7 replies to this topic

[Bitterman]

in internet explorer 8x 9x or whatever it is my xp runs today Avira blocked the lavasoft toolbar.

Avira Antivirus active web protection
When accessing data from the URL, "http://toolbar.lavas...10062223-m.zip"
a virus or unwanted program 'PHISH/PayPal.TN' [phishing] was found.
Action taken: Blocked file

[CeciliaB]

That is a false positive by Avira. Maybe Avira noticed a file with certain URLs without knowing that it was going to be used for stopping users from reaching the bad URLs. Please, report it to Avira.

[Bitterman]

makes sense. i ll try and see what avira says.

[CeciliaB]

Thank you, Bitterman

[Bitterman]

Dear Sir or Madam,

Thank you for your email to Avira's virus lab.
Tracking number: INC01203224.


We received the following archive files:

File ID Filename Size (Byte) Result 26986957 120710062223-m.zip 668 Byte OK
A listing of files contained inside archives alongside their results can be found below:
File ID Filename Size (Byte) Result 26986327 120710062223-m.list 982 Byte MALWARE

Please find a detailed report concerning each individual sample below:
Filename Result 120710062223-m.list MALWARE

The file '120710062223-m.list' has been determined to be 'MALWARE'. Our analysts named the threat PHISH/PayPal.TN. The term "PHISH/" denotes an eMail or a file that under false pretences tries to persuade the user for instance to reveal personal information. Detection is added to our virus definition file (VDF) starting with version 7.11.35.174.

Alternatively you can see the analysis result here:
http://analysis.avira.com/samples/details.php?uniqueid=y6m12z4OCygWtgrdTJnbXD00w6QAMBqx&incidentid=1203224

An overview of all your submissions can be found here:
http://analysis.avira.com/samples/details.php?uniqueid=y6m12z4OCygWtgrdTJnbXD00w6QAMBqx
Please note: If you have specific questions please address them to support@avira.com
Kind regards
Avira Virus Lab

---------------------------------------------
Avira Operations GmbH & Co. KG
Kaplaneiweg 1, 88069 Tettnang, Germany
Phone: +49 (0) 7542-500 0
Fax: +49 (0) 7542-500 3000
Internet: http://www.avira.com

CEO: Tjark Auerbach
Headquarter: Tettnang
Commercial register: AG Ulm HRB 630992
---------------------------------------------

the germans has deemed it a virus
tyskarna envisas med att det är virus

[CeciliaB]

Thank you

I'll inform my contact person at Lavasoft and maybe they can convince Avira that the file isn't dangerous.

[Bitterman]

I stopped getting the file warnings because i clicked deny access? So i tried installing Ad-Aware toolbar in firefox.
men det sket sig..., ööhh Did not go well at all, could not install.

Warning
In order not to compromise your security, this page will not be accessed
The requested URL has been identified as a potentially dangerous website.
Further information as to why this page was blocked can be found here. A description of how to remove the block for this page is available here.
Requested URL: http://download100.l...Tb_2.1.0.20.exe
Category/categories: Malware

So Internet explorer got adaware toolbar installed but not firefox.

i tried copying the url in to download accelerator IDM but it was denied access http 1403 forbidden access.

On another topic!? i installed Emsisoft 6.2 Anti-Malware and Avira said it was a Trojan.

Realtime protection: malware found
Virus or unwanted program 'TR/Crypt.XPACK.Gen [trojan]'
detected in file 'C:\Program Files\Emsisoft Anti-Malware\a2start.exe.
Action performed: Deny access

Avira keeps crapping on other malware products left n right

[CeciliaB]

You have certainly received a lot of false positives from Avira.
Can you disable Avira while you are fetching and installing the toolbar.

I stopped getting the file warnings because i clicked deny access?

Doesn't that mean that Ad-Aware is denied access to the file? Then Ad-Aware wouldn't be able to update its list.