Hello all I hope everyone is having a nice day. Before I explain please note I have activated the MBAM trial and Malware bytes protection is on.
So today I was asked by a family member to find an appropriate weather toolbar that was safe and wouldn’t infect her computer. I, not a fan of any toolbars was left to search with Google.
Searching with Google I came across a toolbar by the name of weatherblink.exe When My Malware bytes protection is switched on and it caught this file before it was opened. However I did a test and switched off the malware bytes protection and allowed avast to catch it, to be sure it was already in the database and recognised by Avast! It bypassed, opened and allowed me to attempt to install the program.
Opening the file without malware protection enabled obviously infected my computer, but it hasn’t been restarted and scans found and cleaned these objects. But why didn’t avast catch this? The open with sandbox message didn’t even pop up and Avast is set at pure default settings, I haven’t changed a thing.

Virus Total Report:
http://www.virustotal.com/file-scan/report.html?id=5f53d02aa506912db6482f968afedbb8f66fa5be8a72318c32a90acfb6113cd7-1307385181

That file is bundled with Funweb adware.

I suggest Ani-Weather for Firefox and Chrome.

I wonder if perhaps avast classes it as a PUP - and you haven’t got PUP selected?

Mag: your right, if Avast classes this as a Pup then it slipped by because I indeed did not have Pup’s scanning on. It’s now on so thanks for that.

I don’t know if avast does or doesn’t class as a PUP - reassuringly several things on my system stopped me getting anywhere near it.

I won’t suggest you recheck

Caught it as a PuP when it was turned on, good call. When PuP is unchecked it allows the download. Thanks alot!