Some people I know will try anything to squeeze that last little drop of performance from their Internet connection. I have read about others going to the extreme of installing an expensive central line filter (for ADSL) in their home, calculating the SNR for their telephone line or even hand tweaking the MTU values on their home router. There seems to be no end to the lengths they’ll go to download that file 10 seconds faster.
In the never-ending search for speed, a lot of users will look for download accelerator tools that boast incredible speed increases for a fraction of the cost of a faster Internet connection. In my experience, these tools work fairly well and are quite harmless.
However, like any software downloaded off the Internet, there is always the chance that you’re going to get more than you bargained for. Take, for instance, “FastLane Download Manager”. This seemingly innocent piece of software is detected by Sophos as Troj/SloLane-A for a number of good reasons.
When first run, users are greeted with the following screen:
Here is where things start to get suspicious. The subtitle tells us that this program is “your secure and fastest way to download Internet contents”. That’s all well and good, but this thing started to download as soon as I started it up! What “Internet contents” is it downloading? I didn’t ask it to do anything of the sort! Suspicions are further confirmed by the multitude of spelling mistakes. See the program title “Faslane Downloader”, and the message “Donwload in progress”.
Furthermore, there’s a number in some brackets above the progress bar that states “4.265 Kbyte”. What on earth does this mean? Is this the size of the file I’m downloading? If so, then it’s taking a very long time for something to download something that small, especially for a program that claims to be the “fastest way to download”. Maybe it’s the speed at which I’m downloading? This doesn’t sound right either, as it never fluctuates and would be considered an extremely slow speed for anything other than dial-up.
In the end, this program really does download something. Another malicious executable that’s proactively detected by Sophos as Mal/Behav-031. Once again, the old adage holds true: If it seems too good to be true, it probably is!