Win32/Adware.Gator.A

Discussion in 'NOD32 version 2 Forum' started by fosius, Oct 31, 2004.

Thread Status:
Not open for further replies.
  1. fosius

    fosius Registered Member

    Joined:
    Oct 14, 2004
    Posts:
    479
    Location:
    Partizanske, Slovakia
    hi!

    i dont understand. My IMON HTTP settings are set to HIGH EFFECIENCY. I ran NOD32 on-demand skener, and it has found a Win32/Adware.Gator.A running in memory. I try to manipulate with file and nothing's happened. AMON has not denied the access to this file, why AMON doesnt detect this Adware application and NOD32 on-demand yeso_O THANKS
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,770
    Location:
    Texas
    fosius

    That's the first time I've seen spyware actually caught by NOD.
    Did you try a scan using the clean mode? Or did you try scanning in the safe mode?
     
  3. rumpstah

    rumpstah Registered Member

    Joined:
    Mar 19, 2003
    Posts:
    486
    Hi fosius:

    Neither IMON nor Amon detects "Potentially dangerous applications" (which classification this application falls under), the on-demand scanner does. Running the on-demand scanner in safe mode with the Potentially dangerous applications piece chosen, should remove the application.

    I hope this helps.

     
  4. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    For "Potentially dangerous applications" see post number 14 here under "Diagnostic Methods"

    Hope this helps...

    Cheers :D
     
  5. fosius

    fosius Registered Member

    Joined:
    Oct 14, 2004
    Posts:
    479
    Location:
    Partizanske, Slovakia
    NOD caught it in normal mode. NOD32 deleted it, but why IMON and AMON doesn't detect it? Eset is not able to do it? IMON and AMON should detect it, because now are potencially dangerous applications able to slip trough IMON and AMON. It should be added to both modules of NOD32 antivirus.
     
  6. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Agreed, however, Nod32 is an Anti-Virus program, these are new detections being added by Eset.

    I still believe in having a layered defense, you may want to take a look here for discussion on security and how to make your system that much stronger, and here for further discussions.

    Hope this helps…

    Cheers :D
     
  7. rumpstah

    rumpstah Registered Member

    Joined:
    Mar 19, 2003
    Posts:
    486
    Suppose IMON and AMON could detect those types of files. Some people actually run e.g. WebEx which is a "Potentially dangerous application" but a valid one in their circumstance (for support from vendors). Now a company (Eset) places themselves in the "suing" arena since users of NOD32 would be deleting WebEx's product through automation of tasks (IMON and AMON). This is the reason for the separate "Potentially dangerous applications". IMON and AMON are set for "dangerous" malware.

    Talk about an excluding nightmare. Some companies are already suing other antivirus companies because through the "EULA" (whether you read it or not), a user is granting permission to install their software (or other software by installing theirs).

    I believe Eset made a good company decision by placing these types of programs under the heading of "Potentially dangerous applications". Whether the end user "agrees" or not I am sure it was well thought out given the events that have surrounded Adware (and its removal).

    My 2¢

     
  8. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Good point Rumpstah.

    CHeers :D
     
Thread Status:
Not open for further replies.