is the machine compromised?

H

H. S.

My friend brought to my notice a warning window she got on her XP SP2
laptop, fully updated, while browsing Baba Farid University, India, web
site:
http://www.babafariduniv.com

The warning was from Symantec Antivirus, updated, about VBS.Redlof.A
virus. The antivus reported that a file had been quarantined.

I was wondering, is this worrying? From symantec website, it looks that
the virus could spread via infected web sites. So, the web site is
infected(?) Also, since the antivus was successful in removing the
infected file, should the computer be thoroughly checked to verify the
various registry entries the vius is supposed to alter? The laptop also
runs Spybot Teatimer. It did not report any registry changes at that time.

Finally, what should be done to handle this if the web site is indeed
infected? I sent an emial to a contact address given on the web site but
obtained no response.

thanks,
->HS
 
G

Ghostrider

H. S. said:
My friend brought to my notice a warning window she got on her XP SP2
laptop, fully updated, while browsing Baba Farid University, India, web
site:
http://www.babafariduniv.com

The warning was from Symantec Antivirus, updated, about VBS.Redlof.A
virus. The antivus reported that a file had been quarantined.

I was wondering, is this worrying? From symantec website, it looks that
the virus could spread via infected web sites. So, the web site is
infected(?) Also, since the antivus was successful in removing the
infected file, should the computer be thoroughly checked to verify the
various registry entries the vius is supposed to alter? The laptop also
runs Spybot Teatimer. It did not report any registry changes at that time.

Finally, what should be done to handle this if the web site is indeed
infected? I sent an emial to a contact address given on the web site but
obtained no response.

thanks,
->HS
Click to expand...

Contacting the webmaster is about all that can be done in a
situation like this, other than maintaining virus definitions
current.
 
G

Ground Cover

H. S. wrote:

Yes, a website can be "infected". The content of its files can contain
scripts / mal-formed content / and other "whatnot" that are malicious. They
take advantage of vulnerablilities in the visiting computers. Usually the
vulnerabilities are already known .. so if you keep your computer patched
and up-to-date there's no problem. It is when one visits with an upatched
computer that one gets compromised.

Another strategy is to up the level of security in your brower(s). Don't
just accept the default settings but, rather, raise the level of security by
taking advantage of security zones, turning off install on demand, refusing
3rd party this and that, limiting Java / Scripting / Active X and so on.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Cannot Browse Anti Virus Websites 6
Is C:\WINDOWS\system32\explorer.exe important? 6
What is everyone doing about this security flaw til 1/10/06 19
I thought commercial sites are safe 1
C:\Windows\Winppr32.exe How important is it? Can it be downloaded and reinstall 2
VIRUSES HELP! W32SWEN.A@mm and W32KLEZ.H@mm 6
Backdoor.hazzer infected winlogon.exe 1
Win XP RPC Service Failure Reboot Rant Help - the story of a ruined weekend! 9

Top