With avp 3.5, it's able to detect an infection in a file as it is being downloaded, and subsequently prevent it from being downloaded and saved.

Is there another av in the market that has this feature?

The other ones that i've tried allows an infected file to be downloaded first, and then prevent access if there's an attempt to open or execute it.

Thanks :)

Are you talking about archived files (ie zipped) here?

If Yes then

Pc-Cillin does this
Avast
Sophos
F-Secure
DrWeb32


Technodrome

Hi Tech,

i'm referring to downloaded attachments in general.. From what i've encountered other av s allows them to be downloaded first and then if they're infected they prevent access to them...but this is once they've been downloaded though.. i tried this with f-secure, etrust, dr. web, norton ect..


avp 3.5 doesn't do this.. it blocks infected files in the process of downloading..

Thanks

Strangly, I have ever used Kaspersky 4.0 before , but that didn't prompt the computer stop downloading anything infected files, only will react when trying to execute them. And the same thing happen to AVP 3.5.1.6 which is using now at Windows 98.

For Kaspersky 4.0, if the real time Monitor object setting chose to monitor "Archieves", then if a zip is infected, before bringing up the Winzip window, while pointing the cursor to the file in the Window Explorer, it will promptly alert that file was infected, but again the feature slow down the system tremendously and could be say very bad indeed.

For AVP 3.5, even the monitor setting chose to monitor "Archieves", and it won't alert anything while using the mouse to point to the file, only will stop excuting it when one is trying to execute or open it.

May I know what setting do you use.

For simple clarity, I just went to eicar.org website and download the test eicar file, the AVP 3.5 or Kaspersky 4.0 won't stop the computer from downloading them at all.

I was puzzling why the avp acted differently from yours?

-{ Quote: " quoting: skeptic link=board=24;threadid=6608;start=0#44057 date=1043357868]

avp 3.5 doesn't do this.. it blocks infected files in the process of downloading..
" }-

Not entirely, some of infected files (could be corrupted) are stored in browsers Temporary folder.

see picture:
http://www.wilderssecurity.com/attachments/avponspot.gif


Technodrome

Tech..

you're right with avp 3.5 in some instances infected (dormant) cookies can be stored in IE's temporary internet folders.


Alpha..

i have avp 3.5 on access monitor set to scan all files:packed, archived, all mail and mail database, and i just have the on access monitor and on demand scanner loaded.

when it comes to avp 3.5 and its ability to flag infected downloads, let me clarify things.. during downloads of email with attachment or a zip file, the download progress bar moves, but what happens afterwards is something that i've so far encountered only with avp 3.5.. in my case during the down load process itself (when the download bar is moving) avp usually detects if the file is infected, and after the download commences, in the finish download menu, it prevents the opening or saving of an infected file in question...

maybe it's just in the settings.. can other avs do this. i tried this for example with etrust ez antivirus, norton, dr web and other. they go through the process of downloading an infected zip file and lets the saving and or opening of them ..then they flag its infected.. before there's any attempt to execute it.

any ideas?