1561

I chose the update function to upgrade the R50 (see spec below). Everything seems peaceful at the moment.

avast updated during the download procedure! - as I had only just turned the laptop on. All seems very good. :slight_smile:

1562

Worked like a charm.

Microsoft Security Essentials Version: 1.0.1611.0
Antimalware Client Version: 2.0.6212.0
Engine Version: 1.1.5101.0
Antivirus definitions: 1.67.166.0
Antispyware definitions: 1.67.166.0

1563

Google wave first look

http://lifehacker.com/5370738/google-wave-first-look

1564

http://www.youtube.com/watch?v=v_UyVmITiYQ&feature=player_embedded#

1565

yes the life hacker article has that link. :wink:

1566

[quote=ā€œAvira TechBlog ā€œhttp://techblog.avira.com/2009/10/02/fastflux-malware-leading-to-fakeav/en/ā€ā€]
Our researchers found a malicious JavaScript link in some forums. This lead to the situation that the forum access was slow in general. This raised suspicion, so we started to analyse what is going on.

In those forums there were links embedded in the posts which lead to a JavaScript on a Russian website. A google search with the URL revealed that already more than 100 web pages, especially forums, got infected with that malicious link ā€“ the infection rate is increasing fast. Today another URL with the malware script appeared, where Google reports more than 16.000 infected web pages.

The JavaScript is encrypted and obfuscated in several layers.

That malicious JavaScript redirects users to a fast-fluxā€™ed server ā€“ the Internet addresses to which the embedded link points resolves to different locations every few minutes (fast flux as abbreviation from fast fluctuation, see Wikipedia). So it doesnā€™t help to take down one server as there are plenty of them. Every infected computer also serves the malware.

But this malware ā€“ Avira detects it TR/FraudPack.ams ā€“ is just another downloader. It accesses a set of ā€œdouble fast-fluxā€™edā€ domains to fetch the actual malware, a FakeAV. These are detected by Avira with generic detection as TR/Crypt.ZPACK.Gen and also as TR/FakeAV.RK.
[/quote]
All friends please take care more these days.

TR/FakeAV.RK has been detected 15 days ago by avast! as ā€œWin32:FakeAV-RK [Trj]ā€ in VPS 90915-0
TR/FraudPack.ams Iā€™ve seen some of FraudPacks in avast! VPS history
TR/Crypt.ZPACK.Gen should be covered by generics detection in avast! VPS

1567

Given the quoted text, avastā€™s Web Shield is highly likely to alert on the obfuscated and encrypted script as it has been doing for similar obfuscated scripts.

So it is likely that that detection wonā€™t be specifically mentioning fakeav in the malware name, but more likely to be something like ā€œJS:ScriptPE-inf [Trj]ā€ or ā€œJS:Redirector-G [Trj]ā€ or ā€œJS:Agent-AV [Trj]ā€ or ā€œJS:ScriptSH-inf [Trj]ā€ or ā€œHTML:Script-infā€, etc.

1568

Well, I found this interesting ā€¦

http://www.giveawayoftheday.com/avast+46/

It seems the GiveAwayoftheDay site already has avast 5 for download.

See the image below & click to enlarge.

But, when you click the download link, it takes you to the avast site page where 4.8 is the listed download.

1569

Not quite yetā€¦
click in that link, you go to the page in my pic, and that link just goes to the avast home page. Maybe they are just getting ready :wink:

1570

Yep, Scott, you are right. A bit misleading, though.

1571

Note the Square a icon ;D

I think this is just preparation, as if you follow it through, the only link it gives to actually get it (hover over the download avast 5 link and look at the status bar) is avast.com.

So you donā€™t actually want to click the link, just check where it is pointing from the status bar, handy if it happens to be pointing to a malicious site.

1572

Thatā€™s what I did :smiley:

1573

When you use the search engine on any sight that has one, you never know what results you might run into. :wink:

1574

http://i.i.com.com/cnwk.1d/i/bto/20091002/win_7_quiz_results.JPG

Try Windows 7 Personality Quiz

1575

Iā€™m Multi-handed

I learned about Device Stage by playing the video:
http://www.neowin.net/news/main/09/01/10/windows-7-device-stage-overview

1576

If you use USB Safely Remove, Hereā€™s a great opportunity to get a FREE License.

Today we are glad to announce another one offer: we wish to share with the world 10,000 free licenses for USB Safely Remove 4.1! This action starts today and will finish when the last from 10K people receives his free license. If you still do not have a license for 'USB Safely Remove' grab it right now for free.
For details see the following link:

http://safelyremove.com/giveaway10K.htm

Iā€™ve gotten mine and they still had about 900 left. :slight_smile:

1577

Nice program, but I wont botherā€¦I donā€™t use that many USB devices and windows deals with it well enough IMHO

Thanks anyway Bob :slight_smile:

p.s. I think they use avast!

http://safelyremove.com/fullFeaturesList.htm
(third pic)

1578

Your welcome Scott,
Unlike you, I use a lot of USB Drives and devices. :slight_smile:

*There is a caveat to the license

License conditions: * The license is valid only for v. 4.1 so if you wish to upgrade to future version you have to purchase a lifetime license. * You can use the program personally on each of your computers * You can use this version for lifetime
1579

yeah, at most I use 2, and I usually forget to remove them (instead of taking then out/putting them in and then I forget to take it to schoolā€¦::)), which is where the ā€˜check removable mediaā€™ setting in avast! comes into play, now I never forget :wink:
(although that setting is a bit cumbersome in vistaā€¦)

1580

This fits.