False positive?

Discussion in 'NOD32 version 2 Forum' started by Biscuit, Jan 28, 2007.

Thread Status:
Not open for further replies.
  1. Biscuit

    Biscuit Registered Member

    Joined:
    May 26, 2006
    Posts:
    978
    Location:
    Isle of Man
    I just visited my favourite PSU website & Nod popped up with a warning. Does anyone know if this is a real virus attack?

    http://www.enermax.com/english/index.asp
    http://farm1.static.flickr.com/154/372198828_7767b5e965_o.png

    NOD32 antivirus system information
    Virus signature database version: 2014 (2007012:cool:
    Dated: 28 January 2007
    Virus signature database build: 8902

    Information on other scanner support parts
    Advanced heuristics module version: 1.048 (20070124)
    Advanced heuristics module build: 1137
    Internet filter version: 1.002 (2004070:cool:
    Internet filter build: 1013
    Archive support module version: 1.052 (20070115)
    Archive support module build version: 1179

    Information about installed components
    NOD32 for Windows NT/2000/XP/2003/x64 - Base
    Version: 2.51.26
    NOD32 for Windows NT/2000/XP/2003/x64 - Internet support
    Version: 2.51.26
    NOD32 for Windows NT/2000/XP/2003/x64 - Standard component
    Version: 2.51.26

    Operating system information
    Platform: Windows XP
    Version: 5.1.2600 Service Pack 2
    Version of common control components: 5.82.2900
    RAM: 1024 MB
    Processor: Intel(R) Pentium(R) 4 CPU 3.20GHz (3216 MHz)
     
    Last edited by a moderator: Jan 28, 2007
  2. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    It appears on my end that the jpg extension is not an actual jpg.

    If I visit that english/upload/images/p20071286573362975.jpg link in your pic and copy all the HTML code and save it as a text file....a Jotti scan shows something is up with that sites page.

     
  3. Biscuit

    Biscuit Registered Member

    Joined:
    May 26, 2006
    Posts:
    978
    Location:
    Isle of Man
    Thanks for checking, so Enermax have got hacked?
     
  4. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    I haven't had a chance to fully look at the HTML code but a quick look thru the code and I suggest not going to that site for a bit ;)
     
  5. Biscuit

    Biscuit Registered Member

    Joined:
    May 26, 2006
    Posts:
    978
    Location:
    Isle of Man
    I sent an email to Enermax last night & got a good constructive reply from them.
     
  6. ugly

    ugly Registered Member

    Joined:
    Mar 21, 2005
    Posts:
    276
    Location:
    Romania
    that is ?
     
  7. Biscuit

    Biscuit Registered Member

    Joined:
    May 26, 2006
    Posts:
    978
    Location:
    Isle of Man
    I got a reply that they were checking with their MIS dept. They were also a little concerned how I knew the location of the "jpg" file. So I replied giving an image of the Nod32 alert with a little explanation of how it works. No further response yet.
     
Thread Status:
Not open for further replies.