OT: virus on the wild?
lists at michel-messerschmidt.de
Thu Jan 22 15:57:32 CET 2009
On Thu, Jan 22, 2009 at 08:51:23AM -0500, Robert J. Hansen wrote:
> Faramir wrote:
> > And the second question is: Does somebody know about this virus? Is is
> > as fast spreading as it looks like?
> Yes. No. Moo. Ten pounds of flax. Getting accurate intelligence
> about the spread of malware is a very difficult task.
Agreed, but does it really matter?.
I suppose you really wanted to know whether your computer is at risk
because of this AV warning? And the only definitve answer is obvious:
Ask your AV vendor. There exist AV products that issue a warning
even whenever they encounter a zip file :)
Therefore any speculation here won't give you the level of assurance you
> > And the third and last question is: why the AV detected the virus
> > _before_ I visited the site?
Assumption: Your AV adheres to common virus naming conventions here.
1. Your AV stated that it detected a Trj = trojan but not a virus. So
it won't replicate itself (no spreading in the usual sense) but waits for
users/browsers to execute it.
Some AV products prefetch linked pages to scan them before the user clicks
on a link. Also some browsers prefetch web pages and an AV may detect the
Conclusion: It is absolutely possible that your AV warned you without
anything malicious happening on your computer. OTOH if something happened
it won't be easy to track down the origin of the attack.
Whatever your AV vendor will tell you, these apply in general:
- don't use outdated browser versions
- know the behaviour of your browser
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 315 bytes
Desc: Digital signature
More information about the Gnupg-users