Re: A fake but good-looking Symantec site, with virus

From: Bill Unruh (unruh_at_string.physics.ubc.ca)
Date: 06/27/04 

Date: Sun, 27 Jun 2004 17:13:08 +0000 (UTC)

]> "Tim Murray" <no-spam@thankyou.com> wrote in message
]> news:0001HW.BD0302320002118EF02845B0@newsgroups.bellsouth.net...
]> > I got a very poorly worded, all-caps e-mail saying it was Symantec and
]> that I
]> > should promptly go to <http://www.symantec.ar.nu/>. I have a computer
]> that

That was not actually a symantec site, nor is the site to which they point
you with the "cleaner".
www.symantec.ar.nu=65.108.204.171

whois 65.108.204.171

OrgName: Alabanza, Inc.
OrgID: ALAB
Address: 10 East Baltimore St., 10th floor
City: Baltimore
StateProv: MD
PostalCode: 21202
Country: US

--------------------
ping www.nikroot.com
PING premium.geo.yahoo.akadns.net (66.218.79.189) 56(84) bytes of data.

]> > is both a Mac and sacrificial, so I went to take a look.
]> >
]> > On the top of the initial page is a notice in red that "you have a
]virus",
]> > and do download some .exe file. I downloaded it, tested it, and of
]course,
]> it
]> > had a virus.
]> >
]> > The site is, generally, of utter professionalism ... it looks like they
]> > simply downloaded all of Symantec's real site.
]> >
]> > But this is not really the point of the story. The point is that was
]> three
]> > days ago, and I've contact Symantec three times about it, figuring I'd
]at
]> > least get a "thanks-for-letting-us-know" reply. But I've received no
]> reply,
]> > and the site is still up (I really thought Symantec would be powerful
]> enough
]> > to get it shut down pronto).

Yes. It looks like yahoo is falling down in their responsibility.

]> >

Relevant Pages

  • Re: TrojanDownloader.ImLoad.100
    ... | please see my comments to symantec at bottom: ... you may want to try my Multi AV Command Line Scanner front end ... This will bring up the initial menu of choices and should be executed in Normal Mode. ... You can choose to go to each menu item and just download the needed files or you can ...
    (microsoft.public.security.virus)
  • Re: Annoying start up message
    ... Contact Symantec Support ... You can download the Intelligent Updater file ... Window's top line is "Old Virus Definition File" with the text "The virus ... etc does not eliminate this very annoying window. ...
    (microsoft.public.windowsxp.general)
  • Re: Not Responding errors
    ... Remote Desktop Connection for Windows XP ... started and was busy running anti-virus scans etc. ... Symantec LiveUpdate, if you run the update engine for Norton which the ... link click on this and you will be taken to symantec to download a plug-in ...
    (microsoft.public.windowsxp.help_and_support)
  • Re: Symantec Antivirus/ problem
    ... If your Symantec live-update is out of date, also go here often to download ... It will not update the actual antivirus software engine, ... > flooded with lots of error messages from Symantec Antivirus. ...
    (microsoft.public.windowsxp.general)
  • HELP!!
    ... Symantec website. ... once the virus definitions are ... not running a late enough version of Internet Exployer to ... complete the download and run a scan. ...
    (microsoft.public.windows.inetexplorer.ie6.browser)