* Home Help Search Login Register  

Welcome, Guest. Please login or register.
November 21, 2009, 10:53:57 PM

Login with username, password and session length

336704 Posts
37254 Topics
84456 Members
Latest Member: Guoqiang

more news...
Search:     Advanced search | Tag Cloud
+  Welcome to the Comodo Forum
|-+  Desktop Security Products
| |-+  Comodo Internet Security - CIS
| | |-+  Bug Report - CIS
| | | |-+  False Positive/Negative reporting - (Is this a malware that CIS has/not detected?)
| | | | |-+  Topic "IGMP block" infected with Exploit.JS.Agent.~KA[at]34000491 ?		 « previous next »
Pages: [1] Go Down Print
Author Topic: Topic "IGMP block" infected with Exploit.JS.Agent.~KA[at]34000491 ?  (Read 221 times)
Tarantela
Comodo's Hero
*****
Offline Offline

Posts: 255


Such a cute lizard.
« on: November 09, 2009, 11:26:52 AM »
I recently searched on comodo forum a subject about IGMP and stumbled on a topic
Called "IGMP block"  https://forums.comodo.com/empty-t26707.0.html
and got an malware alert from CIS av - Exploit.JS.Agent.~KA[at]34000491

It seems that 3 pictures(211 bites size each all blank) are exploits and they are linked
to a certain web site(see picture properties to find web site).

I use CIS 3.12.111745.560 with av database 2898.

I would like to know if this is a positive or negative.
Logged
Peace and love , peace and love!
ionelp
Global Moderator
Comodo's Hero
*****
Offline Offline

Posts: 310
« Reply #1 on: November 09, 2009, 11:30:56 AM »
Hi Tarantela,

Quote from: Tarantela on November 09, 2009, 11:26:52 AM
I recently searched on comodo forum a subject about IGMP and stumbled on a topic
Called "IGMP block"  https://forums.comodo.com/empty-t26707.0.html
and got an malware alert from CIS av - Exploit.JS.Agent.~KA[at]34000491

It seems that 3 pictures(211 bites size each all blank) are exploits and they are linked
to a certain web site(see picture properties to find web site).

I use CIS 3.12.111745.560 with av database 2898.

I would like to know if this is a positive or negative.



We will verify this detection and get back to you with the conclusion.

Regards,
Ionel
Logged
ionelp
Global Moderator
Comodo's Hero
*****
Offline Offline

Posts: 310
« Reply #2 on: November 09, 2009, 11:45:46 AM »
Hi Tarantela,

Please be advised, the reported detection is not false-positive.

Regards,
Ionel
Logged
Tarantela
Comodo's Hero
*****
Offline Offline

Posts: 255


Such a cute lizard.
« Reply #3 on: November 09, 2009, 12:11:18 PM »
Thank you for your help and quick reply.
Logged
Peace and love , peace and love!
Tarantela
Comodo's Hero
*****
Offline Offline

Posts: 255


Such a cute lizard.
« Reply #4 on: November 10, 2009, 03:19:04 AM »
I did research on the web site and it is reported as phishing site.
http://phish.opendns.com/?url=static.pochta.ru%2F404.html
I am asking any moderator to please remove web site links from the topic "IGMP block".
Logged
Peace and love , peace and love!
Tags:
Pages: [1] Go Up Print 
« previous next »
Jump to:  

SSL Certificate Free Virus Removal Firewall
Page created in 0.043 seconds with 20 queries.
Powered by SMF 1.1.10 | SMF © 2006, Simple Machines LLC
Seo4Smf v0.2 © Webmaster's Talks 		Design by 7dana.com