Thanks, guys. Invalid signature it is, as expected.
I was commenting on what you said. What you said was this: Your quote from Siemens does not, in any way, prove that the patch isn't perfect....
I did. Unfortunately it answered none of my questions. Seriously, can we stop with the evasiveness and the mystery play? You said you started...
Sigh. The patch isn´t supposed to break LNK files. Read my answer to you on the previous page. If you manually open a malicious LNK file, any...
Can you perhaps help me find some clue? Also, what about the trojan with a Kaspersky signature on it, the one that got past CIS? Signature...
You have a sample of this trojan, correct? Then the question to ask is this: does the Kaspersky signature on the trojan check out as valid? If you...
Maybe MS considers their current offerings enough for security, especially when combined with the offerings of third party vendors. MS probably...
Maybe you ought to write a tutorial for imaging and restoring, then. That kind of stuff could be helpful to folks. :thumb: And yeah, that's all...
No, it wouldn't.
What kind of solutions are we expecting to find here? If we're talking solutions for end-users instead of solutions for people who work inside...
Oh, I'm interested in the subject, and I was certainly talking objectively as in based on facts instead of opinion. Fact is, an invalid digital...
No, I'm not. But next time, I'll try to remember to mention that I'm talking about valid digital signatures obviously, and not invalid ones which...
The question "If a file is signed does that mean it is clean?" is a bit on the absurd side. It's like asking "If a banking check is signed, does...
This thread is starting to get out of hand with the silliness... There is a patch out. It fixes the vulnerability. Patch your system, and you're...
I should've remembered it was you, AvinashR. I tried to remember the name, but it escaped my memory. Norton's behavior here is just plain...
Some reasons: 1) People don't know about LUA and SRP. 2) Some people just really like security software. It makes them feel safe and gives...
I've heard about this before. It sounds like Norton has a habit of reporting what the malware would do if it executes, instead of reporting what...
Sophos also actually mentions SRP/AppLocker in their little blog article: Whether or not DLL rules have to be enabled, I don't know. But gut...
Well, it seems now that Sophos is reporting this malware works just fine in spite of UAC or limited privileges. Apparently there's a user mode...
Ah, okay, so AE is basically just scanning for executable files and popping up alerts for any found executables that have not been previously...
Most any reasonable setup would have stopped it, it seems, now that it's been revealed this is simply a shell vulnerability that only gains the...
That's strange. It doesn't look like you have the .lnk files that actually contain the exploit code on the removable drive. So why are the .tmp...
A question, as I don't have a sample of this malware: when the code runs, does it run with the privileges of the currently logged in user, or does...
No, I don't see how it could. According to Sergey's PDF, the malware infects the system by exploiting an unpatched vulnerability in processing LNK...
Thanks for that :thumb: There's still some questions about the .LNK file vulnerability worth asking, though. Such as: Has the vulnerability been...
Separate names with a comma.
