New

Discussion in 'NOD32 version 2 Forum' started by testg, Oct 16, 2003.

Thread Status:
Not open for further replies.
  1. testg

    testg Guest

    Norton found it but nothing else did.
    it's in c:\winnt\system32 it's updatewiz.exe
     
  2. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,878
    Location:
    New England
    What did Norton say it is? (What malware?)
     
  3. testg

    testg Guest

    I believe it was trojan.adclicker or something like that. I forgot it, plus am not at my home pc. But I did send a sample to the Eset, nsclean and tds.
    It was running in my memory and takeing up ~30mb of space.
     
  4. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,878
    Location:
    New England
    Ah, very good. Thanks.
     
  5. GuruGuy

    GuruGuy Guest

    http://securityresponse.symantec.com/avcenter/venc/data/trojan.adclicker.html

    This was discovered on Sep 12, 2003!

    Are you using the current version of NOD32 with the latest updates? If so, why isn't this detected by NOD32o_O??
     
  6. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    Hello,
    None AntiVirus detect the 100 % of the viruses, trojans, worms, etc. NAV can detect viruses that NOD not, and NOD can detect viruses that also NAV not detect.
    It's relative.
     
  7. testg

    testg Guest

    Yes I am using the newest reference files 1.535 with /ah flag.
    I am not exactly sure of the trojan name but that is what I recall the name being. And the trojan was detected by Symanted in Sept 12, 2002, updated in July of 2003.
    NSClean didn't detect it, neither did TDS-3 nor Kaspersky, NOR bitdefender so You might as well exuse NOD32, but was amazed that Norton did, I've tried sending it through yahoo which didn't let me since Norton picked it up again so I had to compress it.
     
  8. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    Hello,
    If possible, compress it with password.
    Don't forgive if you send it, put the password in the message :D
    And if you want, send me it via MSN, or ICQ and I send it to the AV companies that you want. :)
     
  9. testg

    testg Guest

    Any news from the Eset team?
     
  10. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Doesn't look like adclicker to me; did you notice winpup32.exe" on your system?

    As for Eset: in case this one turns out to be a real new nastie, it will be added to the database. Sure looks like it, since you did mention BOClean, TDS3 and KAV not detecting it.

    regards.

    paul
     
  11. testg

    testg Guest

    So I guess it was adclicker.

    it was added in the oct 20th upate.
    Win32/AdClicker.B


    4 months late but at least it's there. :)
     
  12. sig

    sig Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    716
    "4 months late?" NOD already detected at least one version of adclicker weeks ago.

    As for this version.....how do you figure 4 months? Or did you mean to say 4 weeks from the time Symantec added this? ;)
     
  13. Q Section

    Q Section Registered Member

    Joined:
    Feb 5, 2003
    Posts:
    771
    Location:
    Headquarters - London & Field Offices -Worldwide
    Who claimed NOD32 is supposed to catch trojans now? It is known that some are caught by NOD32 but since it is an anti-virus program it seems very good to even catch any trojans.
     
  14. sig

    sig Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    716
    "Who claimed NOD32 is supposed to catch trojans now?"

    Well, ESET does: "Viruses, worms, trojans and other malware are kept out of striking distance of your valuable data. Advanced detection methods implemented in the software even provide protection against the future threats from most of the new worms and viruses. " http://www.nod32.com/products/products.htm

    Additionally from their site regarding the Checkmark certification:

    "The Checkmark certification of NOD32 for Windows 2003 to AV [Anti-Virus] Levels 1,2 and Trojan, is the hallmark of a company whose philosophy is to be a cutting-edge AV developer," commented Chris Thomas, Operations Director of West Coast Labs, in a statement announcing the results.
    “West Coast Labs’ certification process represents the true test of an antivirus product’s capability to detect viruses, worms, and Trojans. http://www.nod32.com/news/awards.htm

    Perhaps they should change the language to "most common trojans." But ESET does indeed claim to provide protection against Trojans....
     
  15. Q Section

    Q Section Registered Member

    Joined:
    Feb 5, 2003
    Posts:
    771
    Location:
    Headquarters - London & Field Offices -Worldwide
    It certainly seems beneficial to pay attention to the actual product description page! :oops:

    Best wishes
     
  16. hayc59

    hayc59 Guest

    Q you da man!! :D
     
Thread Status:
Not open for further replies.