View Single Post
Old 05-05-2013, 18:05   #83
Qtx
CF's Worst Nightmare
 
Join Date: May 2012
Location: Probably outside the M25
Services: Sky Fibre Unlimited 40/10
Posts: 3,473
Qtx has a bronzed appealQtx has a bronzed appeal
Qtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appeal
Re: Security and antivirus web links

Quote:
Originally Posted by SnoopZ View Post
Avast didn't stop the download, but it detected it as a threat from a manual scan.
Then Avast is not checking websites as you visit them, which is unusual for AV's these days. It probably just checks files as they are accessed instead. This gives a lower overhead on your computer which can stop the AV slowing down lower spec pc's. This kind of protection is not as good though as a drive-by exploit could overwrite the memory space of an already running process with a dropper which then downloads the fully monty trojan. If Avast detects it at boot up its ok but until you shutdown the computer you could be infected. SO many scenarios though!

---------- Post added at 16:42 ---------- Previous post was at 16:41 ----------

Quote:
Originally Posted by iadom View Post
Is this not the same test file that has been around for many years now? I remember references to it before 2000.
Yeah it has been around for donkey years. Sort of an industry standard for simple AV check.

---------- Post added at 17:05 ---------- Previous post was at 16:42 ----------

Quote:
Originally Posted by joglynne View Post
Nice to see my Norton Internet Security removed the EICAR download virtually instantaneously. What is in that thing!!!!!
This is what is in the text file: X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H

http://en.wikipedia.org/wiki/EICAR_test_file

You can paste that line in to notepad and save it to get your av to test it too. If you like fiddling, you can do that and add/change a random letter in the file to see if the AV still detects it. Hackers (not really the term I would use) often use a cryptor to avoid AV's but many times they can just Hex-edit a single part of a virus to make it undetectable if they are lazy.
Qtx is offline   Reply With Quote