Jump to content

How Do I Report a Possible Malware Issue in SL?


You are about to reply to a thread that has been inactive for 2307 days.

Please take a moment to consider if this thread is worth bumping.

Recommended Posts

nothing to do.

slplugin.exe is a web/media player plugin that is connecting to an external web address which is outside of SL, same as if you visited it with your browser.

Either the media URL is falsely flagged or it could be genuine, either way, nothing to do with Linden Lab or a fault in SL.

Link to comment
Share on other sites

hi there!   as somebody who deals with malware infections on the corperate levels.   This is an outbound connection, not an inbound one, so the source was you as indicated by the outbound from the SL plugin.  so  as mentioned where you was at, your connection was sending information to what ever ip or url is listed as media on that sim.

 

There is zero chance of infection in SL.   the way the clients are done, make infection even by the nastisest malware impossible. 

 

 

Link to comment
Share on other sites

it's not hard to believe that there's nobody to tell because it's entirely outside of SL.

 

I suspect it's a music steam or media on a prim, both of which could be accessed via a web browser. if you did that and got the same malware message, who would you report it to?

 

it is clearly already known to your security software.

 

Not everything that you view inside SL is necessarily part of SL though the distinction isn't necessarily clear if you're not interested in the technical aspects so I can understand your concern.

 

Link to comment
Share on other sites

While I hesitate to provide useful information here since this isn't a People issue and can't reliably be Generally Discussed...

93.158.134.83 is a Russian IP belonging to Yandex, a popular search/hosting provider in that country (kind of like Google, except with state sponsorship). Malware infections are possible and more probable than other, non-Russian providers (hooray), and there's likely to be an malware/adware-serving component of the site.

Port 60897 is unused by anything I can find. Perhaps just scanning, perhaps this is SL-related and internal, not anything to do with Yandex. It's not possible to tell and doesn't seem useful anyway.

Note that Malwarebytes doesn't only detect malicious content, but also obtrusive and annoying content. It's possible that the detected threat was intentional, a side-effect of you randomly careening around in SL with media enabled and the destination attempting to scoop information about your PC/connection. The Internet's not always as safe as that, I would encourage browsing with more caution in future (e.g. disabling auto-play).

You could report this issue to Yandex directly, but this isn't LL's problem, to agree with Sassy. The risk is one that you are taking, it is your responsibility to browse securely, as only your system is placed at risk. Malwarebytes is one way of countering this risk, but you're still exposed to quite a few tricks if you're using auto-play media in SL.

Link to comment
Share on other sites

Link to comment
Share on other sites

You are about to reply to a thread that has been inactive for 2307 days.

Please take a moment to consider if this thread is worth bumping.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...