nod32

Discussion in 'NOD32 version 2 Forum' started by ashishtx, Oct 7, 2005.

Thread Status:
Not open for further replies.
  1. ashishtx

    ashishtx Registered Member

    Joined:
    Oct 7, 2005
    Posts:
    389
    Location:
    Houston,Texas
    i tested nod32 for a trojan on firewallleaktester.com. although it is for firewall testing,almost every antivirus i have tested detected copycat.exe as a trojan. nod32 could not recognise it. i even found its name in viruslist.com as below
    Exploit.Win32.Copycat.a
    Aliases
    Exploit.Win32.Copycat.a (Kaspersky Lab) is also known as: Exploit.Win32.Copycat ( Kaspersky Lab), TROJ_COPYCAT.A (Trend Micro)

    i even scaned that file with nod32 but yet it did not detected as a threat.
     
  2. Capp

    Capp Registered Member

    Joined:
    Oct 16, 2004
    Posts:
    2,125
    Location:
    United States
    is the copycat.exe file a "test file" kind of like the eicar testing files?

    if it is not a real threat, nod32 may not detect it because it knows it will not cause any harm.

    if it is a real threat, submit the file to sample@nod32.com so they can analyze it.
     
  3. ashishtx

    ashishtx Registered Member

    Joined:
    Oct 7, 2005
    Posts:
    389
    Location:
    Houston,Texas
    i told the eset tech support,but they said that it does not effect windows xp.
    but i have got the details below

    CopyCat





    Overview
    Vendor Description
    from the doc: 'Like Thermite, copycat uses direct code injection (without creating an additional thread) into a web browser to prevent to be catched by firewall.'

    Alias
    Hacktool Program [Panda],

    Category
    Probe Tool : A tool that explores another system, looking for vulnerabilities. While these can be used by security managers, wishing to shore up their security, the tools are as likely used by attackers to evaluate where to start an attack. An example is an NT Security Scanner.

    Misc Tool: Any tool that might be used in planning an attack on a system, developing tools for such an attack, or performing it.





    Origins
    Author
    BugsBunny

    Email
    bugsbunny@e-mail.ru

    URL
    http://mc.webm.ru/

    Date of Origin

    Author
    BugsBunny

    Email
    bugsbunny@e-mail.ru

    URL
    http://mc.webm.ru/

    Date of Origin
    February, 2004
     
  4. Bandicoot

    Bandicoot Eset Staff

    Joined:
    Mar 23, 2004
    Posts:
    297
    Location:
    California
    Hi ashishtx,

    Have you sent a sample of this file (archived and encrypted - tell the lab what password you chose) with a brief explanation to sample@eset.com?

    Bandicoot.
     
Thread Status:
Not open for further replies.