INNO » setup.data - error - unknown compression method

Discussion in 'ESET NOD32 Antivirus' started by harsha_mic, Mar 11, 2009.

Thread Status:
Not open for further replies.
  1. harsha_mic

    harsha_mic Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    791
    Location:
    India
    Hello All,

    I found one potentially unwanted program. when i scan with NOD32, i get the following error -
    Photocopier.exe » INNO » setup.data - error - unknown compression method

    So, Where can i submit this file, so, its compression/decompression method will be added to NOD32.

    Version: NOD32 v4, 3925 db

    Thanks,
    Harsha.
     
  2. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,736
  3. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,856
    Please contact "Marcos" via PM and provide the file, he will forward it to the appropriate engineer.
     
  4. harsha_mic

    harsha_mic Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    791
    Location:
    India
    thanks funkydude for your kind reply. I tried to PM "Marcos" but i am getting the following error. "The private messaging system is currently unavailable."

    Brummelchen, no, it is not the one. The file i am having is just 675 KB.

    When i tried to install this malicious application through Sandboxie, i got alerts from Eset NOD32. which you can see in the attached screenshot.

    Please Note: I just wanted NOD32 to support this kind of compression/decompression routine. So, there will be better chance of prevention at first hand.
     

    Attached Files:

  5. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,736
    erm sorry, wasn't the pro - is it the free?
    http://www.nicocuppen.com/pit/editor/page_detail.php?id=10103

    The installer looks familiar - wise (older version)?
    it might possible that you cant use that installer in sandboxie.

    On the other hand you can use Cuppens newer build - better setup.

    >> 675 KB

    im pretty sure that it is photocopier 2.2x (around that build). see above for newer build
     
  6. harsha_mic

    harsha_mic Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    791
    Location:
    India
    Yeah it is 2.16 version. But i am not looking for Photocopier software at all. What i just did was looking at top 10 latest threats at safeweb.norton.com. And it was listed on that.

    Anyway thanks for pointing me to the official version. It looks good.:D

    Still i cannot PM to "Marcos" or anyone. Could anyone give me the access-right. So, i can just the sample for analysis.
     
Thread Status:
Not open for further replies.