Turned off all K modules and autostart before exit; I'll keep it as a second opinion scanner.
- Apr 28, 2015
- 9,397
- 1
- 84,816
- 8,389
Send me that exe via pm and I will test in my VM.
I have deleted it unfortunately.
This is the link where I downloaded from:
URLhaus | Checking your browser
- Apr 28, 2015
- 9,397
- 1
- 84,816
- 8,389
Seriously? looks like a hack to Discord maybe? it alone does nothing
it is requesting a license key...
https://www.joesandbox.com/analysis/1690162/1/html looks ok but it is a decoyView attachment 288597View attachment 288598
Seriously? looks like a hack to Discord maybe? it alone does nothing
- Apr 28, 2015
- 9,397
- 1
- 84,816
- 8,389
Still it is already in K. KOTIP detected, so soon will be Untrusted in KSN:
opentip.kaspersky.com
Kaspersky Threat Intelligence Portal
Kaspersky Threat Intelligence Portal allows you to scan files, domains, IP addresses, and URLs for threats, malware, viruses
VirusTotal try this one it is on mbazaar this looks more concerningStill it is already in K. KOTIP detected, so soon will be Untrusted in KSN:
Kaspersky Threat Intelligence Portal
Kaspersky Threat Intelligence Portal allows you to scan files, domains, IP addresses, and URLs for threats, malware, viruses
Also missed by K.
I used to play with MB samples, until one day the sample started replicating inside the folder without executing it
lol no worries that missed sample does nothing in a sandbox. it will be detectedAlso missed by K.
I used to play with MB samples, until one day the sample started replicating inside the folder without executing it
I never used sandbox before; I was idiot enough to play with malware samples on my real OS
- Apr 28, 2015
- 9,397
- 1
- 84,816
- 8,389
VT detections many times do not mean anything (or does not reflect the detection), unless You execute in system.
Installed AVG and detected it; no excuse for K.
- Apr 28, 2015
- 9,397
- 1
- 84,816
- 8,389
That's a childish behavior, similar we can found here in the forum from time to time, users constantly changing of security products because OH CRYING! They found 2 samples not detected by his current product... welcome to the real world! Sincerely, I prefer not to add further comments...
This is not the first instance for K; decision is cumulative.
Anyway, Avast-AVG are underestimated.
No point arguing with him
I can smack more undetected samples of Avast/Avg from Malwarebazaar database than Kaspersky then he might switch back to Kaspersky.
I didn't uninstall K; just kept it inside the box for later use.
I have tried K and AVG several times on MB samples; they are almsot equal.
By the way, MD was not far behind.
- Apr 28, 2015
- 9,397
- 1
- 84,816
- 8,389
And now it's the time when I LAUGH BIG TIME! 
this supposed malware (I tried in the VM, that requests a manual license key to work), I reported to K. analysts, this is their verdict:
Welcome to VirusTotal massive false positives.
this supposed malware (I tried in the VM, that requests a manual license key to work), I reported to K. analysts, this is their verdict:
Welcome to VirusTotal massive false positives.
- Status
You may also like...
-
Is Using Free Malwarebytes Scanner as a 2nd Opinion Provider Viable Advice for 'Typical' Consumers?- Started by Wrecker4923
- Replies: 6
-
-
If the site contains malware, should frontline page be blocked- Started by Moonhorse
- Replies: 129
-
Safe ways to run an exe with potential trojan.
- Started by tryxed
- Replies: 14
