+kewfriend Posted December 31, 2007 Share Posted December 31, 2007 As of 10 minutes ago the Geocaching.Com has been infected - PUT THE BARRIERS UP IMMEDIATELY! Link to comment
+ReadyOrNot Posted December 31, 2007 Share Posted December 31, 2007 As of 10 minutes ago the Geocaching.Com has been infected - PUT THE BARRIERS UP IMMEDIATELY! What's next? Are you going to tell me I need to forward this to 10 of my closest friends or something "Bad" is going to happen to me? Link to comment
+kewfriend Posted December 31, 2007 Author Share Posted December 31, 2007 I use the CA Pest Patrol and Antivirus which reported this JavaScript driveby infection from the geocaching.com website about 15 mins ago now. False positives are (of course) reported but until the all clear is given I woyld refrain from using the site without adequate protection. Link to comment
+ReadyOrNot Posted December 31, 2007 Share Posted December 31, 2007 False Positive There's a problem with your software. They are looking into the problem with CA. There appears to not be a problem with the geocaching website. Link to comment
+kewfriend Posted December 31, 2007 Author Share Posted December 31, 2007 OK - thanks - and sorry for the alarm. Better safe than sorry. Link to comment
+Suburban Hillbillies Posted January 3, 2008 Share Posted January 3, 2008 Lovely. My computer said the same this morning, and my companys firewall automatically blocked access to www.geocaching.com. At least I can still get to forums.groundspeek.com What's up? New code that is reporting a false positive, or a ntionwide epidemic that is being covered up? ( Ok, just kidding there ) Link to comment
+Suburban Hillbillies Posted January 3, 2008 Share Posted January 3, 2008 Just FYI if anyone is following... I didn't get: JS/SNZ.a drive I got: JS/Exploit-BO.gen Link to comment
+Glenn Posted January 3, 2008 Share Posted January 3, 2008 It is a false positive. Most likely in the heuristics detection portion of your virus detection software. Go on in your virus detection program and either turn heuristics detection down to a lower level or turn it off all together. Don't worry this will NOT open your system up to viruses as this has no effect on signature detection. The classic type of virus detection is signature detection. Signature detection is when little bits of code that are unique to that particular virus (the signatures) is compared to files on your system for a match. In signature detection it is very rare for a non-virus program to have the same signature as a virus. Heuristics detection is new way of detecting potential virus activity. It looks for certain virus like behavior. In heuristics detection because it looks for behavior cues it is more likely that it could mistake normal program behavior for virus activity particularly if the detection level is set to strict or high. If you want more information you can read How Virus Detection Works. Link to comment
+horsegeeks Posted January 4, 2008 Share Posted January 4, 2008 My CA virus software is catching a new one.....the Wherigo virus Link to comment
Guyute1210 Posted January 4, 2008 Share Posted January 4, 2008 The classic type of virus detection is signature detection. Signature detection is when little bits of code that are unique to that particular virus (the signatures) is compared to files on your system for a match. In signature detection it is very rare for a non-virus program to have the same signature as a virus. Heuristics detection is new way of detecting potential virus activity. It looks for certain virus like behavior. In heuristics detection because it looks for behavior cues it is more likely that it could mistake normal program behavior for virus activity particularly if the detection level is set to strict or high. Funny that one of the exe's in our software package (Real Estate market) was showing, after we compiled one of the daily builds, as one of the Banker virus variants. We ended up rearranging some atributes in the code and it fixed the false positive. It was quite the scare around the office until it was figured out to be a false positive... Link to comment
Recommended Posts