Malicious scripts in web pages

Discussion in 'NOD32 version 2 Forum' started by Buddel, Dec 1, 2003.

Thread Status:
Not open for further replies.
  1. Buddel

    Buddel Guest

    Another newbie question if you don't mind :):

    Does NOD32 protect against malicious scripts in web pages? If so, how? If not, will this be implemented in the next version of NOD32?
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Hello,

    NOD32 is capable of detecting and blocking malicious Javascript viruses in html email or other files.
     
  3. Buddel

    Buddel Guest

    It's good to know that NOD32 can detect and block this stuff. Thanks for your reply, Marcos. :D
     
  4. newnoduser

    newnoduser Guest

    Is this true for VBSript as well?
    The reason I am asking is because of the post by "iNsuRRecTioN"on September 05, 2003, at
    http://www.wilderssecurity.com/index.phpboard=39;action=display;threadid=13382

    in which iNsuRRecTioN had enclosed an attachment of the Eicar file in VBScript.
    When I ran that attachment through Nod32 (my current AV program) it didn't pick it up.When I loaded on my former AV product and ran the file that former AV product immediately caught and quarantined the Eicar which was in VBScript in that file.
    I am pretty much lost when it comes to this script stuff. I don't know whether this would have been a threat or not if it had been a real virus. Maybe someone could help me understand ?
    Would this have been a threat?
     
  5. newnoduser

    newnoduser Guest

  6. Buddel

    Buddel Guest

    Good question. Hope we will soon get an answer. ;)
     
  7. iNsuRRecTioN

    iNsuRRecTioN Registered Member

    Joined:
    Sep 5, 2003
    Posts:
    303
    Location:
    Germany
    Hi, I think there will be no answer, until eset implement this correct and full.
    I think this, sfx-archives, unpacking machines/runtime packers (Laufzeitkomprimierer), etc.. are not full implemented and coded in NOD32V2 yet, so this can take a while :D

    greetz

    bye

    iNsuRRecTioN
     
  8. mrtwolman

    mrtwolman Eset Staff Account

    Joined:
    Dec 5, 2002
    Posts:
    613
    If I remenber correctly one in the past, there was a nice flame war around when AMON (v.1) detected a "script virus" in AVP virus encyclopedia. The point was, there was a fragment of viral code posted on the respective page which was able to spread....
    NOd32 detect script viruses. But not necessary all of them.
     
  9. newnoduser

    newnoduser Guest

    Thank you.
    Well, I don’t have anything to do with "AVP". In fact , I don’t even know what it is.
    Nor have I even been a part of a flame war. Nor do I ever care to be.
    Nod is the product I have. I like it very much. I bought it on October 25. That is why I am coming to this support forum. Because I have Nod.
    And I was just asking a question.
    When I put on my old AV product and click on that file that "iNsuRRecTioN" attached to his post at https://www.wilderssecurity.com/showthread.php?t=13382

    my former AV product immediately detects and quarantines the Eicar “VBScript” file (actually----two of them each time I click on that file. Detects them as “Eicar.mod”). When I run it through Nod it does not detect anything and I was just asking if this is a problem or not. I do not know. I don’t understand this script stuff . I don’t even know what a script is. I am just a plain old home computer user. I know how to “point and click”. I do not know the answer about this script business and so I asked.
    I do know that each AV product is different and operates a bit differently. I respect any good product and also respect the differences.
    Perhaps detecting that VB Eicar is a useless thing and is pointless (like scanning out going mail seems to be a waste to me. If your computer is clean why scan outgoing mail?). So I am just asking because I am not a computer tech and I have no understanding of “script”. I don’t know what it is or what it does.
    I was just asking because when I click on that file with my former product it catches two Eicars. I don’t know if that is important or not. I have no idea. I was just asking.
    I am not knocking Nod. I like it very much. I was just wondering if this was important.
    I am just asking a question. If that had been a real virus would it have been any type of problem or would I have been safe? I have no idea. I was hoping someone would help me to understand. That is the reason I asked.
    I am not mentioning the name of my former product. It is NOT the “AVP” you mention nor is it Kapersky. I know there has been trouble with Kapersky people coming here.I have seen that in the short time I have read from this forum. I am NOT a Kapersky user.
    In fact, I “tested” it one time and took if off my computer after a few hours because it stalled my system. But I am sure it is wonderful for some people. To each his own. You find the product which is good for you.

    I am not knocking Nod or anything. I like Nod. That is why I am here on this forum. I bought Nod on Oct 25 and like it very much.
    .There are many great AV products. One finds the one they like. I am not pushing my former AV product. I didn’t even mention it’s name. But nor will I knock it. Like Nod, It is a great product run by a great and conscientious company.
    But I am using Nod these days. I came and posted my question because this is the Nod forum.
    I have no interest in flame wars. Nor would I even “knock” Nod ( or any other good AV product)
    I had a question and asked it.

    If I didn’t like and use Nod I would not be here on this forum.
    I am not a flame war person nor am I pushing any product. Nor would I ever “knock” any good AV product like Nod which is run by a good and hard working group of people.
    I was asking a question about something I did not understand. I though this was the place to do that. That is why I asked.
     
Thread Status:
Not open for further replies.