Re: Some help/advice would be welcomed!

Discussion in 'Computer Security' started by Mike Easter, Jan 9, 2010.

  1. Mike Easter

    Mike Easter Guest

    ~BD~ wrote:
    > Following a recent post I made in another group, a member responded .......

    Where is that conversation?

    > BTW, "" tried to send me a present... Trojan.Script.255082
    > (Virus) is a file sharing place. That is a common way for viruses
    to get spread around. If a person is going to download files being
    passed around, then they have a responsibility to protect themselves.

    > My security software took care of that for me. Perhaps you should scan your
    > computer for viruses.

    That is a stupid and useless remark by him. That person doesn't know if
    his AV ware gave a false positive. That person hasn't taken the
    quarantined object to be checked out. That person didn't actually
    accurately describe how he came to be alerted - whether it was from a
    file he downloaded or from some kind of insecure setting on his browser.
    It isn't clear to me if he is saying that he invited the webserver to
    run a script which was malware or something else.

    And, even if he had, advising you as he did doesn't make any sense.

    > That's most interesting. I pasted your finding here:

    Searching on the name of a virus which is given to you by someone else's
    AV agent isn't a reliable way to get some information.

    There are all kinds of ways to name a virus, and searching on one string
    often will not give a hit on a similar string which is what some other
    AV agent calls some particular virus or malware family.

    IMO you should 'drop' the investigation you are attempting.

    > Did you/can you send the 'rogue' item to

    > Charter Security Suite 9.01
    > Viruses are automatically removed, all I see is what actions were taken.

    Which means that he can't tell the false positives from the real ones
    and it also means that he doesn't care to.

    > From what I saw on the action log the infected file was named
    > "pdffile.php"
    > and came from "".

    Similarly, there isn't really any use searching on either the .php or
    the domainname.

    > Any comment will be appreciated.

    Forget it. Your investigation is worthless, or at least seems worthless
    to me. doesn't even say whether or not they screen the shared
    files for malware, but it doesn't matter whether they do or not, because
    the potential problems and responsibilities for self protection for the
    downloader are still the same.

    If you choose to interpret his report as saying that is a
    dangerous malware site, you can check the google safe browsing tool and
    see if it is reported. I doubt it.

    At the top of my list is a false report based on some kind of webserver
    stat tool script or something.

    Mike Easter
    Mike Easter, Jan 9, 2010
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. jmarkotic
    Balin, Son of Fundin
    Dec 2, 2003
  2. Chris Newey

    Simple idiots website - Constructive comments welcomed

    Chris Newey, Jan 8, 2004, in forum: Computer Support
  3. Smoker

    video card advice welcomed

    Smoker, Jan 3, 2005, in forum: Computer Support
    Alexander Rogge
    Jan 4, 2005
  4. Agent86
    Feb 9, 2007
  5. Mike Easter

    Re: Some help/advice would be welcomed!

    Mike Easter, Jan 10, 2010, in forum: Computer Security
    Jan 11, 2010

Share This Page