Prev: pricegrabber.com problem?
Next: Malwarebytes' Anti-Malware 1.45 released
From: siljaline on 26 Mar 2010 23:02
121 New Items in database, all for IE.
13471 Total Items.

Silj

--
"Arguing with anonymous strangers on the Internet is a sucker's game
because they almost always turn out to be -- or to be indistinguishable from
-- self-righteous sixteen-year-olds possessing infinite amounts of free time."
- Neil Stephenson, _Cryptonomicon_

From: Buffalo on 26 Mar 2010 23:24


siljaline wrote:
> 121 New Items in database, all for IE.
> 13471 Total Items.
>
> Silj
Thanks once again for the heads up.
Buffalo
PS: did that 'virus' from Pricegrabber ever amount to anything?


From: siljaline on 27 Mar 2010 00:09
Buffalo wrote:
> Thanks once again for the heads up.

You are welcome.

> PS: did that 'virus' from Pricegrabber ever amount to anything?

See the last thread from Dave Lipman and the Virus Total findings.

I did not flag the item off the Pricegrabber site. As I had mentioned in that thread,
it is quite likely that it got rotated out right away as soon as they got contact WebMaster
complaints of flags from the site.

Silj

--
"Arguing with anonymous strangers on the Internet is a sucker's game
because they almost always turn out to be -- or to be indistinguishable from
-- self-righteous sixteen-year-olds possessing infinite amounts of free time."
- Neil Stephenson, _Cryptonomicon_

From: Andy Walker on 27 Mar 2010 00:20
siljaline wrote:

>Buffalo wrote:
>> Thanks once again for the heads up.
>
>You are welcome.
>
>> PS: did that 'virus' from Pricegrabber ever amount to anything?
>
>See the last thread from Dave Lipman and the Virus Total findings.
>
>I did not flag the item off the Pricegrabber site. As I had mentioned in that thread,
>it is quite likely that it got rotated out right away as soon as they got contact WebMaster
>complaints of flags from the site.
>
>Silj

Except that Dave said that he did a wget on the index.html file, which
means that it was not an ad, but the index page that registered the
infection. I'm not convinced that it is infected, though. I've seen
similar detections on innocuous pages that were false positives, but
hopefully McAfee and Avira have looked at it more closely to determine
the truth. They have been very quick to fix these types of false
positives in the past.
From: siljaline on 27 Mar 2010 01:03
Andy Walker wrote:
> siljaline wrote:
>
>>Buffalo wrote:
>>> Thanks once again for the heads up.
>>
>>You are welcome.
>>
>>> PS: did that 'virus' from Pricegrabber ever amount to anything?
>>
>>See the last thread from Dave Lipman and the Virus Total findings.
>>
>>I did not flag the item off the Pricegrabber site. As I had mentioned in that thread,
>>it is quite likely that it got rotated out right away as soon as they got contact WebMaster
>>complaints of flags from the site.
>>
>>Silj
>
> Except that Dave said that he did a wget on the index.html file, which
> means that it was not an ad, but the index page that registered the
> infection. I'm not convinced that it is infected, though. I've seen
> similar detections on innocuous pages that were false positives, but
> hopefully McAfee and Avira have looked at it more closely to determine
> the truth. They have been very quick to fix these types of false
> positives in the past.

Right, and I posted back to Dave that:
<quote>
Noted, the agnitum .ru .fr. .co.uk index pages were triggering AV heuristics a while ago.
</quote>
I've seen this before and I'm sure it's not the last time we'll see this on a legit site or sites
on differing country designators. As I mentioned to Buffalo in that thread, try as I may I
could not reproduce the flag.

Cheers,

Silj

--
"Arguing with anonymous strangers on the Internet is a sucker's game
because they almost always turn out to be -- or to be indistinguishable from
-- self-righteous sixteen-year-olds possessing infinite amounts of free time."
- Neil Stephenson, _Cryptonomicon_

 |  Next  |  Last
Pages: 1 2 3 4
Prev: pricegrabber.com problem?
Next: Malwarebytes' Anti-Malware 1.45 released