Jump to content

canadian pharma spam


Guest

Recommended Posts

21 hours ago, Marcos said:

Warp.php - detected by ESET as JS/Kryptik.BBC trojan for more than a year.

Hi Marcos,

I installed NOD 32 , v8.304 and I tried to open :hxxp://www.nageldesign-patricia.at/warp.php.

I did not get any reaction from NOD32, the site opened normally.

By contrast , when I use Bitdefender Free , I get this (see attachment)

 

Any comments?

 

Infected.jpg

Link to comment
Share on other sites

  • Most Valued Members
10 hours ago, malkil said:

its because bitdefender has been started to be best in past 3-4 years, otherwise kaspersky always topped the list.

i know this would not be the best saying as i usually say, av test, av comparitives, top ten reviews, pc world, softpedia have always rated bitdefender as the best, second being kaspersky and norton

When i used BitDefender i liked the fact that it didn't slow my computer down. I regularly took part in the new Beta versions and noticed a bug in a beta that blocked my internet and reported it. This was ignored and the bug was in the final public release and when lots of people complained they just kept asking for logs each time yet never fixing it.

That put me off. It felt like it was still a beta released far too early. The program also liked to crash and at one point the programs design changed each new version. It put me off. I suppose its like Norton. Norton is apparently far better than the resource hog it once wad but it got a bad reputation for itself. 

Link to comment
Share on other sites

  • Administrators

@MSE

Block without the url being on the list of allowed websites:

block1.png

Detection with the url on the allowed list of URLs:

block2.png

 

Is the eicar test file detected on your machine by web access protection when attempting to download it from http://www.eicar.org/download/eicar_com.zip ?

Link to comment
Share on other sites

Additionally recommended to verify that all Eset web filtering functionality is operational are the tests given at this web site: http://amtso.org/feature-settings-check-for-desktop-solutions/

Also, it goes without saying that running multiple realtime security solutions with web filtering monitoring could be causing conflicts.

Link to comment
Share on other sites

12 hours ago, Marcos said:

Oh no, a test performed by scanning files without further checking them with analysts if they are really malicious and if should be detected? I'd bet that checking them would reveal that at least 99% of them are not subject to detection. Feel free to drop me a link to an archive with those files so that I can check them out.

I gave you a Kudos for patience on this one. I know you are aware of this but I am posting the below for general forum consumption.

There are a bunch of "amateur" malware testers over at malwaretips.com. Appears most have subscribed to the current prevalent philosophy that all the current AV Labs tests are "rigged" or in some way biased. Where I am not one to emphatically state that this kind of stuff has never occurred in the past, it for the most part involved basically "stacking the malware sample deck" so to speak to favor one vendor's detection methods over a select group of other vendors in the context of a commissioned(paid) specific vendor test request. However, one thing that AV Labs do right is to properly set up the malware testing environment and overall sample selection applicable to the specific detection category being tested. Furthermore, AV Labs always publish the detail test methodology used along with the test results.   

Link to comment
Share on other sites

  • Administrators
2 hours ago, TomFace said:

I think this thread need to be locked.

I agree. Drawing the topic to a close. So far I've checked 2 archives provided by malkil and all files but one were detected. The undetected file was clean and the vendors that reported it were wrong and reported a false positive. Waiting for malkil to provide me with actually undetected samples via a pm.

Link to comment
Share on other sites

  • Marcos locked this topic
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...