Just wondering if NOD32 plans on adding a definition to detect the new porn email pop-ups that are in the news (some have labeled it a Trojan, others say Virus).

I know that Norton has added it to their definition list

(http://securityresponse.symantec.com/avcenter/venc/data/ortyc.trojan.html)

and was wondering what NOD32's take on this was?

Thanks.

:o

No reply yet from the NOD32 support staff?????

{QUOTE-> quoting: f_disk link=board=35;threadid=4550;start=0#29772 date=1036017814]
:o

No reply yet from the NOD32 support staff?????
<-QUOTE}

We are fast - but hey, your question is up for say 3 hours ;). Be assured your question will be addressed :).

regards.

paul

IMHO, it rather qualifies as spy/foistware.

SpyBot S&D already targets it, and I'm certain the next Ad-Aware reffile (whenever that's ready) will have it as well.

I'm not so sure whether this is indeed antivirus "food", and I wouldn't blame Eset if it were to decide to give this one a pass.

:)


My few bobs worth!!!!!!!!

NOD is Best at what it does now and I like that I think it best to have a layer of programs to defend agianst the various attackes , the all in one type programs like Norton make always seem to fall short. may I suggets a line up like this.

* NOD32 primary anti Virus
* Pest patrol for nasties, trojons & back doors
* Adaware for spy adds
* Popup cop to eliminate the popups on the www
* Anti key logger to make sure they are not listning
* kerio fire wall to keep the kiddy hackers out.
* oh yes DrWEB AV as my back up scanner but NOD is yet to ever let me down.

Ok that's half my task bar icons listed lol

let me know if you need help finding any of these online

Well f_disk,

Let me throw in a quote from Magnus Mischel, designer from the antitrojan TrojanHunter: "spyware".

{QUOTE-> The ActiveX control (which you have to accept before anything happens) will watch your browsing habits and download porn ads from a remote server and subsequently display them as pop-ups. It doesn't do anything other than display these ads. <-QUOTE}

I'm with Tony here:

{QUOTE-> I wouldn't blame Eset if it were to decide to give this one a pass. <-QUOTE}

regards.

paul

Hi f_disk,


we are working on that....

regards, :)

jan

Paul,

Thanks for the response. The quote that you posted was actually in reply to the exact same question I posted in the TH forum:

Said by Magnus:

"Hi,

I'm not sure why Symantec et al. label this a trojan - looks like spyware to me. The ActiveX control (which you have to accept before anything happens) will watch your browsing habits and download porn ads from a remote server and subsequently display them as pop-ups. It doesn't do anything other than display these ads. TrojanHunter takes care of "real" trojans which enable script kiddies/hackers/anyone else to gain remote access to your computer or any other trojan that is malicious in any way. Spyware is best taken care of by programs such as "Spybot S&D" - you may want to download that if you are worried about applets like these. That said, if you have a copy of this applet, I will be happy to take a look at it - just send it to submit@trojanhunter.com"

So that pretty much says to me that TH will not be adding it to their detection list.

Which brings me to NOD32......I simply asked if they were going to add it to their detection list and as of yet, no one from Eset has said yes or no....simple question........yes or no? I have read the opinions of everyone and thank them for that, but I would like the official word from NOD32......this is the official support forum isn't it?

Thank-you Jan!

{QUOTE-> I have read the opinions of everyone and thank them for that, but I would like the official word from NOD32 <-QUOTE}

...and there it is ;). Thanks Jan!

regards.

paul

My question is slipping to the bottom.....................

Jan, does "we're working on it" mean:

#1 We are working on adding it to the definitions

or

#2 We are working on an answer to your question?????

Well, the source webpage:

http://www.surprisecards.net/viewcard.htm

is already down and we are checking how are the possibilities of spreading that thing....

Cheers, 8)

jan

{QUOTE-> quoting: jan link=board=35;threadid=4550;start=0#30225 date=1036260662]
Well, the source webpage:

http://www.surprisecards.net/viewcard.htm

is already down and we are checking how are the possibilities of spreading that thing....

Cheers, 8)

jan
<-QUOTE}


I will be happy to send it to anyone..but first I need you credit card number. ::)

Where do we draw the line with what we detect/don't detect ? Do we try to include every Trojan ever written, plus all the spyware and porn dialers and browser hijackers and joke programs and key generators and program crackers and ad popups and homepage replacers and all the other malware/nastyware/pestware in the world ... or do we concentrate on maintaining NOD32's record as the world's best and fastest _virus_ detector ?

Some years ago, certain antivirus spin doctors needed a new slant to give their flagging programs a boost. Some advertising whiz kid hit on the idea of totally unnecessary archive scanning, and the marketroids touted it into a "desirable" feature. Users fell for the spiel en masse ... never mind that antivirus programs became slower and even more bloated then ever ... who cares, as long as they scan inside 3000 different archivers to a depth of 600*10 ?

The bottom line is that you could have ten thousand zipped viruses on your hard drive for ten years and not one of them would cause a problem unless you unzipped it ... at which time a decent antivirus program would block its execution and tell you it was a virus.

Personally I think scanning inside archives is a crock we could do without ... but computer user wish lists largely dictate what we do and don't do with NOD32, so we're stuck with it until they accumulate the collective wisdom to see some of the useless "features" touted as desirable and/or essential by antivirus spin doctors for the snake oil they really are.

[RantMode OFF]

rodzilla,
Although I don't use your excellent antivirus at this point, I can't tell you how I appreciate your last post. I had never thought about the archive scanning. I just used it, thinking I needed to, and waited, and waited, and waited.
Thank you for giving us the benefit of your knowledge.
I think when my license expires with my current av, I've gotta make the switch.

Scotcov

That was not a rant ;)...but rather a breath of fresh air.