We come across a plenty of malware reports every day. Sometimes we have to deal with some special cases, where a respected vendor is involved. This time it was the Dell driver download site.
What a weird positive we’ve just spotted on CNET’s Download.com…
Another day, another entry in the avast! Virus Lab submission system for reporting false positives:
Processing hundreds of possible false positives each day is usually routine work, but a submission from a live internet link is always interesting and needs more individual attention. The reason is obvious – it can do more harm to potential site visitors than a file on a local system which isn’t linked anywhere. Considering the fact that we detect this bit of malware with two different detection systems (regular detection for Sality along with a heuristic detection) is a clear hint – there’s definitely something fishy here.
It is always nice when we know what a file does, where it comes from, etc. Most of the time spent on deeper file (samples) analysis goes to uncovering this information. But, sometimes we don’t have to try when everything is obvious like in this case:
Hello in 2010. I would like to wish you all the best in this year and I hope that our upcoming v5 will be your good fella starting from this January. Let me resume the previous article “Buggy file infectors” - as the release date for v5 is getting closer and closer, I think it would be good to inform you what to expect regarding the file infectors cleaning. Version 4.x was sometimes criticised due to its lower ability to cure most recent file infector families (more on this will be written later in this text). Good news for you – v5 will perform better.