Even if the scans are just false positives, they still waste Freepers’ time. Might as well delete the post.
Well...sure....no harm no foul, but what always happens is that every user who now knows about this will have to run a full scan, which I did for years and it takes about 18 hours cuz I have a lot of crud in storage...
I like to look tha variant up and see if they have the code and a clue to where it is....then I look for it.
This one for example can be found at the end of the page code or where ever they stuck it. It’s at the tail end....looks like this.....
[infected_site]/in.cgi?[number_for_infection_campaign] .
I think they use it to log the IP, sell the list and the hackers will use it to gain a back door. They could use it for most anything...depending on what their flavor of the day is.
Always look at your logs and see if your computer contacted a site with the .cn. If you know you did not go there, chances are you have a Trojan that has, but any decent screen should pick this bugger up.
I just think that essentials, found on most any XP up to win vista system has a particular issue matching code to the malware list and if in doubt it flags it as malware.