Why is CNET dsitributing Smart Fortress 2012 in their downloads?

Discussion in 'malware problems & news' started by xxJackxx, Apr 11, 2012.

Thread Status:
Not open for further replies.
  1. xxJackxx
    Offline

    xxJackxx Registered Member

    I have a coworker that downloaded what he though was an Excel spreadsheet and it came with what he thought was a .zip file, but was really a double extension .zip.exe file. Unfortunately he ran it and was infected with Smart Fortress 2012, which appears to be a fake AV. It took me 2 hours to research it and get it cleaned up. I think we should be able to bill them for the lost productivity of 2 people for 2 hours. Is CNET just a malware site now? It's about to get blacklisted here. :mad:

    P.S., Microsoft Security Essentials did nothing.
  2. Cudni
    Offline

    Cudni Global Moderator

    Did you report it/submit it to cnet/ms ?
  3. dw426
    Offline

    dw426 Registered Member

    Report it to them and see what they say. Personally I think CNET is a dodgy place to be getting anything from, and I really wish legit programs would stop using them as download servers. As to MSE and its silence, I'm not surprised. It doesn't seem to concern itself with fake software. The bigger question is where did this "spreadsheet" come from? Also, you could really do well with having "hide file types" unchecked. Provided he bothered to look first and not blindly click, it would have been obvious something wasn't right. It sounds like this is more of a bad security practice issue than a CNET issue. My comments about CNET still stand though, I'd stay away.
  4. funkydude
    Offline

    funkydude Registered Member

  5. m00nbl00d
    Offline

    m00nbl00d Registered Member

    For future reference: -http://www.bleepingcomputer.com/virus-removal/remove-smart-fortress-2012

    Usually, one finds great guides at this forum. :)
  6. xxJackxx
    Offline

    xxJackxx Registered Member

    Already found that site very helpful. Unfortunately I do not have access to the files to submit, a side effect of people trying to resolve the problem before coming to me. MBAM removed the rest of it, once I was able to get it updated. I just can't believe that what was once a reputable site now has stuff like this. He has been instructed to not download anything else without going through me.
Thread Status:
Not open for further replies.