Avast WEBforum
Other => General Topics => Topic started by: FreewheelinFrank on March 29, 2007, 11:24:00 PM
-
There is spam out there that tries to get you to download IE 7. It’s fake, of course. When you click on the image, you are then offered to download a trojan (Sunbelt Sandbox analysis here, VirusTotal results here). Antivirus coverage is mediocre.
http://sunbeltblog.blogspot.com/2007/03/beware-fake-ie-7-downloads.html (http://sunbeltblog.blogspot.com/2007/03/beware-fake-ie-7-downloads.html)
-
Thanks for the heads up Frank.
-
There is spam out there that tries to get you to download IE 7. It’s fake, of course. When you click on the image, you are then offered to download a trojan (Sunbelt Sandbox analysis here, VirusTotal results here). Antivirus coverage is mediocre.
http://sunbeltblog.blogspot.com/2007/03/beware-fake-ie-7-downloads.html (http://sunbeltblog.blogspot.com/2007/03/beware-fake-ie-7-downloads.html)
...thnx for the info..i've downloaded IE 7 but the genuine fortunately!!!
-
Didn't think you guys would fall for it, but maybe avast! will want to get a sample from somewhere.
(http://www.sunbelt-software.com/ihs/alex/virustotal19231823123.PNG)
-
Please, improve detection...
-
Didn't think you guys would fall for it, but maybe avast! will want to get a sample from somewhere.
(http://www.sunbelt-software.com/ihs/alex/virustotal19231823123.PNG)
maybe its a false positive..many high rated AV(bitdefender,NOD32,MCafee) dont detect it..if its not a false positive..then we have a major lack of detection... 8)
-
BJ_GeOrgE,
That does not put you in the easy chair, my friend, saying "Oh this must be a FP", because certain malcreants will test their new malware against detection by the major AV vendors, and go well beyond their radar. And that could be just what you have here. That is why the big AV names leave you with a vulnerability window that stands just a trifle more than ajar where new 0-days are concerned. We call that the vulnerability window. In a later stadium all catch up. But not at first.
That is why most of us here use a combination of one standard resident AV solution (Avast) and some non-resident scanning (ClamWin, f-prot, DrWeb's, McAfee's stinger) to get protection against the broadest range of threats. We combine that with other security measures and a bit of good sense and attitude, and that seems to do the job. But what FwF has done here, should be performed on every (major) download. And if virustotal alerts thrice, I would not like to have it on my 'puter for the life of me, because I simply would not trust it. Once bitten twice shy, ye know. And that is the attitude.
polonus
-
BJ_GeOrgE,
That does not put you in the easy chair, my friend, saying "Oh this must be a FP", because certain malcreants will test their new malware against detection by the major AV vendors, and go well beyond their radar. And that could be just what you have here. That is why the big AV names leave you with a vulnerability window that stands just a trifle more than ajar where new 0-days are concerned. We call that the vulnerability window. In a later stadium all catch up. But not at first.
That is why most of us here use a combination of one standard resident AV solution (Avast) and some non-resident scanning (ClamWin, f-prot, DrWeb's, McAfee's stinger) to get protection against the broadest range of threats. We combine that with other security measures and a bit of good sense and attitude, and that seems to do the job. But what FwF has done here, should be performed on every (major) download. And if virustotal alerts thrice, I would not like to have it on my 'puter for the life of me, because I simply would not trust it. Once bitten twice shy, ye know. And that is the attitude.
polonus
ure right polonus..sry but i'm relaxed coz i think i have the right attitude..i mean i know how to avoid viruses from getting in my pc..i download only fron trusted sites and i know that the danger still exists..but i like living risky.. 8)