Is IMON really effective?

Discussion in 'NOD32 version 2 Forum' started by Beck_, Oct 11, 2005.

Thread Status:
Not open for further replies.
  1. Beck_

    Beck_ Guest

    When I enter a crack site, for exemple, KAV detects a lot of trojans, but NOD32 does not detect anything.. why?
     
  2. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,640
    Location:
    Throughout the USA and Canada
    mine used to bring up a red screen all the time - so I silenced it - are you sure you haven't told it to terminate the connection quietly?
     
  3. Beck_

    Beck_ Guest

    Yes, I´m sure...
     
  4. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,148
    Location:
    Denmark
    What about client compatibility. Is it set to higher efficiency?
     

    Attached Files:

  5. Beck_

    Beck_ Guest

    No, its in higher compatibility
     
  6. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Have you tested it with eicar.com? Just to make sure there ain't another program interfering with IMON.
     
  7. Beck_

    Beck_ Guest

    Yes, I´ve tested with Eicar... NOD32 detected all. But when I enter a crack site, for testing, KAV detects a lot of "potentially dangerous programs", and NOD32 dont..
     
  8. Beck_

    Beck_ Guest

    In a crack site that I´ve visited for testing, KAV detected 2 malwares: the first one is a Trojan-Downloader.JS.IstBar.J and de second was a potentially dangerous program called "Exploit.HTML.CodeBaseExec".

    NOD32 detected only one, called "Trojan-Downloader.IS.IstBar.K". AMOn and IMON was setup to detect potentially dangerous programs, but did not detect them..
     
  9. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,148
    Location:
    Denmark
    Try setting it to higher efficiency and try again.
     
  10. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,719
    Location:
    Texas
    If that fails, submit the "viruses" to Eset to check out.
     
  11. Beck_

    Beck_ Guest

    A interesting thing: KAv detects the "Exploit.HTML.CodeBaseExec" when the realtime protection is enabled, but when I turn of the realtime protection (so the Exploit.HTML.CodeBaseExec may pass) and I do a on demand scan, KAv do not detect the "Exploit.HTML.CodeBaseExec"...
     
  12. zashita

    zashita Registered Member

    Joined:
    May 17, 2005
    Posts:
    309
    Nobody is perfect .... :D :D
     
  13. Beck_

    Beck_ Guest

    Ops.. I made a mistake... KAV detects the Exploit.HTML.CodeBaseExec on a on-demand scan...
     
  14. Beck_

    Beck_ Guest

  15. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,719
    Location:
    Texas
  16. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    HTML exploits are not actually threats, they can only be exploited by malware to perform a malicious action.
     
  17. Beck_

    Beck_ Guest

    So its kind a false positive of KAV?
     
  18. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    I wouldn't say so. For instance, the IFRAME exploit is a standard HTML tag which can be exploited in emails to open a particular website automatically whenever OE shows a preview of such an email (I reckon this was fixed with OE 6).
     
  19. Beck_

    Beck_ Guest

Thread Status:
Not open for further replies.