Infected JPEG not detected by NOD

Discussion in 'NOD32 version 2 Forum' started by Howard, Sep 24, 2004.

Thread Status:
Not open for further replies.
  1. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,434
    I'm sorry to hear that - Eset's response to threats is immediate - in the case of a fast spreading worm it's not a problem for us to make an update in the middle of the night even on Saturday or Sunday.
     
  2. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Thanks Marcos, I think it us understood that the response to threats are immediate, I think more the discussion was towards 7 day, 24hr support, like the big players already have... It's the weekend siesta that is the concern ;) And no, I'm not volunteering to do the weekend shift ;)

    Cheers :D
     
  3. jan

    jan Former Eset Moderator

    Joined:
    Oct 25, 2002
    Posts:
    804
    Hi Blackspear,

    >I think it us understood that the response to threats are immediate, I think more the discussion was towards 7 day, 24hr support,

    The new staff is coming, so it's close.

    Thanks,

    jan
     
  4. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Hi Jan, thanks for your reply, are you indicating that Eset are about to launch 7 day/ 24 hour Tech Support?

    Cheers :D
     
  5. jan

    jan Former Eset Moderator

    Joined:
    Oct 25, 2002
    Posts:
    804
    Hi Blackspear,

    >are you indicating that Eset are about to launch 7 day/ 24 hour Tech Support?

    Yes - it can take some time to get more people and set it up - we'll do our best to make it as short as possible.

    Rgds.,

    jan
     
  6. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Thanks Jan, and it is understood regarding training people up...

    Cheers :D
     
  7. rumpstah

    rumpstah Registered Member

    Joined:
    Mar 19, 2003
    Posts:
    486
    AP4 now detected! ;)

    NOD32 - v.1.880 (2004092:cool:
    Virus signature database updates:
    Exploit.IE.Crashsos


     
  8. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA

    http://www.virustotal.com/flash/index_en.html

    BitDefender 7 09.28.2004 -
    ClamWin devel-20040822 09.28.2004 -
    F-Prot 3.15a 09.28.2004 -
    Kaspersky 4.0.2.24 09.28.2004 Exploit.IE.Crashsos
    McAfee 4395 09.28.2004 -
    NOD32v2 1.88 09.28.2004 Exploit.IE.Crashsos
    Norman 5.70.10 09.28.2004 -
    Panda 7.02.00 09.28.2004 -
    Sybari 7.5.1314 09.28.2004 -
    Symantec 8 09.27.2004 -
    TrendMicro 7.1 09.26.2004 -
     
  9. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    NOD and KAV lead the way!!
     
  10. john smith

    john smith Registered Member

    Joined:
    Jun 14, 2003
    Posts:
    59
    This seems a little odd, since KAV's online scanner detected the A4.jpg as an exploit trojan on 25SEP05 (and possibly earlier... I don't know), though I don't recall the name they gave it. Symantec, with all its resources, wasn't all that
    speedy either.

    Is it reasonable to assume that the response time was a bit slow because this particular trojan represented more of a nuisance than a major threat? It does make sense to prioritize viruses/trojans/whatever based on the damage they might cause.

    John Smith, happy NOD32 user
     
  11. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Hey John Smith, if you are talking about the dates your are seeing in Stan999's posting i.e. Kaspersky 4.0.2.24 09.28.2004 and NOD32v2 1.88 09.28.2004, I think you will find this is the latest virus signature update date that they are using...

    Hope this helps...

    Cheers :D
     
  12. john smith

    john smith Registered Member

    Joined:
    Jun 14, 2003
    Posts:
    59
    D'oh! It helps. Sorry I misunderstood the posting.

    j.s.
     
  13. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    No problem, it happens to us all ;)

    Cheers :D
     
  14. Jari

    Jari Guest

    Now Nod detects the file (tested with the original ap4.jpg site), but even if I push "Terminate" IE shuts down. NOT a satifactory solution.
     
  15. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA
    That happens in the "Higher compatibility" setting but IE will stay open if you choose the "Higher efficiency" setting.
     
  16. Jari

    Jari Guest

    Yes, it helps. Nod seems to forget my settings. Everything was on higher compatibility, even I had changed them before.
     
  17. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA
    I believe when they pushed the 2.12.2 version it reset everything to "higher compatibility".
     
  18. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    The new release about to come out, 2.12.3 will have "Higher Efficiency" as a default setting...

    Hope this helps...

    Cheers :D
     
  19. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    105,502
    Location:
    Texas
    Any other changes?
     
  20. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    I'm not sure on that Ron, Rumpstah is one that manages to ferret out the new features, I can’t see any major differences, other than "Higher Efficiency" as a default setting. Will have to wait for Marcos, Jan or Rumpstah to come along…

    Cheers :D
     
  21. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    105,502
    Location:
    Texas
    Thanks. I'm waiting. *puppy* *puppy* :)
     
  22. rseiler

    rseiler Registered Member

    Joined:
    Dec 22, 2003
    Posts:
    88
    Since JPG's are now apparently carriers, shouldn't the JPG extension now be included by default in AMON, perhaps with the next version?
     
  23. Jaska

    Jaska Registered Member

    Joined:
    May 7, 2004
    Posts:
    98
    The experts say these jpg-exploits can have 12 different extensions including bmp, gif, jpeg etc. So almost all graphic formats should be checked. :doubt:
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.