Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

Archive

Posts Tagged ‘sality’
April 29th, 2013

High profile site scares users

We come across a plenty of malware reports every day. Sometimes we have to deal with some special cases, where a respected vendor is involved. This time it was the Dell driver download site.

Download site

Download site

Read more…

Categories: analyses, Virus Lab Tags: ,
November 26th, 2012

Sality: A Nasty Binary Tracked Down from Download.com

What a weird positive we’ve just spotted on CNET’s Download.com…

Win32:SaliCode blocked

Read more…

Comments off
May 19th, 2011

Early warning may save your bacon :-)

Another day, another entry in the avast! Virus Lab submission system for reporting false positives:

just another groovy submission?

Processing hundreds of possible false positives each day is usually routine work, but a submission from a live internet link is always interesting and needs more individual attention. The reason is obvious – it can do more harm to potential site visitors than a file on a local system which isn’t linked anywhere. Considering the fact that we detect this bit of malware with two different detection systems (regular detection for Sality along with a heuristic detection) is a clear hint – there’s definitely something fishy here.

Read more…

September 15th, 2010

Accurate file names

It is always nice when we know what a file does, where it comes from, etc. Most of the time spent on deeper file (samples) analysis goes to uncovering this information. But, sometimes we don’t have to try when everything is obvious like in this case:

fp submission

Read more…

Categories: analyses, Virus Lab Tags: , ,
January 8th, 2010

File infectors – part 2

Hello in 2010. I would like to wish you all the best in this year and I hope that our upcoming v5 will be your good fella starting from this January. Let me resume the previous article “Buggy file infectors” -  as the release date for v5 is getting closer and closer, I think it would be good to inform you what to expect regarding the file infectors cleaning. Version 4.x was sometimes criticised due to its lower ability to cure most recent file infector families (more on this will be written later in this text). Good news for you – v5 will perform better.

Read more…