Do the malware database website samples really contain malware?

Discussion in 'malware problems & news' started by varunit, Sep 17, 2011.

Thread Status:
Not open for further replies.
  1. varunit

    varunit Registered Member

    Joined:
    Oct 26, 2009
    Posts:
    79
    Hello friends, I am wondering that the websites like ~Links removed~

    contain really malware samples?

    I used to download some exe's from their sites and test/play with my AV :D I use KIS 2012 and just came around a typical sample..

    The VT scan with that sample confirmed it as a malware even by KIS, but it isn't detected in my system and KIS says its a clean file...:rolleyes:
     
    Last edited by a moderator: Sep 17, 2011
  2. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,635
    Location:
    UK
    Those malware database sites don't contain the malware themselves. The lists they generate are of URLs where malware supposedly is active. Problem is within a few hours some of those URLs disappear either because the sites get hosed or the authors move them to somewhere else in order to try avoid detection.
     
  3. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    If you click on the links that's on any of those websites you will encounter malware, yes.
     
  4. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    KIS didn't detect it, because it's not perfect, as are all blacklisting solutions.
     
  5. varunit

    varunit Registered Member

    Joined:
    Oct 26, 2009
    Posts:
    79
    As I have said earlier, Kaspersky detected it during a VT or jotti scan, but not when I downloaded the sample to my desktop. weird experience.:rolleyes:
     
  6. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    which version of kaspersky are you running and have you ticked all detection categories in options?
     
Loading...
Thread Status:
Not open for further replies.