« previous next »
Pages: [1]   Go Down

Author Topic: Avast Networkshield blocks TR/Jorik.Zbot.dwt site..  (Read 1555 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 34051
  • malware fighter
Avast Networkshield blocks TR/Jorik.Zbot.dwt site..
« on: June 29, 2012, 08:56:19 PM »
See: http://zulu.zscaler.com/submission/show/15f9f4b15eae5ab9246864b72900aae5-1340995131
Avast Networkshield block as URL:Mal, most likely IP blocked...
IDS alert: ET RBN Known Russian Business Network IP (2) also found: trojan ZeroAccess/Sirefef
On IP detected: Detected BlackHole exploit kit HTTP GET request
Detected Live BlackHole exploit kit
See: http://sitevet.com/db/asn/AS47869

Still we get postings here and elsewhere on the forums from users that disable the shield detection occasionally for some flagged site.
Here we state we should never do that, because it is an absolute vital part of the avast av solution detection.
If one is in doubt about a particular shield detection, provide us with the broken site link (hxtp or wxw etc)
and we will look into it. Most so-called OP FP's however later appear to be valid and genuine detections,

polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »