Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > Re: Some help/advice would be welcomed!

Reply
Thread Tools

Re: Some help/advice would be welcomed!

 
 
Mike Easter
Guest
Posts: n/a
 
      01-09-2010
~BD~ wrote:
> Following a recent post I made in another group, a member responded .......


Where is that conversation?

> BTW, "uploading.com" tried to send me a present... Trojan.Script.255082
> (Virus)


uploading.com is a file sharing place. That is a common way for viruses
to get spread around. If a person is going to download files being
passed around, then they have a responsibility to protect themselves.

> My security software took care of that for me. Perhaps you should scan your
> computer for viruses.


That is a stupid and useless remark by him. That person doesn't know if
his AV ware gave a false positive. That person hasn't taken the
quarantined object to be checked out. That person didn't actually
accurately describe how he came to be alerted - whether it was from a
file he downloaded or from some kind of insecure setting on his browser.
It isn't clear to me if he is saying that he invited the webserver to
run a script which was malware or something else.

And, even if he had, advising you as he did doesn't make any sense.

> That's most interesting. I pasted your finding here:


Searching on the name of a virus which is given to you by someone else's
AV agent isn't a reliable way to get some information.

There are all kinds of ways to name a virus, and searching on one string
often will not give a hit on a similar string which is what some other
AV agent calls some particular virus or malware family.

IMO you should 'drop' the investigation you are attempting.

> Did you/can you send the 'rogue' item to


> Charter Security Suite 9.01
>
> Viruses are automatically removed, all I see is what actions were taken.


Which means that he can't tell the false positives from the real ones
and it also means that he doesn't care to.

> From what I saw on the action log the infected file was named
> "pdffile.php"
> and came from "statcntr.com".


Similarly, there isn't really any use searching on either the .php or
the domainname.

> Any comment will be appreciated.


Forget it. Your investigation is worthless, or at least seems worthless
to me.

uploading.com doesn't even say whether or not they screen the shared
files for malware, but it doesn't matter whether they do or not, because
the potential problems and responsibilities for self protection for the
downloader are still the same.

If you choose to interpret his report as saying that uploading.com is a
dangerous malware site, you can check the google safe browsing tool and
see if it is reported. I doubt it.

At the top of my list is a false report based on some kind of webserver
stat tool script or something.


--
Mike Easter
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
an oddball scary kind of thing you would think would never happen richard Computer Support 4 01-31-2010 06:34 PM
plan to sell some items on ebay would like opinions on what they're worth ... ms smiling bookworm Computer Support 6 10-11-2005 03:12 AM
Would some kind soul explain Ethernet? ziggy Computer Support 17 11-15-2003 07:13 PM
Would like some comments if possible. John Smith MCSE 1 09-10-2003 05:56 PM
Problem with JDBC socket, i would greatly appreciate some advice =) Tom Java 3 08-15-2003 02:36 PM



Advertisments