Firstly, I was wondering why TDS won't detect the following file:
http://www.eicar.org/download/eicarcom2.zip, even though I use Scan Control (with the EICAR option and compressed files option ticked)?


Secondly, a recent scan came up with two NTFS ADS results. One was in a .mid file and the other was in the .exe installation file for the chat prgram Trillian. I was wondering what I should do about these? I can't see anything harmful actually being in Trillian as it's one of the most popular and widely used chat programs as it combines ICQ, AIM, MSN, Yahoo etc. into one program. Still, any advice and/or suggestions would be greatly appreciated. The same goes for my first question. ;)


Thanks.

Hi Mystik_TK, In scan control ensure that you have all scan options enabled.

Streams smaller than about 128 bytes can be ignored as they ar not considered dangerous by DCS, many image files will add streams related to thumbs.db

HTH Pilli

Yes, I have all the options enabled. Still, EICAR isn't being detected.

I'm going to go back and check the file size of the streams.

Thanks.

-{ Quote: "even though I use Scan Control (with the EICAR option and compressed files option ticked)?
" }-

Will the compressed files option detect double zipped files which that test file is?

-{ Quote: "Will the compressed files option detect double zipped files which that test file is?" }-

I was thinking that, myself, although I figured that a program as advanced as TDS would have that ability.

Next time I do a scan, I'm going to download all four available EICAR files as a test to see if it detects it in the other three.