antivirus - Page 2

fosius · #26 April 8th, 2007, 08:31 AM

Quote:

Originally Posted by cupez80

where ? i cant find it

Settings -> Antivirus protection -> Resident protection -> Run editor of extensions -> And Metods..

But I use Slovak version so the translation doesn't have to be the same..

Alith · #27 April 8th, 2007, 01:11 PM

Thanks for the link to Beta MNKid.

rogervernon · #28 April 8th, 2007, 01:13 PM

The anti-virus failed to detect this Eicar test file, sent as an attachment to an email from Panda. The event did not appear in the log files either.
Here is`a screen shot pf part of Panda's email to me, showing the test as a Word document as the attachment. When executed , Word opens & shows a small picture labeled "Eicar"
http://i115.photobucket.com/albums/n.../EicarTest.jpg

cupez80 · #29 April 8th, 2007, 09:22 PM

Quote:

Originally Posted by fosius

Settings -> Antivirus protection -> Resident protection -> Run editor of extensions -> And Metods..

But I use Slovak version so the translation doesn't have to be the same..

that not what i mean. in version 2.x even you activated Advanced Heuristic it wont scan file on-execution. what im asking is AH enabled on-execution not only on-create and on-modification

Sjoeii · #30 April 8th, 2007, 10:07 PM

Quote:

Originally Posted by rogervernon

The anti-virus failed to detect this Eicar test file, sent as an attachment to an email from Panda. The event did not appear in the log files either.
Here is`a screen shot pf part of Panda's email to me, showing the test as a Word document as the attachment. When executed , Word opens & shows a small picture labeled "Eicar"
http://i115.photobucket.com/albums/n.../EicarTest.jpg

Strange it was detected over here.
Can't confirm

lucas1985 · #31 April 9th, 2007, 01:42 AM

Quote:

Originally Posted by Firecat

The "cleaning" feature will become significant in future versions. I was told in brief about this back in 2005, and it looks very good on paper.

Are you allowed to share more info about this with us?
Thanks for this feedback

Brian N · #32 April 9th, 2007, 02:43 AM

Quote:

Originally Posted by rogervernon

The anti-virus failed to detect this Eicar test file, sent as an attachment to an email from Panda. The event did not appear in the log files either.
Here is`a screen shot pf part of Panda's email to me, showing the test as a Word document as the attachment. When executed , Word opens & shows a small picture labeled "Eicar"

Panda sends a doc file and if you take a look inside, the eicar code actually changes and so does the file size.
I've never been able to detect anything sent from Panda myself while using NOD32.
You need either a txt, com or an archive. You can also try this one instead: http://nod32sse.com/avtest.php

Firecat · #33 April 9th, 2007, 03:23 AM

Quote:

Originally Posted by lucas1985

Are you allowed to share more info about this with us?
Thanks for this feedback

I wasn't told too much about it anyway, but there was talk about a "special cleaning" mechanism, which would be able to at least partially remove even unknown malware (i.e. heuristic detections). Registry entries of even heuristic detections may be cleaned and perhaps other leftovers too.

lucas1985 · #34 April 9th, 2007, 04:59 PM

Thanks Firecat

#35 April 9th, 2007, 05:04 PM

Quote:

Originally Posted by Brian N

I've never been able to detect anything sent from Panda myself while using NOD32

Oh , no , I tried this test of theirs while I was using their products (Titanium and Platinum 2005/2006) . I always received the email and it never got detected by Panda . Which is very silly because they say "if your securiry products misses it then buy our products" ...

and a loopback ... Tests on eicar.org always work with all AVs but in a DOC , the strings gets changed , I think

Doc Serenity · #36 April 9th, 2007, 05:27 PM

Quote:

Originally Posted by Brian N

Panda sends a doc file and if you take a look inside, the eicar code actually changes and so does the file size.
I've never been able to detect anything sent from Panda myself while using NOD32.
You need either a txt, com or an archive. You can also try this one instead: http://nod32sse.com/avtest.php

This could definitely mess with my serenity. If I unserstand you correctly, the av I'm using and really like has not been able to deal w/Panda's tests.
I'm suddenly feeling more than a little concerned.
Doc

Brian N · #37 April 9th, 2007, 05:34 PM

Quote:

Originally Posted by Doc Serenity

This could definitely mess with my serenity. If I unserstand you correctly, the av I'm using and really like has not been able to deal w/Panda's tests.
I'm suddenly feeling more than a little concerned.
Doc

It won't detect it because it's not an eicar test after it's been altered by the doc. If they made regular txt or archives, there wouldn't be a problem with their tests.

And there's no need to worry really - Normal eicar tests are detected by NOD32 just fine.

Doc Serenity · #38 April 9th, 2007, 10:06 PM

Thank you.
All better now.
Doc

rogervernon · #39 April 10th, 2007, 09:17 AM

I re-loaded AVG anti spyware and on a scan it found this:- Win32.Worm.Luder.
This had not been found by either ESS or KIS on regular scans.
Could it have been lurking in Sys Restore? Can ESS scan there?
Or is it a "falsie"?

#40 April 10th, 2007, 09:55 AM

Quote:

Originally Posted by rogervernon

Could it have been lurking in Sys Restore? Can ESS scan there?

Don't know where it is , you only know . Yes , ESS can scan there.

Quote:

Originally Posted by rogetvernon

Or is it a "falsie"?

Have no idea , may be . VirusTotal knows more for sure . If it appears to real malware , send a copy of it to ESET Virus Lab to email samples @ eset . com

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search