Author Topic: Stupid me, and stupid question  (Read 2242 times)

0 Members and 1 Guest are viewing this topic.

lucasbuck

  • Guest
Stupid me, and stupid question
« on: March 25, 2011, 11:36:19 PM »
I had downloaded a zip file, clicked to open, and Windows 7 popped up 'Do you want this program to make changes'. It was then I realized it was an exe. (Yes, stupid mistake, wasn't paying attention). Of course I clicked no, but my question is, COULD it have made any changes? Or did clicking no automatically prevent it? Just want to be sure.
I was kind of shocked because normally Avast picks stuff up automatically as soon as it downloads. Just out of curiosity I had Avast scan it before deleting the file, and it did recognize it then. It was 3 things, bundled up in something called $PLUGINSDIR\  Can you setup 3 exes inside 1 exe?

Win32:Alureon-EN [Rtk]
Win32:Vitro
Win32:FakeAlert-EJ [Trj]

doktornotor

  • Guest
Re: Stupid me, and stupid question
« Reply #1 on: March 25, 2011, 11:41:12 PM »
No harm done. Anyway, did you disable the self-extracting executables checking in File System Shield? It is enabled by default.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Stupid me, and stupid question
« Reply #2 on: March 26, 2011, 12:00:57 AM »
Hi Lucasbuck,

I think you had a lucky escape then. No harm was done, clean your temp files from time to time is always a good procedure.
Next time before ever downloading executables that are not signed by software makers or warned against or as a general rule, first check out the download link, copy the download link, then copy and open up to scan here: http://www.virustotal.com/index.html#url-submission
After the scan has finished, and when available then check the file analysis link after the results came up. When some av solutions flag malware, you are ill advised to go on with the download.

Whenever in doubt, come here to get a confirmation whether the download link is OK and free of malware, crapware, spyware etc.
Thanks for reporting to us, because this will also help users to establish safe download procedures. So watch your clicks and stay secure, which is the wish of,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

lucasbuck

  • Guest
Re: Stupid me, and stupid question
« Reply #3 on: March 26, 2011, 01:29:46 AM »
Thanks much guys! The only thing I could find under file shield that specifically says 'self extracting dos executable' and one for 'win32' under packers. Is that the ones you mean, they're both checked? Maybe since it hadn't activated yet, Avast didn't pick it up. I just usually get a notice when any fishy comes down, let alone when I click on it.
Just so I know, I don't think I've changed any settings, but is there a way to go back to defaults?

Offline Left123

  • There Is No Patch For Human Stupidity.
  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 1048
  • Proud Community Member&Helper.
Re: Stupid me, and stupid question
« Reply #4 on: March 26, 2011, 01:30:56 AM »
You were lucky,since avast detected that viruses,vitro and alureon are "deadly" viruses.
Or maybe,it's not luck,it's because avast is the best av ;)
AMD Athlon(tm) X2 Dual-Core Processor 4200+ - 2.20 GHz,3,00 GB RAM -
Browser:Mozilla Firefox +WOT - SoftWare:CCleaner - Windows 7 32 bit
No Anti-Virus

Offline Tarq57

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3695
  • If at first you don’t succeed; call it version 1.0
Re: Stupid me, and stupid question
« Reply #5 on: March 26, 2011, 01:48:32 AM »
The shield system can be re-set to default via "settings>troubleshooting>Restore factory defaults".

I would imagine that Avast would have blocked these files had you answered "continue/yes" to the W7 warning popup.

Still, no need to put that to the test now, is there?  ;)
Windows 10,Windows Firewall,Firefox w/Adblock.