Stand alone webshield?

Discussion in 'other anti-malware software' started by mattdocs12345, May 31, 2013.

Thread Status:
Not open for further replies.
Page 2 of 2
  1. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,593
    Location:
    U.S.A.
    The full details of this event is given below.

    https://www.wilderssecurity.com/showthread.php?t=347571

    Short of blacklisting the www.virtualrouterplus.com site, no rep site scanner will detect the download link at the source site since the it is being redirected through multiple servers; one in mainland China. Sucuri scan for this web site comes back 100% clean.

    What will detect the malware is ZULU since it will download the software, submit it to VT, and perform additional analysis to determine its status. Of course, one has to manually submit the actual download URL to ZULU for scanning. A minor inconvience to assure one's PC safety. Also the AV download analyzer must correctly id the URL address from where the software was actually downloaded from. It is that URL that has to be submitted to ZULU. In this case, NIS 2013 Insight recorded the actual download URL, "http://downloadcdn.betterinstaller.com/installers/b/9/VirtualRouterPlusSetup_downloader_by_VirtualRouterPlusSetup.exe". Just copy it and paste into ZULU for analysis.

    In reality what is at issue here is the AV download analyzer, not the web filter capability.
     
    Last edited: Jun 2, 2013
    itman, Jun 2, 2013
    #26
Page 2 of 2
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...