My sister who uses the latest Avast! product with the most recent definitions updates got infected today.
She thought she was opening an attached image file …, it was shown as 'Imagens anexadas: DSC_24.jpg - DSC_33.jpg - DSC_55 .jpg … and each filename is actually an hyperlink. When clicked on it’ll quickly open up a new IE TAB and closes and followed by a user download prompt, for the file name it showed foto*.com (wildcard used to indicate something else before the .com).
Avast didn’t detect this threat this early in this stage, my sister carelessly clicked ‘Open’ the file and got infected … then Avast complained about ‘some’ of the Trojan files.
Further details can be found on the type of infection on the trust worthy informational sites http://home.mcafee.com/VirusInfo/VirusProfile.aspx?key=179655, http://www.threatexpert.com/report.aspx?md5=9665fb2bd9838977fb252b98319818a2
I also do have three of the bad links for one to be-able to retrieve the infections to be used to make additional signatures, is there someone special on the Avast! team who accepts PM containing the three bad URLs?