| Author |
Message |
foxyfemfem
New Member
Joined: Dec 07, 2003
Posts: 22
Location: USA
|
 Posted:
Wed Jun 02, 2004 11:12 pm |
|
You gave me more than a hard time, I was in tears you was so hard on me (giggling). Just kidding about the tears  I guess you're not that bad of a guy, notice the word "guess" .. |
| |
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 17088
|
| Posted:
Wed Jun 02, 2004 11:39 pm |
|
Want a second opinion? <MUHAHAHAHAHA> |
| |
|
|
|
|
corky
Regular
Joined: Feb 29, 2004
Posts: 63
|
| Posted:
Thu Jun 03, 2004 5:10 am |
|
Hey guys, I downloaded Mikem Virus program, I couldn't get to the internet for an hour, I took it off then started right up |
| |
|
|
|
|
money
New Member
Joined: Aug 24, 2003
Posts: 11
|
| Posted:
Thu Jun 03, 2004 8:13 am |
|
| Quote: | | From speedx: Money go back to school. If you read the posts you would understand what they are trying to say. They said NOW read carefully ok, that they used norton or other virus scanning program and did not find a trojan virus in the files..... |
Don't act condescendingly to me speedx. Your one post above mine had nothing, nothing at all, in it on this thread's topic or the forum's topic. If mine is considered off-topic here, then someone please move it to wherever it fits better.
The part of Sentinel which causes the user's computer to malfunction is written in javascript and flash. Those files are downloaded on the user's computer and run inside his browser. PHP, CGI, and binary code is what executes on the server.
I had read their posts. To me whether an anti-virus software alerts is not as big of a deal as the legal issue because everyone here knows Sentinel contains malicious code which when triggered attacks a visitor. Frankly, all the anti-virus software should be issuing alerts not just the one mikem pointed out. Kapersky identified Sentinel's abuse.js file as being infected by a trojan. Trojan.JS.Offiz and Sentinel's pc killer share similar behaviors. Both use javascript to cause the user's computer to malfunction. The former moves the window rapidly around the screen so the user cannot close it while the latter spawns off an infinite number of popups causing his PC to run out of memory and lock up. Both trap the ALT, F4, CTRL, and DEL keys.
Each malware has a unique set of bits called a signature. Developers try to obtain samples of the code or binaries to analyze their signatures and create definitions. The anti-virus software then uses these definitions to detect and identify malicious code. These products will not automatically recognize every new virus/trojan/etc hitting the street today or into the future. However, they will alert when a software's signature matches an already existing definition which was loaded. The reason why Kapersky alerts while others don't is due to the differences in the way they wrote their definition for Trojan.JS.Offiz. I bet Kapersky is only keying off the javascript trapping of ALT, F4, CTRL, and DEL keys (which is considered malicious) and the others either chose to be more specific or did not include this particular one. If someone sends a copy of Sentinel to the anti-virus companies, IMO they will add it to their detection because regardless of the developers' denial here, this script is a trojan. |
| |
|
|
|
|
money
|
| Posted:
Thu Jun 03, 2004 8:27 am |
|
| Quote: | | To Money: I would rely on the answers of higher, corporate/industry standard virus checkers than that of new, false reading minors. |
| Quote: | money,
Put the doobie down. There is no trojan. KAV falsely reports it. There is nothing malicious. There is no hard drive crash. That is your ridiculous interpretation. "Whether you want to accept this labeling for your post is not important". |
Sentinel has a very similar behavior to Trojan.JS.Offiz. It's obvious we aren't going to agree on this. So, why not let the experts decide by giving a copy to the anti-virus companies. This will verify for sure whether your or my position is correct.
You may not consider spawning multiple popups on someone's PC as malicious, but regular visitors and the government do. A site owner cannot guarantee a visitor's hard drive won't crash because you have no idea what he is running which might conflict. Some here are pointing to other software that crash PCs. Those are not intentional by developers but inadvertently caused by software bugs or poorly written code. That is not illegal. The issue is intent to cause harm which is what your software was specifically written to do. As I already showed, this is against the law in the US. It may be in other countries. |
| |
|
|
|
|
Raven
|
| Posted:
Thu Jun 03, 2004 8:35 am |
|
Money,
Your points are well articulated and taken. Yes, we do differ on opinion/interpretation. The fact that out of all the Major AV products, with the exception of this one (KAV), they do not see this JS/Flash as a virus, does speak volumes imo. Also, a virus is, by definition and acceptance, an INTENTIONALLY placed code to harm a network and/or PC. That is not why it was written nor is what it is in practice. Regardless, the code has been rewritten in v1.2 and does not cause this footprint. |
| |
|
|
|
|
xfsunolesphp
Regular
Joined: Aug 23, 2003
Posts: 77
|
| Posted:
Thu Jun 03, 2004 8:40 am |
|
i check in Mcafee website, they said it's was a very low risk. they think trojan because Ctrl, Del, Escape, and Alt + F4 to popup an Java Script alert message. |
| |
|
|
|
|
Raven
|
| Posted:
Thu Jun 03, 2004 8:53 am |
|
| xfsunolesphp wrote: | | i check in Mcafee website, they said it's was a very low risk. they think trojan because Ctrl, Del, Escape, and Alt + F4 to popup an Java Script alert message. |
Also, see this post [ Only registered users can see links on this board! Get registered or login! ] |
| |
|
|
|
|
Raven
|
| Posted:
Thu Jun 03, 2004 9:50 am |
|
I wanted to let all know that MikeM has altered his original New's item at NC that started this thread. Thank you Mike. Here is a copy of what MikeM now has as his News item| MikeM wrote: | Beware-Possible Virus in Sentinel™ package
More Information can be found Here
The script possibly is being detected as a virus by some Virus scanners due to the nature of the script's function. The authors at Raven scripts are aware of this and are releasing a new version that will not set off this possible "false alarm" from certain virus scanners.
from Raven of ravenphpscripts:
"The fact that out of all the Major AV products, with the exception of this one (KAV), they do not see this JS/Flash as a virus, does speak volumes imo. Also, a virus is, by definition and acceptance, an INTENTIONALLY placed code to harm a network and/or PC. That is not why it was written nor is what it is in practice. Regardless, the code has been rewritten in v1.2 and does not cause this footprint." |
|
| |
|
|
|
|
squiresmk
Regular
Joined: May 31, 2004
Posts: 95
Location: NY
|
| Posted:
Thu Jun 03, 2004 12:14 pm |
|
Finally, something smart on NC's part. Now wheres the apology? |
| |
|
  
  |
|
foxyfemfem
|
| Posted:
Thu Jun 03, 2004 12:27 pm |
|
v1.2?!?!? where? The only link I can find is v1.1 Has v1.2 been released or is it still in testing? |
| |
|
|
|
|
stephen2417
Worker
Joined: Jan 18, 2004
Posts: 244
Location: Bristolville, OH
|
| Posted:
Thu Jun 03, 2004 12:28 pm |
|
|
|
|
|
Raven
|
| Posted:
Thu Jun 03, 2004 12:28 pm |
|
burnwave:
This was Mike speaking for Mike, not NC 
Foxy:
Being tested  |
| |
|
|
|
|
spcdata
Regular
Joined: Jan 24, 2004
Posts: 81
Location: Sweden
|
| Posted:
Thu Jun 03, 2004 12:31 pm |
|
I just can't understand the behaviour that some people have.....   |
_________________
/spcdata |
|
|
|
squiresmk
|
| Posted:
Thu Jun 03, 2004 5:00 pm |
|
Oops, apologies Mike. Kudos to you |
| |
|
|
|
|
drmike
Worker
Joined: Jul 15, 2004
Posts: 108
Location: Charlotte, NC
|
| Posted:
Thu Sep 09, 2004 6:29 am |
|
| burnwave wrote: | | If IBM uses it, thats telling you something there |
*snicker*
funniest thing I've read all morning.
-drmike |
_________________
The Daria - Jane Conspiracy |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
