Jump to content


Photo

Abt Pua.win32.packer


  • Please log in to reply
1 reply to this topic

#1 ---waQas---

---waQas---

    Newbie

  • Members
  • Pip
  • 1 posts

Posted 12 June 2012 - 01:01 PM

my problem is that :) in this month of june i saw this malware while scanning ma files over joti or virustotal that calm av detect PUA.Win32.Packer.MasmTasm-3 ....... avast av is ma default anti virus i made scan with avast, kasper, avira, etc use all application bt its show that ma pc is not infected and its fully clean ......... bt problem is that if a download a clean exe from a web of a yahoo tool or etc ..... then how can it infected with out clicking ......... even i formated ma hard & partition ....... bt ..... i just want to know following things ?

1, what is PUA.Win32.Packer.MasmTasm-3 ??
2, is it harmfull ??
3, y antivirus not detecting it if its most active malaware of this month lyk calm av statistic
Posted Image
Posted Image
Posted Image

and most important think that i would lyk to ask from all of u pplz...

this is old scan of a exe taken in December 2011
http://virusscan.jot...b8954ac40af94f6

in this scan Calm Av show or detect nothing

i just download this exe.... and put for scan didnt open it as well

bt now calm av shows that its contain PUA.Win32.Packer.MasmTasm-2
http://virusscan.jot...b8954ac40af94f6

how can this possibel that with out opening a tool some thing binded to it .... in other hand ma pc is totaly clear

need a detail response about this issue :) and help
thanx in advance

#2 Francis

Francis

    Sourcefire Administrator

  • Administrators
  • 75 posts

Posted 12 June 2012 - 04:49 PM

Hi ---waQas---,

PUA stands for Potentially Unwanted Application, so this means that the file may not be malicious but rather something like a keygen, crack file or other illegal application. The screenshot of the post describing the hazards of the PUA.Win32.Packer file might be true in some cases, but many files are identified under the same name. If you want more information about a particular file contact the ClamAV team directly.

Also, if you're confident about a file you can always add exclusions on your own computer or submit false positives (as well as potential malware) to the Clam team here.

Thanks.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users