Is IMON really effective?

Discussion in 'NOD32 version 2 Forum' started by Beck_, Oct 11, 2005.

Thread Status:
Not open for further replies.
  1. Beck_

    Beck_ Guest

    When I enter a crack site, for exemple, KAV detects a lot of trojans, but NOD32 does not detect anything.. why?
     
  2. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,662
    Location:
    Throughout the USA and Canada
    mine used to bring up a red screen all the time - so I silenced it - are you sure you haven't told it to terminate the connection quietly?
     
  3. Beck_

    Beck_ Guest

    Yes, I´m sure...
     
  4. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,174
    Location:
    Denmark
    What about client compatibility. Is it set to higher efficiency?
     

    Attached Files:

  5. Beck_

    Beck_ Guest

    No, its in higher compatibility
     
  6. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,456
    Have you tested it with eicar.com? Just to make sure there ain't another program interfering with IMON.
     
  7. Beck_

    Beck_ Guest

    Yes, I´ve tested with Eicar... NOD32 detected all. But when I enter a crack site, for testing, KAV detects a lot of "potentially dangerous programs", and NOD32 dont..
     
  8. Beck_

    Beck_ Guest

    In a crack site that I´ve visited for testing, KAV detected 2 malwares: the first one is a Trojan-Downloader.JS.IstBar.J and de second was a potentially dangerous program called "Exploit.HTML.CodeBaseExec".

    NOD32 detected only one, called "Trojan-Downloader.IS.IstBar.K". AMOn and IMON was setup to detect potentially dangerous programs, but did not detect them..
     
  9. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,174
    Location:
    Denmark
    Try setting it to higher efficiency and try again.
     
  10. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    163,084
    Location:
    Texas
    If that fails, submit the "viruses" to Eset to check out.
     
  11. Beck_

    Beck_ Guest

    A interesting thing: KAv detects the "Exploit.HTML.CodeBaseExec" when the realtime protection is enabled, but when I turn of the realtime protection (so the Exploit.HTML.CodeBaseExec may pass) and I do a on demand scan, KAv do not detect the "Exploit.HTML.CodeBaseExec"...
     
  12. zashita

    zashita Registered Member

    Joined:
    May 17, 2005
    Posts:
    309
    Nobody is perfect .... :D :D
     
  13. Beck_

    Beck_ Guest

    Ops.. I made a mistake... KAV detects the Exploit.HTML.CodeBaseExec on a on-demand scan...
     
  14. Beck_

    Beck_ Guest

  15. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    163,084
    Location:
    Texas
  16. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,456
    HTML exploits are not actually threats, they can only be exploited by malware to perform a malicious action.
     
  17. Beck_

    Beck_ Guest

    So its kind a false positive of KAV?
     
  18. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,456
    I wouldn't say so. For instance, the IFRAME exploit is a standard HTML tag which can be exploited in emails to open a particular website automatically whenever OE shows a preview of such an email (I reckon this was fixed with OE 6).
     
  19. Beck_

    Beck_ Guest

Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.