canadian pharma spam

[Guest]

websites not blocked by eset

hxxp://www.curingtabsmall.su/

hxxp://aaasagv.webfportal.su/

www.mfkecyz.webgportal.su

hxxp://onlytrustweb.su/

hxxp://www.nageldesign-patricia.at/warp.php

[itman 1,659]

I checked the web sites listed at Virus Total and all are 100% clean.

[Guest]

@itman thanks for the reply, if you are a staff member then thanks for the help, and if not then i would like you to consider this:

 

when it comes to URLs Virus Total is NOT a good verification tool.

Virus Total is good for files because every file has a unique and static checksum value.  If a file is altered it has a new  checksum value. 

Web sites, on the other hand, can change at-will.  Each web site may have a specific singular or multiple URLs that lead to some kind of malicious or fraudulent content.  There is no unique and static checksum value associated with any URL.  Unlike a file with a static presence, web sites are dynamic.  Not only can the content be changed at any moment in time, the content may be rendered and presented differently based upon such factors as;  GeoIP, User-Agent and/or Browser client, IP address blockage tables and/or the existence of a specific Referral URL or the lack of a Referral URL.  Or the content may be rendered and presented differently based a specific combination of factors.

Here is a perfect example...

hxxp://www.toddsplanet.com/wp-admin/css/.bt

That is a IP Address Block List.

The above site is compromised and is serving up both Malware and Phish content.  If you are on an IP in that table, you will not have access to that malicious content.

 

Thanks

[Marcos 5,070]

This forum is not meant to be a means for reporting undetected samples or urls. For instructions how to report them to ESET Research Lab, follow the instructions in the appropriate KB which is also listed in the FAQ section at the right-hand part of this forum.

We kindly ask you to stop posting disallowed stuff here as breaking TOS repeatedly may result in account ban.

We are not going to block the links just because they offer pharmacy and do not serve any malicious or scam content.

[novice 20]

Maybe OP is right;

When I try to access :hxxp://www.nageldesign-patricia.at/warp.php, Bitdefender blocks access to the site; if I insist in going there , the following detection appears  (see attachment)

 

 

[itman 1,659]

34 minutes ago, MSE said:

When I try to access :hxxp://www.nageldesign-patricia.at/warp.php, Bitdefender blocks access to the site; if I insist in going there , the following detection appears  (see attachment)

I have had multiple like detections by Eset on attempted web site drive-by download activity. Eset will detect the malware via its web filter. The same web site showed as clean by all engines used by VT URL scanning.

In the below screen shot, web site was trying to download Cerber ransomware:

 

Edited August 13, 2017 by itman

[novice 20]

Do you have a detection for :hxxp://www.nageldesign-patricia.at/warp.php??

 

The screenshot provided  is from March 30, 2017

[Guest]

it's better to use bitdefender, since there is no match between bitdefender and eset, bitdefender has always been one of the best product of all times. 

only kaspersky, trend micro and norton can match its detection level.

talking about detection of phishing links , then you sshould use bitdefender with malwarebytes as they both are the best website to stop phishing websites.

i am not saying eset is worst, it is good but it is not anywhere in competition to bitdefener, kaspersky or norton which always get 100% detection and i have never ever seen eset getting 100% detection from any of the testing companies.

i am waiting for that day when eset will also be in the list of 100% detection group

[Guest]

@MSE use bitdefender(paid or free) with malwarebytes premium and you are good to go

[Marcos 5,070]

Warp.php - detected by ESET as JS/Kryptik.BBC trojan for more than a year.

[SCR 195]

Nothing is 100% effective 100% of the time. They may score 100% in "tests" but in a real world situation things are different. So if they say they are 100% effective 100% of real world time I would tend to not believe the claim, just my opinion.

I've been using Eset for 10 or more years and have never been infected Does this mean Eset is 100% effective? Actually no and neither is anything else.

Edited August 14, 2017 by SCR
Grammar

[Guest]

yes i totally agree with you mate, talking about real world detections you have the results from av comparitives which continiously do real world protection test and av test which continiously do sample testing .

 

my point is based on testing companies because they are thebedt one in doing the testing.

thanks

[itman 1,659]

Back in April, 2017, AVLab in Poland ran a custom test  against security software to test their effectiveness against web delivered malware. Guess who scored 100%? Eset Smart Security and Endpoint.

These unsubstantiated discussions about Eset not being as effective, or in most test cases more effective, than its competitors are "really getting old." If one "believes" another security product provides better protection, then by all means use that product and spare us all the effort and waste of time to show Eset is equal to or better than those products.

Quote

 

Attack scenario

In the test carried out in middle April 2017, we used a virtual Windows 10 x64 system located in Poland. Computer which performed controlled attacks was located in France.

The essental tools needed to get remote access victim computer are as follows:

∙ Malicious software, undetectable for most antivirus application.

∙ Exploit for Firefox browser (CVE 2016‐9079).

∙ Metasploit which was an instrument of consolidating the whole attack procedure (a system penetration, file theat, additional malicious files download, a system registry modification using a PowerShell interpreter).

The URL address which contained an exploit, may be placed on a victim’s workstation through various social engineering methods. For the test purposes, a link to malicious website was simply run by a tester in a browser

 

https://avlab.pl/sites/default/files/68files/avlab_drive_by_download_test_en.pdf

[SCR 195]

2 hours ago, malkil said:

 

my point is based on testing companies because they are thebedt one in doing the testing.

thanks

Not all "testing companies" are created equal. I take what they report with as much weight as I do the latest news headlines which are created to sell newspapers.

[itman 1,659]

3 hours ago, malkil said:

yes i totally agree with you mate, talking about real world detections you have the results from av comparitives which continiously do real world protection test and av test which continiously do sample testing .

In this regard, AV-Test notes that each day 390,000 new malware are created on a daily basis: https://www.av-test.org/en/statistics/ . A-V Comparatives chose less than 400 as being representative of the above in their Real Time test. So, draw your conclusions on how effective this test is in determining a security product's effectiveness against all malware in existence.

Edited August 14, 2017 by itman

[cyberhash 188]

The av-comparatives and av-test/av-lab results raise their head in these forums on a near weekly basis. Would be nice if people used them as reference material, rather than quoting them as fact.

As has been discussed previously and noted by @SCR above , nothing gives 100% protection 100% of the time. Likewise these reports are not 100% accurate, 100% of the time, all the time.

And on lighthearted note, i would never visit a Canadian pharma website ...... never had a floppy since dos 6.22

[TomFace 539]

1 hour ago, cyberhash said:

The av-comparatives and av-test/av-lab results raise their head in these forums on a near weekly basis. Would be nice if people used them as reference material, rather than quoting them as fact.

As has been discussed previously and noted by @SCR above , nothing gives 100% protection 100% of the time. Likewise these reports are not 100% accurate, 100% of the time, all the time.

And on lighthearted note, i would never visit a Canadian pharma website ...... never had a floppy since dos 6.22

Yes it's the same ole/same ole. It used to be quoted as fact every 3 weeks, so this is a regression (going to every week...15 minutes of fame?). Usually you can get these kind of facts in the supermarket tabloids like the Sun or Star.

By the way, most likely the folks who run the Canadian pharma website are probably related to the Indian (as in next to Pakistan, Nepal and Bangladesh) telephone scammers who sell fraudulent everything (from IRS scams to fake Microsoft support).

Edited August 14, 2017 by TomFace

[peteyt 393]

13 hours ago, malkil said:

it's better to use bitdefender, since there is no match between bitdefender and eset, bitdefender has always been one of the best product of all times. 

only kaspersky, trend micro and norton can match its detection level.

talking about detection of phishing links , then you sshould use bitdefender with malwarebytes as they both are the best website to stop phishing websites.

i am not saying eset is worst, it is good but it is not anywhere in competition to bitdefener, kaspersky or norton which always get 100% detection and i have never ever seen eset getting 100% detection from any of the testing companies.

i am waiting for that day when eset will also be in the list of 100% detection group

Sadly i had a bad experience with BitDefender a few years ago and it put me off for good.

Edited August 14, 2017 by peteyt

[Guest]

its because bitdefender has been started to be best in past 3-4 years, otherwise kaspersky always topped the list.

i know this would not be the best saying as i usually say, av test, av comparitives, top ten reviews, pc world, softpedia have always rated bitdefender as the best, second being kaspersky and norton

[cyberhash 188]

@malkil

Depends on what you define "personally" as being best. Every now and again i tend to try/test other suites like Kaspersky and Bitdefender.

Installed both KIS2017 and Bitdefender over the past month and neither of them found any issues whatsoever when scanning after removing my ESET product. So ESET had me covered all the time

Both Kaspersky and Bitdefender are good enough products but lack any decent configuration options. Your choices are very limited on both these suites. ESET has a good auto mode for novices but also allows more experienced users to be a little more creative when it comes to configuring the whole product.

Have not even tried an Symantec product for over 12 years now as it was always plagued with poor detection and performance issues, so i have no clue as to how Norton is nowadays.

ESET offers more out of the box as a whole package than the others do.

You should use a trial version of KIS or Bitdefender and see for yourself, just how limited and frustrating these packages are with the configuration. With pretty much identical detection rates as ESET has.

 

[Guest]

@cyberhash hey mate all big programs are bugy, but there detections are very very much acurate i must say.

norton on the other hand is a very well best alternate competitor to kaspersky and bitdefender.

there was a time when norton ruled but as of now norton i must say is a good product but not as good as the above stated , the scan speed is good , but it takes so much time in removal of malware if running on demand scan.

 

here is the thing, i had 9000 samples of malware, ransomware( including petya, wannacry) etc

tested product - bitdefender, eset, kaspersky, malwarebytes, norton.

all product settings were made to delete the file as soon as it is detected.

 

here were the leftover files after the test out of 9000.

bitdefender - 14

eset -1653

kaspersky - 153

norton - 24

malwarebytes - 3234

 

i could have used bitdefender , but it is as buggy as kaspersky as norton.

i am thinking of using bitdefender free version but as of now i am in touch with there customer support as to whether free version gives protection against ransomware or not, if it would have been giving , i will go with bitdefender + malwarebytes and zamena antimalware as a cloud based scanner( uses multiple virus companies engine).

[cyberhash 188]

I don't see how your post has any relevance to what these forums are intended for.

These are help/assistance forums for ESET products and not designed to become some type of competition or product endorsement.

You started the thread regarding some url's to some pharma websites and have now escalated it to your own personal AV suite test and review(with dubious results).

These forums are viewed by a lot of people across the globe and what you are implying is that ESET is offering vastly inferior products to its rivals, which simply isn't the case.

You should maybe email the details/evidence of the tests that you ran(including links to the samples you used) to each vendor and get a response from them directly instead.

 

[Marcos 5,070]

5 hours ago, malkil said:

here is the thing, i had 9000 samples of malware, ransomware( including petya, wannacry) etc
tested product - bitdefender, eset, kaspersky, malwarebytes, norton.
all product settings were made to delete the file as soon as it is detected.

here were the leftover files after the test out of 9000.
bitdefender - 14
eset -1653
kaspersky - 153
norton - 24
malwarebytes - 3234

Oh no, a test performed by scanning files without further checking them with analysts if they are really malicious and if should be detected? I'd bet that checking them would reveal that at least 99% of them are not subject to detection. Feel free to drop me a link to an archive with those files so that I can check them out.

[TomFace 539]

37 minutes ago, cyberhash said:

I don't see how your post has any relevance to what these forums are intended for.

These are help/assistance forums for ESET products and not designed to become some type of competition or product endorsement.

You started the thread regarding some url's to some pharma websites and have now escalated it to your own personal AV suite test and review(with dubious results).

These forums are viewed by a lot of people across the globe and what you are implying is that ESET is offering vastly inferior products to its rivals, which simply isn't the case.

You should maybe email the details/evidence of the tests that you ran(including links to the samples you used) to each vendor and get a response from them directly instead.

 

It appears the OP's current position in this forum is "pot stirrer".

[Marcos 5,070]

I'll wait for the files to show that more detected files do not mean higher program quality or detection since it's a myth that some users still believe in. Then we'll close the topic.